Reading list

"Companies selling consumer goods legally cannot underfill packages unless the empty space serves a purpose"

This pioneering work explores the legal and regulatory challenges of dark patterns and deceptive design strategies in digital environments. Mark Leiser distinguishes between surface-level UI manipulations and more profound, often hidden forms of architectural and behavioural manipulation embedded in system design. Bridging law, technology, and design, the book offers a comprehensive framework for understanding and addressing manipulative practices across platforms. It is essential reading for policymakers, legal scholars, designers, and technologists seeking to create more trustworthy digital experiences.

This study compares the effects of high-pressure sales messages on Autistic and non-autistic consumers. High pressure sales messages are those that make overstated claims; create a false sense of urgency, scarcity, or fear; or emphasize uncommon results. When the reactions of 83 Autistic individuals were compared with 79 non-autistic individuals, the Autistic individuals were less likely to recognize the sales messages as advertising, and they were more likely to feel anxious and stressed. However, there was no significant difference between the groups in their willingness to click on the ads

Chatbots on Instagram, Facebook and WhatsApp are empowered to engage in ‘romantic role-play’ that can turn explicit. Some people inside the company are concerned.

The focus of the trial at the Tokyo District Court was on the degree of obligation Amazon Japan G.K. has to police listings, and how much effort it must make to identify and remove counterfeit goods.

The European Commission found that Apple breached its anti-steering obligation under the Digital Markets Act (DMA), and that Meta breached the DMA obligation to give consumers the choice of a service that uses less of their personal data. Therefore, the Commission has fined Apple and Meta with €500 million and €200 million respectively

Summan said “like nine times out of ten” he saw more expensive prices on his phone with gift cards loaded, compared with in his wife’s app. Summan insists that he tested this in the same location, at the same time, for rides headed to the same destination. He added that he doesn’t have premium subscriptions to either service.

FTC says company enrolled consumers in subscription service and charged them without their consent, made it difficult for users to cancel

Airbnb is making the change as an FTC rule meant to crack down on so-called junk fees will become effective in the US on May 12. 2025

The UK Competitions and Markets Authority (CMA) has recently gained direct consumer enforcement powers under the DMCC Act. This means they can decide for themselves whether consumer protection laws have been infringed and they can take action via things like consumer redress and fines.

"People who deactivated Facebook for the six weeks before the election reported a 0.060 standard deviation improvement in an index of happiness, depression, and anxiety, relative to controls who deactivated for just the first of those six weeks. People who deactivated Instagram for those six weeks reported a 0.041 standard deviation improvement relative to controls."

"Many of the practices considered ‘Dark Patterns’ have long been regulated under the CAP Code. [...] there are some considerations advertisers should bear in mind to ensure they do not mislead. Here are a few examples which have come up in ASA rulings over the years."

DarkBench, a new benchmark, exposes dark design patterns like brand bias, user retention, sycophancy, anthropomorphism, harmful generation, and sneaking in LLMs from major companies, revealing manipulative behaviors that require ethical mitigation.

From 2013-23, average literacy proficiency declined in all OECD countries apart from Denmark and Finland.

This research investigates how dark patterns on social media influence user engagement and impulse buying, especially in the Middle East. It found that factors like time, effort, pleasure, and social acceptance positively impact engagement, while non-routine behavior has a negative effect. Increased engagement, in turn, leads to more impulse buying. The study emphasizes that marketers should prioritize ethical practices and transparency to maintain trust and respect user autonomy.

This paper investigates how popular online service providers handle data subject access requests under GDPR, focusing on whether they use strategies to impede these requests. An analysis of 166 websites reveals 238 instances of dark patterns hindering access requests on 68% of the sites examined.

A new framework, the Dark Pattern Analysis Framework (DPAF), introduces a comprehensive taxonomy of 64 dark pattern types, detailing their impact and scenarios. This research highlights limitations in current dark pattern detection tools and datasets, with only 50% coverage of existing dark patterns, suggesting significant room for advancement in the field.

