Dark Patterns: esempi, guida e check-up secondo le linee guida EDPB

Checkup e rimozione
di cookies e traccianti:
per titolari, DPO, CISO,
gestori e installatori di siti e app.

da 249€ + iva
vai
Resta aggiornato Newsletter · Telegram


I Dark Patterns invalidano le informative legali

Installare un template, utilizzare un framework css: cosa c'è di piu' semplice ? Tuttaiva il DSA, digital service act, espressamente vieta l'uso dei dark patterns.

I dark patterns producono l'effetto di confondere i visitatori:
  • contenuti
  • interfacce
Non sono validi i consensi raccolti in contesti che usano dark patterns, cosi' come perdono valore le consulenze legali per generare informative complete.


Overloading - Continuous prompting (Annex checklist 4.1.1)
next
Variation A: In the first step of the sign-up process, users are required to choose between different options for their registration. They can either provide an email address or a phone number. When users choose the email address, the social media provider still tries to convince users to provide the phone number, by declaring that it will be used for account security, without providing alternatives on the data that could be or was already provided by the users. Concretely, several windows pop up throughout the sign-up process with a field for the phone number, along with the explanation “We’ll use your [phone] number for account security”. Although users can close the window, they get overloaded and give up by providing their phone number.

Overloading - Continuous prompting (Annex checklist 4.1.1)
next
Variation B: Another social media provider repeatedly asks users to provide the phone number every time they log into their account, despite the fact that users previously refused to provide it, whether this was during the sign-up process or at the last log-in

Overloading - Continuous prompting (Annex checklist 4.1.1)
next
Example 2: A social media platform uses information icon or question mark icon to incite users to take the “optional” action currently asked for. However, rather than just provide information to users who expect help from these buttons, the platform prompts users to accept importing their contacts from their email account by repeatedly showing a pop-up saying “Let’s do it”.

Hindering - Misleading information (Annex checklist 4.4.3)
next
Example 3: When registering to a social media platform via desktop browser, users are invited to also use the platform’s mobile Application. During what looks like another step in the sign-up process, users are invited to discover the app. When they click on the icon, expecting to be referred to an Application store, they are asked instead to provide their number to receive a text message with the link to the App.

Stirring - Emotional steering (Annex checklist 4.3.1)
next
Example 4: The social media platform asks users to share their geolocation by stating: “Hey, a lone wolf, are you? But sharing and connecting with others help make the world a better place! Share your geolocation! Let the places and people around you inspire you!”

Stirring - Emotional steering (Annex checklist 4.3.1)
next
Example 5: Social media provider incentivises users to encourage them to share more personal data than actually required by prompting users to provide a self-description: “Tell us about your amazing self! We can’t wait, so come on right now and let us know!

Stirring - Emotional steering (Annex checklist 4.3.1)
next
Example 6: The part of the sign-up process where users are asked to upload their picture contains a “?” button. Clicking on it reveals the following message: “No need to go to the hairdresser’s first. Just pick a photo that says ‘this is me’.”

Hindering - Longer than necessary (Annex checklist 4.4.2)
next
Example 7: During the sign-up process, users who click on the “skip” buttons to avoid entering certain kind of data are shown a pop-up window asking “Are you sure?” By questioning their decision and therefore making them doubt it, social media provider incites users to review it and disclose these kinds of data, such as their gender, contact list or picture. In contrast, users who choose to directly enter the data do not see any message asking to reconsider their choice.

Stirring - Hidden in Plain Sight (Annex checklist 4.3.2)
next
Example 8: Immediately after completing the registration, users are only able to access data protection information by calling up the general menu of the social media platform and browse the submenu section that includes a link to “privacy and data settings”. Upon a visit to this page, a link to the privacy policy is not visible at first glance. Users have to notice, in a corner of the page, a tiny icon pointing to the privacy policy, which means that users can hardly notice where the information to the data protection related policies are.

Skipping - Deceptive snugness (Annex checklist 4.2.1)
next
Example 9: In this example, when users enter their birthdate, they are invited to choose with whom to share this information. Whereas less invasive options are available, the option “share it with everyone” is selected by default, meaning that everyone, i.e. registered users as well as any internet users, will be able to see the users’ birthdate

Hindering - Dead end (Annex checklist 4.4.1)
next
Example 10: Users are not provided with any links to data protection information once they have started the sign-up process. Users cannot find this information as none is provided anywhere in the sign-up interface, not even in the footer.

