Dark patterns are starting to receive increased regulatory attention, which is a welcome development in the evolution of privacy law. Here’s a dark patterns resource and reading list.
What Are “Dark Patterns”?
Harry Brignull coined the term “dark pattern” in 2010, defining it as “a user interface that has been carefully crafted to trick users into doing things, such as buying insurance with their purchase or signing up for recurring bills.” He now has a site devoted to dark patterns.
Regulating Dark Patterns
Dark patterns are increasingly becoming a focus of regulation. Regulators have long been reluctant to regulate technological design, but increasingly the reality is becoming clear: To effectively protect privacy, design must be regulated. The term “dark patterns” is catching on, and regulators are increasingly emboldened to regulate. It’s far more palatable to try to stop “dark patterns” than it is to restrict certain “technological designs.”
Under the California Privacy Rights Act (CPRA), the use of dark patterns to obtain consent will render consent invalid. A dark pattern is “a user interface designed or manipulated with the substantial effect of subverting or impairing user autonomy, decision-making, or choice, as further defined by regulation.” The privacy bill pending in the State of Washington seeks to restrict dark patterns. The FTC will be holding a dark patterns workshop later this month.
Dark Patterns Reading List and Resources
Here’s a list of resources about dark patterns that are worth attention:
Woodrow Hartzog, Privacy’s Blueprint: The Battle to Control the Design of New Technologies (Harvard Univ. Press 2018)
Jamie Luguri & Lior Strahilevitz, Shining a Light on Dark Patterns, 13 Journal of Legal Analysis 43 (2021)
Ari Ezra Waldman, Cognitive Biases, Dark Patterns, and the ‘Privacy Paradox’, 31 Current Issues in Psychology 2020
M.R. Leiser, ‘Dark Patterns’: The Case for Regulatory Pluralism (2020)
Harry Bringnull, Dark Patterns: Dirty Tricks Designers Use to Make People Do Stuff, 90 Percent of Everything (July 8, 2020)
Karolina Matuszewska, When Design Goes Awry – How Dark Patterns Conflict with GDPR and CCPA (Dec. 3, 2020)
Arvind Narayanan, Arunesh Mathur, Marshini Chetty, and Mihir Kshirsagar, Dark Patterns: Past, Present, and Future, ACM Queue (2020)
Bloomberg Law, ‘Dark Patterns’ in Consumer Data Privacy Garner Policy Attention (Mar. 23, 2021)
Mathew J. Schwartz, Dark Patterns: How Weaponized Usability Hurts Users, BankInfoSecurity (April 10, 2019)
Ryan Calo, Digital Market Manipulation, 82 Geo. Wash. L. Rev. 995 (2014)
Nerdwriter, How Dark Patterns Trick You Online (Mar. 26, 2018)
Events and Webcasts
Bringing Dark Patterns to Light: An FTC Workshop (April 29, 2021)
Daniel Solove, Dark Patterns: A Privacy Training Course
* * * *
This post was authored by Professor Daniel J. Solove, who through TeachPrivacy develops computer-based privacy and data security training. He also posts at his blog at LinkedIn, which has more than 1 million followers.
Professor Solove is the organizer, along with Paul Schwartz, of the Privacy + Security Forum an annual event designed for seasoned professionals.