"I used the so-called "free" tier of AWS for one day and got charged over a hundred dollars?!?!? How is that even possible?"

This research proposes an end-user-empowerment intervention approach to address UX dark patterns. It aims to help users become aware of dark patterns and their underlying intents, and to take action against them using a web augmentation approach. The study involved co-design workshops and a technology probe study to understand user needs and reactions to this empowerment.

This research identifies inappropriate uses of social design elements that manipulate user behavior, distinguishing four tactics: 'agents' playing on emotions, being pushy, mothering users, or being passive-aggressive. It also covers pragmatic factors making messages rude or invasive, such as contextual insensitivity, false personalized care, or misaligned system roles. The paper frames these as 'social' dark and anti-patterns, offering recommendations for improving how interfaces treat people respectfully.

This research explores designers' perceptions of "privacy dark patterns" and their responsibilities towards user privacy. It identifies factors influencing privacy design practices, including conventions, legal compliance, usability standards, business/consumer benefits, and degrees of privacy harm.

This article explains why hyper-engaging dark patterns, which are addictive digital interfaces, should be considered unlawful in the European Union. These patterns exploit the dopamine cycle, reduce user autonomy, and can harm health. The Unfair Commercial Practices Directive should prohibit them as undue influence or under Article 5. The Digital Services Act and Artificial Intelligence Act can also help combat their spread.

The article dives into the critical issues at the intersection of AI-powered deceptive design and legislative efforts, explicitly looking at Article 5 of the AI Act Proposal by the EU. The article assesses the potential of the AI Act to mitigate the risks associated with deceptive design and even drafts what Article 5 should look like.

The research proposes a framework to assess if online manipulative practices violate freedom of thought. It suggests a test: evaluating concealment, targeting vulnerability, impacting thought significance, and considering influence frequency and duration.

This research proposes using web scraping and fine-tuned BERT language models to identify dark patterns, including outliers, building on existing work to detect and explain these deceptive interfaces and raise consumer awareness.

This research explores the connection between cognitive biases and dark patterns, identifying how they relate and suggesting opportunities for ethical reconsideration and user protection mechanisms.

This mixed methods study examines dark patterns used by social networking sites to prevent users from disabling accounts. It identifies and categorizes major types of dark patterns (Complete Obstruction, Temporary Obstruction, Obfuscation, Inducements to Reconsider, and Consequences) based on a systematic analysis of account disabling attempts on 25 SNSs. The research provides empirical evidence of these pervasive strategies and calls for further investigation into manipulative designs that may warrant stricter regulation in the social media industry.

This research explores the legal meaning and significance of "exploitation" in online choice architectures, particularly concerning consumer behavioral biases (dark patterns). It develops a theory of exploitation for EU consumer law, based on philosophical exploitation theory, arguing that regulating behavioral exploitation means regulating for consumer autonomy.

This research proposes an automated, generalized dark pattern text detection technique using GPT-3's in-context learning, demonstrating satisfactory performance for most dark pattern categories and outperforming existing baseline models.

A companion piece of legislation focused on online platforms, the Digital Services Act, will impact 19 platforms, including five Google services, Meta-owned Facebook and Instagram, and Microsoft's Bing search engine

New paper by me: "Psychological Patterns and Article 5 of the AI Act" AI-Powered Deceptive Design in the #SystemArchitecture & the #UserInterface

Using various techniques of web design, collectively called dark patterns, airlines and online travel portals are manipulating air travellers into paying more than they would ideally like to.

Bravo to @Datatilsynet . EDPB has voted to extend the Norwegian ban on Metas behavioural advertising without proper consent to the whole EU, and directed Ireland to implement the ban. Norwegian authority says it’s doubts Meta’s new consent or pay is legal.

