Deceptive Design (formerly darkpatterns.org)

Reading list

GDPR enforcer rules that IAB Europe’s consent popups are unlawful

Airtable ID

552

EU data protection authorities find that the consent popups that plagued Europeans for years are illegal. All data collected through them must be deleted. This decision impacts Google’s, Amazon’s and Microsoft’s online advertising businesses.

| Feb 02, 2022

Feb 02, 2022

Dark Patterns: A New Legal Standard or Just a Catchy Name? (Part One)

Airtable ID

549

State and federal regulators have definitely put a new emphasis on combatting so-called “dark patterns” – but other than a catchy name, is there really anything new about the types of conduct that state and federal officials are calling illegal? This two-part blogpost will take a closer look at that question.

Paul Singer & Jessica Rich | Feb 01, 2022

Feb 01, 2022

Dark Patterns: A New Legal Standard or Just a Catchy Name? (Part Two)

Airtable ID

550

In this post (Part Two), we examine the FTC’s approach to this issue, now and in the past. Here, we conclude that, despite the new terminology, the practices that comprise today’s dark patterns have been core elements of FTC law and policy for years.

Paul Singer & Jessica Rich | Feb 01, 2022

Feb 01, 2022

CMA secures changes to Xbox subscription practices

Airtable ID

543

The CMA has secured improvements for Xbox online players, following concerns about Microsoft’s use of auto-renewing subscriptions for online gaming services.

Competition and Markets Authority | Jan 26, 2022

Jan 26, 2022

Google deceived consumers about how it profits from their location data, attorneys general allege in lawsuits

Airtable ID

542

The complaints allege the company has deployed ‘dark patterns,’ design tricks that can subtly influence users’ decisions in ways that are advantageous for a business

Cat Zakrzewski | Jan 24, 2022

Jan 24, 2022

MEPs adopt Digital Services Act with significant last-minute changes

Airtable ID

541

Article 13a in the DSA "explicitly forbids the use of specific techniques to extort consent to collect personal data, for instance, via repeatedly showing pop-ups. It also prevents platforms from requesting such consent if users already choose via ‘automated means’, which might be a setting in the web browser or operating system."

Luca Bertuzzi | Jan 20, 2022

Jan 20, 2022

From Compliance To Privacy UX: Regulators Come For Dark Patterns

Airtable ID

533

The French data protection authority hit Facebook and Google with multimillion-dollar fines yesterday for their use of deceptive design in their cookie consent banners.

Stephanie Liu, Andrew Hogan & Enza Iannopollo | Jan 07, 2022

Jan 07, 2022

France spanks Google $170M, Facebook $68M over cookie consent dark patterns

Airtable ID

528

Today, the CNIL said it’s fined Google €150M (~$170M) and Facebook €60M (~$68M) for breaching French law, following investigations of how they present tracking choices to users of google.fr, youtube.com and facebook.com.

Natasha Lomas | Jan 06, 2022

Jan 06, 2022

Cookies: the CNIL fines GOOGLE a total of 150 million euros and FACEBOOK 60 million euros for non-compliance with French legislation

Airtable ID

530

Following investigations, the CNIL noted that the websites facebook.com, google.fr and youtube.com do not make refusing cookies as easy as to accept them. It thus fines FACEBOOK 60 million euros and GOOGLE 150 million euros and orders them to comply within three months.

CNIL | Jan 06, 2022

Jan 06, 2022

If you click to subscribe, you should be able to click to cancel.

Airtable ID

531

FTC has made clear that to comply with the law, businesses must ensure sign-ups are clear, consensual, and easy to cancel.

Lina Kahn | Jan 06, 2022

Jan 06, 2022

An overview of the provisions successfully pushed through by the Greens/EFA into the European Digital Services Act:

Airtable ID

519

On 14 December 2021, the Internal Market and Consumer Protection (IMCO) Committee of the European Parliament adopted its report on the Digital Services Act.

Alexandra Geese | Dec 14, 2021

Dec 14, 2021

Google admits that they actively worked to "slow down and delay" the ePrivacy Regulation.

Airtable ID

516

Hidden away in #Google adtech antitrust complaint, in ref to internal docs: “We have been successful in slowing down and delaying the [ePrivacy Regulation] process and have been working behind the scenes hand in hand with the other companies.”

| Oct 22, 2021

Oct 22, 2021

Getting under your skin(s): A legal-ethical exploration of Fortnite’s transformation into a content delivery platform and its manipulative potential

Airtable ID

499

Academic analysis of how Fortnite is using its platform to manipulate users.

Marijn Sax, Jef Ausloos | Mar 11, 2021

Mar 11, 2021

"Fine Print" lesson

Airtable ID

478

Font size can be the difference between compliance and a class action lawsuit

@RobertFreundLaw | Feb 25, 2021

Feb 25, 2021

Lawmakers Take Aim at Insidious Digital ‘Dark Patterns’

Airtable ID

449

A new California law (the California Privacy Rights Act) prohibits efforts to trick consumers into handing over data or money. A bill in Washington state (SB 5062 - 2021-22) used similar language.

