How does Google and Facebook use the 'dark pattern' that intentionally leads users in a direction where they are advantageous?


by Patrizio Cuscito

" Dark pattern " is a web design designed to trick users. A report published online by Norwegian Consumer Protection Bureau summarizes the method of companies using dark patterns.

2018 - 06 - 27 - deceived - by - design - final.pdf
(PDF file) https://fil.forbrukerradet.no/wp-content/uploads/2018/06/2018-06-27-deceived-by-design-final.pdf

As a dark pattern used by companies, in order not to let users withdraw from registered mail-order sites, it is very troublesome to set up a form for withdrawing procedures very difficult to understand, or deleting an account with SNS You can do things like to do. The data protection regulation GDPR that came into force in the EU since May 25, 2018 makes it more difficult for technology companies to obtain consumer personal information, but Norwegian Consumer Protection Bureau said " We use consumer user interface using pattern to obtain consumer's personal information. "

In the report, we compare the user interface of Facebook, Google, and Windows 10 and investigated warnings when companies obtain personal information of users and procedures to be done when users want to protect personal information. Then, on Facebook and Google, it was the result that "in dark pattern method is used in half of survey items in Windows 10 in all six survey items".



For example, you can change whether the company allows you to retrieve the user's personal information from the settings field. However, on the Facebook data setting screen, you can click "GET STARTED" enclosed in blue to move to the next screen, but "MANAGE DATA SETTINGS" to be clicked when you want to protect personal information on the next screen is white It is surrounded by. The user who clicked the blue button on the previous page clicked "ACCEPT AND CONTINUE" which was inadvertently surrounded with blue color on the next page and was guided to provide the data. In addition, although Facebook is made to be able to use personal settings by default, there is also a case where you do not know that you can change the settings yourself, and that personal information is used on Facebook from the beginning.

Likewise, if Google does not want to use personal information in advertisements, Google will automatically use personal information unless the user finds an item to set about using personal information. The personal information we collect includes location information, device information, and voice and audio activity.



Also, in pop-ups on whether or not to use personal information, it seems to be one type of dark pattern that "users only use positive words about using personal information". For example, Facebook is a pop-up asking whether or not to turn on the user's face recognition technology, but although it explains about facial recognition technology being very useful, "Facebook uses a range of data collected by Facebook He said that he did not explain. "The report is criticized as" users are being pressed to make choices without getting enough information. "



According to GDPR based on Facebook pop-up displayed on mobile app by Facebook, setting about use of personal information is possible, meanwhile, "Facebook can not be used unless we can finish setting" is displayed. Even those who should have carefully thought about setting up protection of personal information thoroughly thought that "I want to finish the setting and use Facebook for the first time" and tap "GET STARTED" which is easy to set up That is guiding you.



In the Facebook desktop application, an icon imitating "notification" is displayed at the upper right of the popup screen. Although this is not actually a notification sent to users, it is easy for users to misunderstand that "Facebook may be notified of their own Facebook", making it easy to click "GET STARTED" without complicated settings It is a trick to do.

In the mobile app, you are asked to agree to the conditions that Facebook presents and the personal information protection agreement on the final screen where the user made the setting. If you refuse it you will see an extreme two choices of "agree" or "delete account." It is very unlikely that users who have set up for a long time have the option of "deleting accounts" at the end of the last minute, and virtually users are forced to agree to Facebook's terms I will.



The Norwegian Consumer Protection Bureau has introduced these dark patterns used by technology companies in the report and warned companies are trying to get the user's personal information with that hand.

in Mobile,   Software,   Web Service,   Security, Posted by log1h_ik