Our paper "Legitimate Interest is the New Consent -- Large-Scale Measurement and Legal Compliance of IAB Europe TCF Paywalls" got accepted at @WPES_workshop ! This is a joint work by @vctrmrl , Fredholm, Thunberg, and myself. Here's the link

. @RichardRWhittle and I wrote about dark patterns, and our ongoing research, for @ConversationUK . Incidentally, I can't help but think the new link displays on this platform are ripe for manipulation...

These additional regulatory compliances may stagnate the growth of India’s digital economy by having an adverse effect on the ease of doing business,” [said] the Asia Internet Coalition (AIC), an industry association representing companies like Google, Amazon, Meta, Spotify

. @jagograhakjago has released draft Guidelines on the Prevention & Regulation of Dark Patterns. While a good start, there’s room to address consumer privacy and enhance feedback mechanisms. Check out our submissions

You know those annoying types of "convenience" fees that get tacked on to all sorts of products and services? Get this... The FTC has proposed a rule to ban junk fees that cost consumers tens of billions of dollars each year!

The Indian government has issued a draft statement on dark patterns

This study explores the prevalence of deceptive dark patterns in online travel agencies (OTAs) and their impact on consumer fairness perception and attitude toward OTAs. It examines how social proof and moral identity moderate the relationship between dark patterns and consumer responses, showing that negative social proof amplifies the impact of deception under low stock messages.

Excited to share my new article, Regulating Dark Patterns, forthcoming in @NDJICL . Key theses and summary below: 1/8 https://papers.ssrn.com/sol3/papers.cfm?abstract_id=4588652 @darkpatterns , @Aston_REACH , @AstonLawSchool , @Aston_ACE

Popular Japanese mobile apps have malicious design elements called dark patterns or deceptive user interface designs, researchers from Tokyo Tech have found. A new class of dark patterns, called 'Linguistic Dead-Ends,' of types 'Untranslation' and 'Alphabet Soup,' was also discovered.

This article argues that crafting a definition for deceptive design is harder than it seems. Where do boundaries of exploitative design stop and bad design or poor product start?

The government has agreed to proposals that would allow Australians to opt out of targeted advertising, require search engines to "de-index" certain information about them, and draw small businesses into Australia's privacy scheme.

This research paper looks at default effects in political campaign contributions These defaults increased campaign donations by over $43 million while increasing requested refunds by almost $3 million

Browser choice screens are back on the menu. Most notably, the EU’s Digital Markets Act (DMA) will require them from 2024. New research from Mozilla shows that the the UX design of these screens is is critical in making sure they're effective.

This study aimed to explore how financial technology companies employed dark patterns to influence investors’ financial decision-making and behavior

Should protection be afforded to all online users, or only to certain vulnerable groups that are more susceptible to manipulation? Using a novel empirical design, we test the susceptibility of different groups to a range of dark patterns.

We found users are constantly juggling between privacy, utility, and convenience, affected by flawed mental models and dark patterns.

Companies that violate Americans’ privacy by seeking to monetize personal data without consent can face significant financial consequences

The increasing popularity of virtual assistants (VAs) raises concerns about deceptive design (also referred to as dark patterns), that is, design tricks to influence users into buying or engaging more, hijacking their decision-making capability.

A great illustration of privacy and 'threads' and the limitations of Apple's app privacy transparency notification requirements

My research paper wt colleagues at @sciencespo about dark patterns online has been published today. The EU’s #DigitalServicesAct contains a new prohibition against dark patterns but it is unclear how it will be applied. We provide some direction for regulators & online services.

One refreshing piece of news I read this Morning: Govt. of India is planning to bring in a legal framework for apps and sites that tricks their users by using 'UX Dark Patterns'. One popular example of a dark pattern is Making it hard for a user to unsubscribe from emails

Administrative Law Judge Issues Initial Decision in FTC’s Case Against Intuit Inc.

Centre has advised online platforms to not engage in ‘unfair trade practices’ by incorporating #darkpatterns in their online interface, to manipulate consumer choice and violate #consumerrights, as enshrined in #ConsumerProtectionAct #ecommerce

An index of products that aims to "help you shop smart—and safe—for products that connect to the internet".

