Dark Patterns: Who checks your data online? You; The answer is not so easy. A recent report by Norwegian consumer council reveals that technology companies mislead you to acquire rights to your data.
Using "dark patterns", (we had talked about them in previous publication) big internet companies like Facebook, Google and Microsoft exploit psychological biases to increase the chance of making privacy choices that do not serve your interests.
Of course, no one expects big tech companies to protect consumers' privacy. Below we will take a look at these dark patterns and how they can affect you.
What are the dark patterns?
(See the video as a good example of a dark pattern on Amazon.)
The site DarkPatterns.org defines dark patterns as "tricks used on sites and applications that make you buy or sign up where you don't want to".
There are many examples: Bad UI design. Misleading wording. Hidden options. Even the color choice can be part of a dark pattern.
The site lists 12 dark pattern types:
- Bait and switch
- Disguised ads
- Forced continuity
- Friend spam
- Hidden costs
- Price comparison prevention
- Privacy zuckering
- Roach motel
- Sneak into the basket
- Trick questions
You can read about each of these dark patterns. You will recognize many of them (especially the tactics used by Mark Zuckerberg, privacy).
The big problem with these tactics is that there are not many who can deal with them. We have psychological prejudices called heuristics that make it much more likely to respond under certain conditions. And when companies exploit it, many of us can not resist.
How companies take you to gain rights to your privacy
The report cites various tactics used by Facebook, Google and Microsoft to trick you into choosing features that do not protect your privacy.
Dark Patterns Default settings
The new GDPR regulations state that "default settings must not allow the collection or use of personal data more than is required to provide the service and that the use of personal data for other purposes requires explicit consent."
This is hardly worth mentioning. Of course these companies will not fail to stop collecting your data. So they earn the money.
Both on Facebook and on Google users have to hack their settings to disable data collection and sharing information. This is one of the dark patterns. (Despite GDPR legislation, Microsoft does not offer default settings, allowing users to choose what they want from the start.)
Easy to change settings
How easy is it to change your privacy settings? If you've ever seen your Facebook or Google privacy settings, you'll find it somewhat difficult to disable data sharing. Both services chose images and text placement to encourage users to share more data.
And Microsoft also uses these visual stimuli, but it needs the same number of clicks to protect or access your data.
Facebook is well known that it requires a lot of clicks, a lot of reading on many different screens to figure out who can see your data and what they can do with them.
Instead, Twitter privacy settings are extremely simple.
This is the way options are presented. Companies tell you the positive things you have to give them the data, but not the negatives. They state all the reasons why you should not increase your privacy choices, but none of the concerns about protecting your privacy.
The Norwegian report gives Facebook face recognition settings as an example. Facebook informs you of the benefits of automatic tagging and warns that without facial recognition, you will not be able to know if a third party uses your photo as a profile photo.
The largest social network does not mention anywhere that advertisers may use some face recognition technology to better target their ads or what else could be done with that data. Google and Microsoft are no better.
Reward and punishment
You've probably seen it, both Facebook and Google tell you that you will lose some functionality if you protect your data. Facebook even has the option of deleting your account without indicating that you can download all of your data before deleting the account.
Below is the Facebook GDPR privacy update flow chart (which is, of itself, a form of punishment):
Once you have made all these choices, will you press the "Delete Account" button at the end? Probably not.
Companies constantly reiterate that you will have better service if you share your data. However, Microsoft included a statement that Windows would still work if you did not share them. Do not be happy, because the company does not allow full blocking of telemetry.
Forced Actions and timing
Do you make the right decisions if you are in a hurry? Are you weighing all the options? Of course not. Companies give you choices to keep your privacy in their mobile apps. When you see the options you usually want to do something else with the application or service.
Facebook was using this technique very much until GDPR was implemented. Google and Microsoft were not much better.
The above picture is the perfect example of time pressure. The same tactics are used by too many companies to spend more money or to give more data.
How to protect your privacy and data
Unfortunately, you can not do much about all these misleading tactics. Read the privacy options carefully and look deep into the settings to find out what to do.
Being aware that businesses are making every effort to deceive you to provide more information is a good step. Do not believe companies are trying for your own good.
Below is one of the best quotes from the Norwegian exhibition:
Google has designed a privacy checklist, giving users an overwhelming majority of choices in micro-businesses, which, according to our analysis, discourages users from changing, controlling settings or deleting their data.
Google's privacy control panel is beautifully crafted and friendly. But it's not designed to help you manage your privacy.