Deceptive Design – formerly
Types of deceptive design ›

Friend spam

The product asks for your email or social media permissions under the pretence it will be used for a desirable outcome (e.g. finding friends), but then spams all your contacts in a message that claims to be from you.

The most famous example of this type of deceptive design was used by Linkedin, which resulted in them being fined $13 million dollars as part of a class action lawsuit in 2015.

Blogger Dan Schlosser provides a detailed walkthrough here. As part of the sign-up process to Linkedin, they encourage you to give them access to your email account, on the premise that it will give "your career a strong network" (see below). The hidden agenda is that they want this access so they can secretly send invitation emails to all of your contacts, falsely claiming to be sent by you rather than by Linkedin.

If you allow yourself to be guided through the steps, you're taken to the page shown below. If you click the innocent-sounding button "Add to network" you are inadvertently giving Linkedin permission to spam every person you've ever emailed.

In the Perkins v. LinkedIn class action law suit (2015), this practice was found to be illegal under California Law. If you were a member of LinkedIn's "add connection" program between September 2011 and October 2014, you were able to submit a claim to get a payout of around $10.

Read more here: After Lawsuit Settlement, LinkedIn's Dishonest Design Is Now A $13 Million Problem