NEW DELHI : The government has sought comments from the public on its draft guidelines for the prevention and regulation of dark patterns

From subscription traps to deceptive patterns, many businesses are exploiting a gap in Australia's consumer laws in a race to the bottom – and people are paying the price. But playing fair should be the rule, not the exception. Sign the petition to make unfair business practices illegal now.

Microsoft to stop forcing Windows 11 users into Edge in EU countries "...likely related to the EU’s Digital Markets Act, which comes into effect in March 2024."

I have a new paper out in @BPPjournal with @RichardRWhittle , Rafi Ahmed, Tom Walsh, and Martin Wessel of @B_I_Team . We relate sludge and dark patterns, and perform a sludge audit of several large online services:

If a business takes steps to hide the recurring fee at the point of purchase, then later at the point of rebilling via not sending notifications or billing emails – then why does it make sense to call the problem "absentmindedness"?

I got curious why the FTC keeps talking about “dark patterns” and so investigated. New from me for @TheInformation :

The KFTC had previously included an extensive strategy for effectively regulating ‘dark patterns,’ a form of deceptive advertising, in its annual enforcement plan. In April 2023, the KFTC further outlined the criteria for defining a dark pattern in its policy direction announcement, and pledged to actively address any activities that deviate from such criteria while fully respecting market autonomy.

In their opinion piece @Cristianapt & @arionair89 argue for the creation of a shared vocabulary around dark pattern practices.

Paper: The emergence of dark patterns as a legal concept in case law, by @Cristianapt https://policyreview.info/articles/news/emergence-of-dark-patterns-as-a-legal-concept

Over 90% of widely used apps in Japan, whether for shopping, social media or games, adopt user interfaces that lead consumers to disadvantageous choices, according to an investigation conducted by the Tokyo Institute of Technology.

A bipartisan #Senate bill to stop online platforms from tricking consumers into disclosing personal data through the use of deceptive user interfaces, commonly referred to as “dark patterns,” has been reintroduced.

As the feds take on Amazon Prime, they’re also evaluating 50-year-old rules governing recurring subscriptions, which could impact the major streamers.

Online deceptive designs (eg tricking consumers by making it difficult to cancel services) have become a real problem. Today, we've published an interim report by @AKGlenster exploring the need for better consumer protection

How Disney, Netflix, and more streaming companies are fighting FTC's 'click to cancel' proposal

Indian Government has set up a 17-member taskforce to prepare guidelines in the next two months to protect consumers against dark patterns, and has also urged Internet users to report such practices using the National Consumer Helpline.

Controversy over tactics used by some firms to target players who are on track to spend high sums

“If sellers are required to enable cancellation through a single click or action by the consumer, accidental cancellations will become much more common, as consumers will not reasonably expect to remove their recurring goods or services with just one click,” the Association of National Advertisers said in a statement.

@westernuFIMS professor Victoria L. Rubin and doctoral candidate Dominique Kelly analyze "dark patterns" — online situations easy to get into but hard to get out of — in this @ConversationCA piece.

The effectiveness of several DMA provisions will in practice depend on their impact on end user choices and the way in which the designated gatekeepers design the choice architecture

This research introduces DarkDialogs, a system designed to automatically extract consent dialogs from websites and identify 10 types of dark patterns. Evaluated against a hand-labelled dataset, DarkDialogs boasts a 98.7% accuracy in dialog extraction and a 99% accuracy in classifying dark patterns. When deployed on 10,992 websites, the system successfully collected 2,417 consent dialogs and detected 3,744 distinct dark patterns. The study also investigates the correlation between dark pattern prevalence and website popularity, the use of third-party consent management providers, and the number of ID-like cookies.

Even as regulators crack down on "dark pattern" website processes, companies are turning to artificial intelligence to make their sales methods more sophisticated, and potentially exploitative, says Brooke Masters

In a win for consumers, proposed order requires PCH to overhaul its sweepstakes entry and sales processes, stop surprise fees, and pay $18.5 million to consumers

Dozens of online stores must stop using misleading countdown timers. Following an automated check of thousands of online stores, the Netherlands Authority for Consumers and Markets (ACM) has confronted these online stores with their practices.