Hindering - Dead end (Annex checklist 4.4.1)
next
Example 11: During the sign-up process, users can consent to the processing of their personal data for advertising purposes and they are informed that they can change their choice whenever they want once registered on the social media by going to the privacy policy. However, once users have completed the registration process and they go to the privacy policy, they find no means or clues on how to withdraw their consent for this processing.

Pag 22
next
Links to information, actions or settings that can be of practical help to users to manage their data and their data protection settings should be available wherever they are confronted to related information or experience (e.g. links redirecting to the relevant parts of the privacy policy).

Left in the Dark - Conflicting Information (Annex checklist 4.6.2)
next
Example 12: In this example, the information related to data sharing gives a highly positive outlook of the processing by highlighting the benefits of sharing as many data as possible. Coupled to the illustration representing the photograph of a cute animal playing with a ball, this Emotional Steering can give users the illusion of safety and comfort with regard to the potential risks of sharing some kind of information on the platform. On the other hand, information given on how to control the publicity of one’s data is not clear. First it is said that users can set their sharing preference any time they want. Then, however, the last sentence indicates that this is not possible once something has already been posted on the platform. Those pieces of Conflicting Information leave users unsure of how to control the publicity of their data.

Fickle - Lacking Hierarchy (Annex checklist 4.5.1)
next
Example 13: Information related to data subject rights is spread across the privacy notice. Although different data subject rights are explained in the section “Your options”, the right to lodge a complaint and the exact contact address is stated only after several sections and layers referring to different topics. The privacy notice therefore partly leaves out contact details at stages where this would be desirable and advisable.

Fickle - Lacking Hierarchy (Annex checklist 4.5.1)
next
Example 14: The privacy policy is not divided into different sections with headlines and content. There are more than 70 pages provided. However, there is no navigation menu on the side or the top to allow users to easily access the section they are looking for. The explanation of the self-created term “creation data” is contained in a footnote on page 67.

Left in the Dark - Ambiguous Wording or Information (Annex checklist 4.6.3)
next
Example 15: A privacy notice describes part of a processing in a vague and imprecise way, as in this sentence: “Your data might be used to improve our services”. Additionally, the right of access to personal data is applicable to the processing as based on Article 15 (1) GDPR but is mentioned in such a way that it is not clear to users what it allows them to access: "You can see part of your information in your account and by reviewing what you've posted on the platform".

Left in the dark - Language discontinuity (Annex checklist 4.6.1)
next
Example 16: Variation A: The social media platform is available in Croatian as the language of users’ choice (or in Spanish as the language of the country they are in), whereas all or certain information on data protection is available only in English.

Left in the dark - Language discontinuity (Annex checklist 4.6.1)
next
Variation B: Each time users call up certain pages, such as the help pages, these automatically switch to the language of the country users are in, even if they have previously selected a different language.

Overloading - Privacy Maze (Annex checklist 4.1.2)
next
Example 17: On its platform, the social media provider makes available a document called “helpful advice” that also contains important information about the exercise of data subject rights. However, the privacy policy does not contain any link or other hint to this document. Instead, it mentions that more details are available in the Q&A section of the website. Users expecting information about their rights in the privacy policy will therefore not find these explanations there and will have to navigate further and search through the Q&A section

Hindering - Dead end (Annex checklist 4.4.1)
next
Example 18: In its privacy policy, a social media provider offers many hyperlinks to pages with further information on specific topics. However, there are several parts in the privacy policy containing only general statements that it is possible to access more information, without saying where or how.

Sticky navigation:
next
While consulting a page related to data protection, the table of contents can be constantly displayed on the screen allowing users to always situate themselves on the page and to quickly navigate in the content thanks to anchor links.

Back to top:
next
Include a return to top button at the bottom of the page or as a sticky element at the bottom of the window to facilitate users’ navigation on a page

Shortcuts:
next
see use case 1 for definition (p. 22). (e.g. in the privacy policy, provide for each data protection information links that directly redirects to the related data protection pages on the social media platform).

Shortcuts:
next
Example 19: A Social Media Provider always refers to “creation data” within the privacy policy and does not use the term personal data. Only on page 90, the layered privacy notice contains the explanation that “creation data might include personal data of the users”.

