Why the FTC is inspecting dark patterns in digital data privacy and the NAI is bracing for potential regulations
Online manipulation is emerging as a new front in the digital privacy battleground.
Researchers say dark patterns — nuanced design elements intended to coerce people into taking certain actions — can be found in the physical environment from the grocery store aisle to casinos. But they’re especially prevalent in the digital world when it comes to things like e-commerce sales tactics and data tracking opt-out notices. And regulators are taking notice.
The latest example of the heightened scrutiny around the use of dark patterns was a Federal Trade Commission workshop yesterday during which researchers called for regulation of the controversial tactics. Meanwhile, at least one digital ad trade group — the Network Advertising Initiative — is already gearing for a fight against any new laws or regulations addressing dark patterns.
Speaking during a panel discussion about how dark patterns affect consumers at the FTC’s Bringing Dark Patterns to Light workshop, Ryan Calo, a University of Washington School of Law professor, suggested that the agency should regulate dark patterns because they amount to the sort of unfair and deceptive practices the agency was established to protect consumers against.
“A hundred years ago, that is what Congress told the FTC to do: figure out which practices that companies are doing that are just too unfair to let go. They spoke in very overt, moralistic language about it. And so my hope is that dark patterns is a place that we can begin to reclaim that role for this great commission,” he said.
The issue is especially timely in relation to the ways digital media and ad tech firms provide people with notice and solicit their permission to collect and use their personal information.
Digital ad industry braces for a battle on dark patterns
Already, in California, regulations approved in March to enforce the CCPA specifically ban the use of dark patterns that delay or obscure the process for opting out of the sale of personal information or bombard people with confusing information or excessive steps. Considering the recent California ban and increased interest from the FTC, the digital ad industry sees the writing on the wall and is bracing for a battle with regulators on the dark patterns issue.
In an op-ed published in Morning Consult the morning of the agency’s workshop, the Network Advertising Initiative’s vp of policy David LeDuc wrote that, while it’s important for state and federal law enforcers to understand the use of dark patterns in protecting against marketing scams, “policymakers should resist the urge to legislate around the concept of dark patterns — it’s not necessary, given existing authorities. In addition, new laws could undermine legitimate companies’ best intentions to educate their customers,” he wrote.
Instead, in addition to supporting a federal privacy law, LeDuc said he wants a continuation of reliance on industry self-regulations. He urged lawmakers “to provide the FTC with more resources to enforce the law under its existing unfairness and deception authorities and educate consumers and businesses, not to enact legislation specific to regulating the use of digital user interfaces.”
Changing coercive privacy opt-out notices to human-centered ones
During the FTC panel discussion, Jennifer King, privacy and data policy fellow at the Stanford Institute for Human-Centered Artificial Intelligence, identified how dark patterns exist within data collection mechanisms. Default opt-ins to data tracking and requests to gather information that is not necessary for a system to operate — such as asking to track location data in a mobile app or requesting someone’s phone number — are intended to “coerce or manipulate individuals into consenting to the collection or disclosure of their personal information either at all or more than they would actually prefer to disclose,” she said.
“One area that I’m concerned with in general is that of online consent — and so, those existing mechanisms by which we ask for consent. I think they’re pretty much a complete failure at this point,” King said. For instance, she added, “One of the things we look at is whether the accept button is highlighted in advance; you can argue that’s a dark pattern.”
Companies within the digital ad industry seem to be incentivized to adopt dark patterns to protect their targeted advertising businesses against regulatory restrictions. Some publishers and ad tech execs have suggested the impact of CCPA-related opt-outs on ad revenues has been minimal in part because consent mechanisms make it easier for people to agree to data tracking enabling targeted ads that deliver higher ad revenues.
However, while data tracking has enabled ad targeting that allows advertisers to aim ads to audiences based on their interactions across the web and apps, King and other researchers are calling for the ad industry to completely revamp its approach to how it tells people about those practices and how it gets the OK from them to continue gathering data.
Instead of employing the current approach of translating legal contract language into a digital interface, she called for a shift to notice-and-consent mechanisms that incorporate “human-centered” approaches that more clearly communicate the terms of the transaction when a person is asked for their data.
“The present mechanism of hitting ‘I accept’ with no attempt to actually inform you in a user-friendly way of what you’re consenting to is potentially inherently manipulative, and I’d really like to see solutions that go further than just giving us kind of new looks on existing interfaces,” she said.
King added that Apple’s new requirement that app publishers directly ask people whether they want to be tracked across other apps alters this standard framework for notice-and-consent design in a positive way. “This is going to be a very interesting kind of live experiment to see how well this works,” she said of the Apple changes.
‘Work as a set of activities, not a place’: How companies reducing the office footprint are reallocating capital
As many firms shrink their space, they are reinvesting in their tech infrastructure, in particular services that facilitate hybrid work and wellness.
‘No one’s going in blind’: Brands are bringing gaming and esports in-house
Brands like AB InBev, Nike, Adidas, Puma, Red Bull, PepsiCo, Manchester City, KFC have set up — or are setting up — specialist teams or roles for esports and gaming.
‘Going viral is not a strategy’: How Hotwire is leveraging online video and TikTok to reach its younger audience
To get in front of its new Gen Z audience, Hotwire is turning toward online video, with an emphasis on TikTok.
SponsoredHow the ad industry can use its borrowed time to future-proof first-party data solutions
Trent Lloyd, co-founder and head of brand solutions, Eyeota Google’s updated timeline for its Privacy Sandbox rollout, including its two-year delay of third-party cookie deprecation on Chrome, didn’t come as a surprise to many industry observers, given the limited utility of Google’s FLoC and the slow momentum of the Privacy Sandbox in the World Wide […]
‘There has to be an authentic manner in which you approach our fans’: T1 CEO Joe Marsh on brand partnerships in gaming and esports
Digiday reached out to T1 CEO Joe Marsh to learn about the philosophy and strategy behind the organization’s brand partnerships.
Member ExclusiveMarketing Briefing: Ad execs and marketers say this Olympics has ‘lost its luster’
The typical global fervor for the Olympics is lacking this year, making it less of a marketing must than in years previous. More in this week's Digiday+ Marketing Briefing.