Privacy & Information Security Law Blog

On September 15, 2022, the Federal Trade Commission released a report analyzing “dark patterns,” or “design practices that trick or manipulate users into making choices they would not otherwise have made and that may cause harm.” The report, titled “Bringing Dark Patterns to Light,” highlights dark patterns used across industries and different contexts, such as e-commerce, cookie consent banners, children’s apps and subscription sales. The report identifies four common types of dark patterns and provides examples of each:

• Design Elements that Induce False Beliefs: Examples include (1) false claims of scarcity and countdown timers designed to trick consumers into believing they have a limited amount of time to make their purchase; (2) pay-for-play comparison shopping sites that falsely claim to be neutral; and (3) advertisements designed to look like independent editorial content. The report references a prior FTC case involving unsolicited emails sent by operators of a work-from-home scheme that included “from” lines falsely claiming to be news organizations like CNN or Fox News, while in reality, the emails included links that sent consumers to additional fake online news stories, and then eventually routed consumers to sales websites that pitched the company’s work-from-home schemes.
• Design Elements that Hide or Delay Disclosure of Material Information: Examples include burying terms such as (1) mandatory charges not included in the advertised price or only mentioned late in the buying process and (2) key limitations of products or services. In the FTC’s case against LendingClub, an online lender, the FTC alleged that the company falsely promised no hidden fees for its loans but then hid mention of fees behind tooltip buttons and in between more prominent text.
• Design Elements that Lead to Unauthorized Charges: This type of dark pattern involves companies deceiving consumers into paying for goods or services without consent, such as with recurring payments that are not clearly disclosed or subscriptions that are very difficult to cancel. The report highlights the FTC case against an online learning site that, despite promising easy cancellation, forced users to “navigate a difficult-to-find, lengthy, and confusing cancellation path on the [company’s] website” and to “click through several pages of promotions and links that, when clicked, directed consumers away from the cancellation path without warning.”
• Design Elements that Obscure or Subvert Privacy Choices: These dark patterns obscure consumers’ privacy choices and what those choices mean via user interfaces that: “(1) do not allow consumers to definitively reject data collection or use; (2) repeatedly prompt consumers to select settings they wish to avoid; (3) present confusing toggle settings leading consumers to make unintended privacy choices; (4) purposely obscure consumers’ privacy choices and make them difficult to access; (5) highlight a choice that results in more information collection, while greying out the option that enables consumers to limit such practices; and (6) include default settings that maximize data collection and sharing.”