These manipulative tricks are pop-ups claiming you won a prize, fake countdown times for special offers, and automatic billing after a free trial. They also degrade the user experience. Dark patterns are cruel tricks that trick users into doing certain things. There is widespread agreement to stop them.
To avoid confusing consumers and to limit the use of intuitive interface design, it is essential to define what a dark pattern is. There are four principles that the EU should follow when addressing shady practices within consumer protection. These can be used in either the review of the Omnibus Directive or the existing EU framework.
Clearly define dark patterns.
All seem to agree that manipulation, psychological tricks, and deceit are deceptive design practices that should not be allowed. The question that we must ask when defining dark patterns is, where do we draw the line between what is legitimate and what is not as a user interface design?
Dark patterns are manipulative design choices that substantially distort the behavior of average users. Bans should not be targeted at practices designed in good faith with the intent to undermine consumers. They also shouldn’t target practices that are justifiable in certain circumstances. For example, location access requests that allow users to modify their preferences or alert tools to improve safety and privacy can be considered.
Therefore, policymakers must ensure that only shady practices are covered by the measures they take. They should also aim to tackle the issue across the Internet. An inherently vague idea without a legal basis would only lead to confusion and uncertainty. Intense research should support any examples of dark patterns used as guidance.
Support innovation in product design
Unintentionally, a vague definition could limit platforms’ functionality, security, and utility. Prescriptive, one-size-fits-all rules could hinder technological progress and negatively impact the user experience for millions of Europeans. Both consumers and businesses need to be able to differentiate products and provide a positive user experience. Policymakers must recognize that services may need multiple visual identities and brands to be easily identifiable and accessible to customers.
Encourage users to reconsider their choices.
Interfaces that remind users about their past choices are legitimate and well-intentioned. These choices can differ depending on context and time, reflecting other uses and intentions. When there is clear interest or demand, users should be able to re-evaluate their choices. Users may occasionally be asked to review their privacy settings per European data protection authorities’ advice.
Harmonize the EU framework rather than create conflicting regulations.
Even though this is a concept still to be defined by EU law, the European Commission (and data protection regulators) are expected to issue at least three separate guidelines on the dark pattern within the next two years. These include the European Commission guidelines for consumer protection rules, the new comprehensive guidelines from the European Data Protection Board on the General Data Protection Regulation (EDPB), and the upcoming Commission guidelines regarding the Digital Services Act.
These guidelines could conflict with each other or, worse, even negate important policy goals if they don’t attempt to bridge the gap between relevant policy considerations. The draft EDPB guidelines suggest that two-factor authentication be prohibited for protecting consumers’ online accounts. However, this is the ‘gold standard” under the EU’s consumer protection framework.
The risk of contradiction and overlap increases when Europe’s digital regulatory web is expanding. However, all policy considerations must be examined and addressed in concert.
Any initiative to tackle dark patterns must clearly define their nature, encourage innovation in product design, allow users to reconsider their choices, and harmonize the EU framework rather than introducing conflicting rules.
