What Privacy Professionals Need to Know About Dark Patterns Regulation
Dark patterns regulation has emerged as a focus in both the US and EU over the past years. Consider these regulatory activities from around the globe:
- In 2021, the US Federal Trade Commission issued a dark patterns enforcement policy. More recently, it began the process of seeking public input to modernize its disclosure guidance to address the ubiquitous use of dark patterns, noting that this is just one of a number of initiatives geared toward tackling dark patterns and digital deception.
- The California Privacy Protection Authority released its draft regulations in May 2022, which (if enacted) would mean any agreement obtained using dark patterns shall not constitute valid consent.
- The European Data Protection Board (EDPB) released its guidelines on dark patterns in social media platform interfaces.
Read on to discover what Australian privacy professionals can take away from these global regulatory changes:
EDPB Guidance About Dark Patterns
While the EDPB’s guidance is for social media platforms operating in Europe, the guidelines offer plenty of guidance Australian organisations could implement as best practices – particularly when it comes to avoiding common dark patterns.
The EDPB has categorised dark patterns and provided examples of each type, as follows:
Dark Pattern Category |
Dark Pattern Examples |
Overloading |
|
Skipping |
|
Stirring |
|
Hindering |
|
Fickle |
|
Left in the Dark |
|
Australian organisations could adopt these categories and implement policies that require designers to avoid them as a best practice.
Dark Patterns Regulation in California
California’s draft regulations require that consents meet certain requirements to be considered a valid consent. The regulations go on to outline 5 requirements, alongside examples of poor practices.
Requirement |
Examples of Dark Patterns/Poor Practices to Avoid |
Easy to understand | |
Symmetry in choice |
|
Avoiding confusing language or design elements |
|
Avoid manipulative language or choice architecture |
|
Easy to execute |
|
Again, Australian organisations could take cues from these draft regulations and implement policies that instruct designers to not use these tactics in their designs.
Avoid Dark Patterns with Privacy 108
Ensuring dark patterns aren’t included in the design of new products and applications is part of your Privacy by Design approach. If you’re interested in better organisational privacy by implementing PbD, reach out.