Our Senior DevSecOps Engineer Robert Keyser writes about the dark patterns commonly used on cookie consent banners, and what design considerations could fix them.
A dark pattern is a design pattern intended to influence a user to take an action that may not be in their best interest. In the scope of privacy, dark patterns are often found in consent banners and modals. Companies that employ dark patterns in consent banners do so to dissuade a user from opting out of cookies, tracking, or data sharing. Some dark patterns can be so subtle that companies don’t realize they are using them.
To start us off, let’s look at a particularly egregious example of dark patterns in action. The following example is a real cookie banner taken from a real website with the company name redacted.
First, let’s point out the classic consent dark pattern. The banner presents two options: one to accept all cookies and one to launch a modal to control which categories of cookies may be placed on the user’s browser. Visually speaking, the button to accept all cookies is presented in a bold green. The alternative choice to manage cookies is given less visual weight in the user interface, presented as a gray link with the white background. At a quick glance as a banner displays on a user’s browser, the user’s eye is drawn to the brighter green, influencing their likelihood of clicking on the button to accept cookies.
Another set of dark patterns that are present in this example is in the wording of the banner. This company chose to associate accepting cookies with happiness. Doing so affects users in two ways. First, it leans into the user’s emotional state. It paints the placement of cookies as a positive thing. It also engages in “emotional steering,” because the positive outlook may make users feel more safe. Second, it distracts the user from the actual decision they are making. Notice the wording on the button to accept cookies: “Yes, I’m happy.” Instead of stating the actual action, the company completely removes “cookies” from the action. These two effects increase the likelihood of a user clicking the button to accept cookies.
Finally, notice how it’s easier to accept all cookies (one button click) than it is to only accept necessary cookies (click “show details,” deselect all non-essential cookie categories, and then click save). Generally speaking, people don’t want to do more work than they have to. By making it easier to accept than to reject, users are more likely to accept the cookies.
In the next example, the options to “accept all and “continue without accepting” are presented as a button and link, respectively. Additionally, they are not located in the same area of the user interface.
In this example, there is no option to reject non-essential cookies. To reject cookies, a user would need to click on “Cookie preferences” and ensure all non-essential cookies are unchecked. This adds another step to the process of rejecting cookies.
Ultimately, users are human and are subject to cognitive heuristics and biases that help us all make decisions in the world around us. Because these heuristics are meant to speed up information processing in our brain, they can lead to imperfect decision-making. Cognitive heuristics and biases are natural functions of our brains and aren’t inherently bad. But companies can take advantage of these imprecise measures to influence users’ decisions to place cookies on their browsers, and ultimately track them.
In the case of cookies that are used for tracking user behavior, when a user accepts the cookies, the company benefits from the loss of privacy of the user. It should be the decision of the user whether to forfeit a piece of their privacy to grant the company the ability to track their behavior. However, when companies use dark patterns in their banners, they shift the power balance and exert undue influence over their users’ decisions.
Dark patterns are not only an ethical matter. Regulators are beginning to take a stance on the presence of dark patterns in privacy interfaces. With respect to consent, the California Privacy Rights Act (CPRA) notes that “agreement obtained through use of dark patterns does not constitute consent.” Additionally, the European Data Protection Board (EDPB) has issued guidance on dark patterns and notes that “data protection authorities are responsible for sanctioning the use of dark patterns if these breach GDPR requirements.”
Here’s an example of a well-constructed consent banner that allows users to accept all cookies, accept all non-essential cookies, and manage which cookies they allow.
In this example, the options to accept cookies and to decline cookies are displayed using the same UI component with the same color. Additionally, the buttons don’t use emotionally charged words, guilt, or shame to influence the user. There is also no technical jargon, and there are links to provide the user with additional information and context.
So how might you go about building a consent banner without dark patterns? Here are some things you should consider:
Ethyca’s VP of Engineering Neville Samuell recently spoke at the University of Texas at Austin’s Texas McCombs School of Business about privacy engineering and its role in today’s digital landscape. Read a summary of the discussion by Neville himself here.
Learn more about all of the updates in the Fides 2.24 release here.
Ethyca’s Senior Software Engineer Adam Sachs goes through the thought process of creating Fideslang, the privacy engineering taxonomy that standardizes privacy compliance in software development.
Learn more about all of the updates in the Fides 2.23 release here.
Our Senior Software Engineer Dawn Pattison walks you through implementing data minimization into your business.
Learn more about all of the updates in the Fides 2.22 release here.
Our team of data privacy devotees would love to show you how Ethyca helps engineers deploy CCPA, GDPR, and LGPD privacy compliance deep into business systems. Let’s chat!Request a Demo