Tom Simonite | Jan 29, 2021

Jan 29, 2021

The end of dark patterns in “cookie walls”: German court bans deceptive designs

Airtable ID

444

The Federation of German Consumer Organisations (vzbv) filed a complaint against “advocado”, an online service that helps people find a lawyer. With its lawsuit, the consumer protection group challenged the use of dark patterns in cookie banners used.

Peter Hense | Jan 21, 2021

Jan 21, 2021

California Voters Approve (Another) Overhaul of California Consumer Privacy Laws: Meet the California Privacy Rights Act

Airtable ID

440

The CPRA defines a “dark pattern” as “a user interface designed or manipulated with the substantial effect of subverting or impairing user autonomy, decision-making, or choice” and clarifies that it should be “further defined by regulation.

Paul W. Sweeney, Jr., Tara C. Clancy & Gregory T. Lewis | Jan 13, 2021

Jan 13, 2021

"Dark Patterns" Make Their Appearance in California's New Privacy Law

Airtable ID

436

"First, the CPRA adds a new definition of "consent" to the CCPA. The new definition explicitly states that "[A]greement obtained through the use of dark patterns does not constitute consent." Then, paralleling the definitions from Deceived by Design and the DETOUR Act, the CPRA defines a "dark pattern" as "a user interface designed or manipulated with the substantial effect of subverting or impairing user autonomy, decision-making, or choice, as further defined by regulation." Finally, the law directs that regulations regarding the sale or sharing of personal information ensure that a business obtaining consumer consent to such sale or sharing "does not make use of any dark patterns.""

Christopher W. Savage | Dec 30, 2020

Dec 30, 2020

The CNIL’s restricted committee imposes a financial penalty of 50 Million euros against GOOGLE LLC

Airtable ID

433

On 21 January 2019, the CNIL’s restricted committee imposed a financial penalty of 50 Million euros against the company GOOGLE LLC, in accordance with the General Data Protection Regulation (GDPR), for lack of transparency, inadequate information and lack of valid consent regarding the ads personalization.

Cnil | Dec 10, 2020

Dec 10, 2020

Are dark patterns anti-competitive?

Airtable ID

374

This Article argues that digital manipulation should, in many instances, be considered to be a type of anticompetitive behaviour. Digital manipulation erodes users’ ability to act rationally, which empowers platforms to extract wealth and build market power without doing so on the merits.

Gregory Day and Abbey Stemler | May 11, 2020

May 11, 2020

Deceptive Experiences To Online Users Reduction (DETOUR) bill

Airtable ID

304

DETOUR was a bi-partisan bill that aimed to curb manipulative dark pattern behavior by prohibiting the largest online platforms (those with over 100 million monthly active users) from relying on user interfaces that intentionally impair user autonomy, decision-making, or choice.

Warner, Mark R. | Sep 04, 2019

Sep 04, 2019

Senators Introduce Bill to Stop 'Dark Patterns' Huge Platforms Use to Trick Users

Airtable ID

305

"Senators Mark Warner (D-Virginia) and Deb Fischer (R-Nebraska) have introduced legislation to ban so-called “dark patterns” tactics designed to trick users..."

Tom McKay | Sep 04, 2019

Sep 04, 2019

Competition and Consumer Protection in the Twenty-First Century (FTC Hearing)

Airtable ID

235

"my prediction for 2019 - let’s do this like a TV show is this is the year where dark patterns really becomes the kind of thing that we’re really talking a lot about." - Paul Ohm

Author unknown | Apr 09, 2019

Apr 09, 2019

Regulating at scale

Airtable ID

185

"To tame the, sometimes, harmful power of enormous platforms, we need to reconsider the mathematics of regulation. The law tends to treat the growth of a company linearly, while the power and harm of online activity increases at a much faster rate. We need to scale up the mathematics of regulation to deal with many of the problems of massive digital platforms."

Paul Ohm | Jul 01, 2018

Jul 01, 2018

Enforcement Policy Statement on Deceptively Formatted Advertisements

Airtable ID

63

The FTC's enforcement policy statement regarding advertising and promotional messages that are presented as non-commercial content.

Author unknown | Apr 18, 2016

Apr 18, 2016

In Italy, Ryanair was fined € 850,000 for its famously hard to find to find "don't insure me" dark pattern.

Airtable ID

44

"The Authority has also considered unfair, cumbersome and misleading, the mechanism imposed to consumers in order to select the no-purchase option of the travel insurance policy: in the Ryanair booking process it is necessary to go through the window of Country of Residence and select the option “refuse insurance”, positioned – in the Italian website - between Netherlands and Norway."

Agcm | Feb 17, 2014

Feb 17, 2014

The CAN-SPAM Act of 2003

Airtable ID

15

The CAN-SPAM Act of 2003 established the United States' first national standards for the sending of commercial e-mail. It is enforced by the FTC. It contains rules against dark patterns, e.g. a visible and operable unsubscribe mechanism must be present in all marketing emails.

Author unknown | Dec 16, 2003

Dec 16, 2003