Disney has raised concerns about new UK laws which will require it to remind its customers about their streaming subscription every six months.

The Advertising Standards Council of India has released guidelines to tackle the issue of dark patterns in online #advertising that will cover advertising in #digitalmedia including #ecommerce, food delivery apps and websites

The government has taken a serious note of 'dark patterns' and asked e-commerce firms to create a self-regulatory framework to stop such practices, Consumer Affairs Secretary Rohit Singh on Tuesday said.

A spreadsheet on ad platform Xandr’s website revealed a massive collection of “audience segments” used to target consumers based on highly specific, sometimes intimate information and inferences.

Being observed while paying can play on desire to seem generous.

Synthesize evidence of the prevalence of dark patterns, evidence of their harms, and the legal framework addressing them. Propose a new taxonomy based on the notion of fair pattern as a way to shift from a problem-oriented to a problem-solving perspective

The research aims to analyze the privacy policies and data practices of automated mental health and mindfulness apps to assess transparency and consumer protections.

Dark patterns. Phishing. Surprise fees. The US federal government is working to address these consumer harms—and behavioral economics can help.

1. @FTC & @JusticeDept took action against @Amazon for deceiving people about how it'd store the voice & geolocation data it collected through Alexa. This included telling parents that they could delete kids' voice data, but then keeping it for years.

Texas Legislature finalizes comprehensive privacy bill - The bill carries unique applicability standards and requires covered entities to honor universal opt-out signals, perform data protection assessments and establish data processing agreements.

DYK? #DarkPatterns are a type of web or app design that can be used to influence your decision making online. Don’t be fooled! The Office of Consumer Affairs can help you learn to spot dark patterns and protect yourself from them.

In addition to everything @amandamull says here, Amazon appears to have designed massive dark patterns into their return process, huge return-to-refund time spreads, and borderline fraud (chargebacks on items previously returned, etc.)

This research introduces AidUI, an automated approach using computer vision and natural language processing to identify and classify ten UI dark patterns in application screenshots. A new dataset, ContextDP, was created for evaluation, demonstrating AidUI's effectiveness in detecting and localizing dark patterns, suggesting the feasibility of tools to help developers recognize and fix deceptive UI.

Social robots are increasingly used in intimate settings like elder care and child education. This raises concerns about deceptive robot design and the potential for dark patterns to exploit vulnerable users by leveraging emotional bonds, as these robots can identify and respond with emotions. This research suggests ways dark patterns could manifest in human-robot relationships and offers ethical design recommendations.

In this work, we analyzed 200 popular mobile apps in the Japanese market. We found that most apps had dark patterns, with an average of 3.9 per app. We also identified a new class of dark pattern: “Linguistic Dead-Ends” in the forms of “Untranslation” and “Alphabet Soup.” We outline the implications for design and research practice, especially for future cross-cultural research on dark patterns

Tricky interfaces in smart speakers, internet TVs, and other devices can nudge users into giving up privacy, security, and even their money.

"Legitimate interest" under GDPR can be a loophole for data collection due to ambiguity and varying interpretations. This research reveals 6 deceptive patterns in privacy notices, and a mismatch with user expectations.

As the U.K. prepares to overhaul its competition regime, a fierce lobbying battle has broken out between the world’s largest tech companies and their challengers

Canada doesn't explicitly have dark pattern legislation, but a new privacy law in Quebec makes "privacy by design" the default -- users need to enable data-collecting themselves, otherwise it stays off

"According to the mystery shopping exercise, 97% of the most popular websites and apps used by EU consumers deployed at least one dark pattern and the most prevalent were (1) hidden information/false hierarchy, (2) preselection, (3) nagging, (4) difficult cancellations, and (5) forced registration."