On September 15, 2022, the Federal Trade Commission (FTC) released a report on dark patterns (the, “Report”) that identifies the types of misleading and manipulative interface practices that the agency believes can harm consumers. The Report comes on the heels of a dark patterns workshop that the FTC held in April of last year and a subsequent enforcement policy statement (released in October of 2021) warning companies against deploying illegal dark patterns that can mislead consumers into subscription services. The Report sheds light on what companies should be paying attention to with respect to dark patterns and offers key suggestions on how best to avoid the traps of dark patterns (which the FTC defines as a design practice that tricks or manipulates users into making choices they would not have otherwise made and that may cause them harm).
The FTC is not alone in its emphasis on dark patterns. The California Privacy Rights Act explicitly regulates dark patterns, and the draft regulations released by the California Privacy Protection Agency identify business practices that would constitute a dark pattern. The recently passed California Age Appropriate Design Code Act also regulates the use of dark patterns as they apply to online services likely to be accessed by children under the age of 18. Dark patterns are further regulated under the Colorado Privacy Act and the Connecticut Data Privacy Act (though there is less guidance on the issue under these two laws, at least as of now). All of this is to say that the emphasis on dark patterns is growing, and businesses looking to check all the boxes on privacy compliance also have to account for how their interfaces are potentially impacting users (or else risk a potential enforcement action).
Below are the select highlights from the Report and suggested best practices for companies to mitigate the use of dark patterns through design elements:
Dark Patterns that Hide or Delay Disclosure of Material Information. Dark patterns that hide or delay disclosure of material information make it difficult for users to cancel subscriptions, or similarly, to understand what the associated fees are. “Drip pricing,” is a term used when companies advertise only part of a product’s total price with the goal of luring in consumers. Drip pricing do not mention other mandatory charges until late in the buying process. Consumers can experience drip pricing as items marked as “convenience fees” and are included immediately prior to check out.
Companies should ensure that consumers who wish to cancel subscriptions can easily navigate to such cancellation screens through the user interface. Further, companies whose sales practices target a specific audience, such as children or teens, older adults, or native speakers of other languages, should take into consideration their target audience and how their claims and design choices will be perceived by these groups.
Design Elements that Lead to Unauthorized Charges. Design elements that lead to unauthorized charges is a dark pattern that involves misleading consumers into paying for goods or services that they did not want or intend to buy, whether the transaction involves single charges or recurring charges. This may result from key limitations of the product or service that are hidden in dense terms of service agreements that consumers don’t always see before a purchase is made. Another example of a dark pattern resulting in unauthorized charges is when a company offers a free trial period, and when the trial is over, the company follows with a recurring subscription charge in the event the consumer fails to cancel purchases.
Like the foregoing dark patterns examples, companies should note which the audience they are targeting making sure the usability is clear to that target audience. Companies should refrain from including key terms of a purchase in a general terms and conditions agreements or behind hyperlinks, pop-ups, or drop-down menus. Finally, trial products should not automatically convert to purchases after the termination of the trial period, without confirming with the consumer of the intent.
Design Elements that Obscure or Subvert Privacy Choices. Finally, design elements that obscure or subvert privacy choices are another form of dark patterns noted by the FTC. This design element can result in illusory choices that steer consumers into additional data sharing. An example of this is using default settings that maximize data collection or make data collection difficult to avoid. For example. phone numbers are often collected by default because consumers tend not to change them even though the application does not require a phone number in order to operate.
Companies should avoid default setting that maximize data collection and sharing, help navigate consumers to select settings they wish to avoid and make privacy choices easy to navigate to.
For additional guidance with respect to what companies should consider as they design the user interface and their products, the FTC included an Appendix to the Report, which identifies the dark pattern types and their corresponding descriptions, including deceptive endorsements, false indication of scarcity of products, urgency of purchasing, obstruction of price comparisons and cancellations, hiding of information, coerced actions such as nagging and more.