Another week and Facebook is again in the news being accused of ethical misconduct. So what is it this time? The Norwegian Consumer Council has recently published a report that outlines how big tech companies such as Facebook, Google, and Microsoft are utilizing underhanded tactics to manipulate their users. These so-titled “Dark Patterns” frequently steer users to surrender their private data to these companies.
Have you ever accidentally clicked on a webpage ad because it loaded a few seconds late and took the EXACT SPOT of what you wanted to click? Or maybe you have installed annoying bloatware because its installation was included in the “recommended express installation” of whatever you wanted to install. Both of these examples embody the spirit of Dark Patterns. They are technically-legal tactics that manipulate users into making certain decisions through deceit and/or inconvenience.
Facebook, Google, and Microsoft took to these practices after the EU passed their General Data Protection Regulation. Among other things, GDPR forces companies to explicitly tell consumers when their private data is being collected as well as gain explicit consent from consumers to do so. Third-parties are used quite a lot in businesses, this is why a third party risk management program is important to have done, to make sure that data is being used correctly and no breaching is happening, jeopardizing people’s information. These rules hit Facebook and Google especially hard, as much of their business revolves around studying consumers’ private data – e.g. custom friend recommendations or targeted ads on search engines. In order to maintain access to your data, these companies will tell you what they are doing, but they will make it difficult to turn off.
The NCC outlines a number of strategies that Facebook, Google, and to a lesser extent Microsoft are using to maintain access to your private data. One favored tactic is to hide privacy settings (which are defaulted to give full access, by the way) behind a large click wall. They simply make the process click intensive and counter-intuitive. Consumers get frustrated or bored and give up.
Another strategy is to use confusing or misleading language in their privacy pop-ups. They will tell you that they are using your data, but they will tweak the language to tone it down. These statements read like “your data may be used” and “some of your data” and “at times your data”. This manipulation is designed to make the consumer feel that the effect that they are consenting to is mild.
So what are we, the consumer, to do about this? Some people are trying for government intervention, but the results of that may be ineffective or slow at best. If you truly care about your privacy settings, your best bet at this point is to just play the game. Yes, Dark Patterns are obnoxious and aggravating, but thanks to the GDPR, the turn off options are there. We just have to work a bit to find them.
And as always, Let’s be careful out there!
-The PJ Networks Team