Shortcuts:
next
Example 19: A Social Media Provider always refers to “creation data” within the privacy policy and does not use the term personal data. Only on page 90, the layered privacy notice contains the explanation that “creation data might include personal data of the users”.

Left in the Dark - Conflicting Information (Annex checklist 4.6.2)
next
Example 20: • The controller only refers to actions of a third party, that the data breach was originated by a third party (e.g. a processor) and that therefore no security breach occurred. The controller also highlights some good practices that have nothing to do with the actual breach. • The controller declares the severity of the data breach in relation to itself or to a processor, rather than in relation to the data subject.

Left in the dark - Ambiguous wording or information (Annex checklist 4.6.3)
next
Example 21: Through a data breach on a social media platform, several sets of health data were accidentally accessible to unauthorised users. The social media provider only informs users that “special categories of personal data” were accidentally made public

Left in the dark - Ambiguous wording or information (Annex checklist 4.6.3)
next
Example 22: The controller only provides vague details when identifying the categories of personal data affected, e. g. the controller refers to documents submitted by users without specifying what categories of personal data these documents include and how sensitive they were.

Left in the dark - Ambiguous wording or information (Annex checklist 4.6.3)
next
Example 23: When reporting the breach, the controller does not sufficiently specify the category of the affected data subjects, e. g. the controller only mentions that concerned data subjects were students, but the controller does not specify whether the data subjects are minors or groups of vulnerable data subjects.

Left in the dark - Ambiguous wording or information (Annex checklist 4.6.3)
next
Example 24: A controller declares that personal data was made public through other sources when it notifies the breach to the Supervisory Authority and to the data subject. Therefore, the data subject considers that there was no security breach.

Skipping - Look over there (Annex 4.2.2)
next
Example 25: • The controller reports through texts that contain a lot of non-relevant information and omit the relevant details. • In security breaches that affect access credentials and other types of data, the controller declares that the data is encrypted or hashed, while this is only the case for passwords.

Notifications
next
Notifications can be used to raise awareness of users on aspects, change or risks related to personal data processing (e.g. when a data breach occurred). These notifications can be implemented in several ways, such as through inbox messages, pop-in windows, fixed banners at the top of the webpage, etc.

Explaining consequences
next
When users want to activate or deactivate a data protection control, or give or withdraw their consent, inform them in a neutral way on the consequences of such action.

Shortcuts
next
see use case 1 for definition (p.22) (e.g. provide users with a link to reset their password).

Coherent wordings:
next
see use case 1 for definition (p.22) (e.g. provide users with a link to reset their password).

Providing definitions:
next
see use case 1 for definition (p.22) (e.g. provide users with a link to reset their password).

Use of examples:
next
see use case 1 for definition (p.22) (e.g. provide users with a link to reset their password).

Conflicting Information - Left in the Dark (Annex 4.6.2)
next
Example 26: The interface uses a toggle switch to allow users to give or withdraw consent. However, the way the toggle is designed does not make it clear in which position it is and if users have given consent or not. Indeed, the position of the toggle does not match the colour. If the toggle is on the right side, which is usually associated with the activation of the feature (“switch on”), the colour of the switch is red, which usually signifies that a feature is turned off. Conversely, when the switch is on the left side, usually meaning the feature is turned off, the toggle background colour is green, which is normally associated with an active option.

Conflicting Information - Left in the Dark (Annex 4.6.2)
next
Example 27: The social media provider gives contradictory information to users: Although the information first asserts that contacts are not imported without consent, a pop-up information window simultaneously explains how contacts will be imported anyway.

Ci sono più esempi per le stesse categorie




Chi siamo

Un team affiatato di consulenti legali, privacy, informatici e marketing che parlano chiaro. Come te.

Giulia Nepi

Giulia Nepi

avvocato civilista
Privacy

Avvocato civilista
Consulente privacy.



Valentino Spataro

Valentino Spataro

Privacy consultant
WordPress dev

Consulente privacy
Sviluppo WordPress e app.



Assistenza

Indicare il link al sito/app e Lasciare i recapiti per essere ricontattati.
Preventivi gratuiti a partire da 249€+iva (salvo no profit)


Dati trattati informaticamente per e per la durata del rapporto commerciale. No newsletter nè profilazione. V. privacy policy

Informazioni

IusOnDemand srl
viale dei Mille 4
20129 Milano, Italia
+39 (Phone) 02 4548 9591
 (Telegram) @iusondemand