Canada: Insights from Canada's Privacy Commissioner on Deceptive Design Patterns

The Privacy Commissioner of Canada (OPC) examiners reviewed 145 websites and apps accessible in Canada across various sectors, including retail, social media, news, entertainment, and platforms targeting children. The OPC focused on deceptive design patterns or "dark patterns".

Deceptive Design patterns are techniques used on websites and mobile apps to manipulate users into making decisions that are not in their best interest. These patterns can hinder users from making informed choices about their personal information, leading them to sacrifice more privacy than they intended. These patterns can be employed individually or in combination, increasing their effectiveness in influencing users' privacy decisions.

Background

The Office of the Privacy Commissioner of Canada (OPC), in collaboration with the Global Privacy Enforcement Network (GPEN) and the International Consumer Protection and Enforcement Network (ICPEN), conducted a comprehensive survey on deceptive design patterns, or "dark patterns", in 2024. This initiative aimed to investigate how these patterns influence users' privacy decisions and compliance with privacy laws.

Key Findings on Deceptive Design Patterns (Dark Patterns)

The OPC sweep identified five primary deceptive design patterns that hinder user decision-making about privacy:

1. Complex and Confusing Language

   Privacy policies are often excessively long and use technical language, making them difficult for users to understand. This complexity can prevent users from comprehending what they are consenting to, leading to uninformed or accidental consent.

   For example, the privacy policy exceeding 3,000 words and written in legal or technical jargon that requires a university-level reading ability to comprehend. For instance, a website's privacy policy may include terms like "data controller" or "data processor" without clear definitions, leaving users confused about the roles and responsibilities of the parties handling their data.

   This makes users struggle to make informed decisions about their personal data due to the complexity of the language. This lack of clarity undermines the purpose of the privacy policy and can result in users unintentionally consenting to data practices they do not understand or agree with.

2. Interface Interference

   Interface interference a deceptive design pattern where design elements distract or confuse users, causing them to choose a less privacy-preserving option. These elements are often visually manipulated to make the less privacy-preserving option more appealing or easier to choose.

   • False Hierarchy: Use bright colors and prominent placement to highlight the "Accept All" button, while hiding the "Decline" option in a less visible area or using dark colors. For example, a cookie consent banner might have a large, colorful "Accept All" button, but hide the "Decline" button in small, light text at the bottom.

   • Preselection: The least privacy-friendly settings are set by default, such as enabling tracking cookies by default. If users want more privacy, they must manually deselect these options, but many may not realize this or be too lazy to do so.

   • Confirm-Shaming: Use emotional language to compel users to make certain choices, such as "It would be a shame to see you go!" to compel users to accept marketing emails.

   This makes users nudged into selecting less privacy-protective options without realizing it. This manipulation exploits user behaviour and design principles to favour the business's interests over the user's privacy preferences.

3. Nagging

   Nagging is a deceptive design pattern that repeatedly prompts users to take actions they would otherwise avoid. These repetitive requests are designed to weaken the user's resistance and make them comply, just to stop the interruption.

   For example, persistent requests to download an app or register an account. LinkedIn, for instance, may repeatedly prompt users to download its app for a better experience, even if the user has closed the prompt multiple times.

   This makes it possible for users to agree to the collection of unnecessary data in exchange for the nagging to stop. This constant pressure erodes trust and negatively impacts the user experience.

4. Obstruction

   Obstruction is a deceptive design pattern that introduces unnecessary steps to make it difficult for users to achieve their privacy-related goals. This tactic, often referred to as "click fatigue", can frustrate users and cause them to abandon their privacy preferences.

   For example, a user might need to navigate through multiple pages and fill out multiple forms to close their account. Ticketmaster’s account deletion process is a classic example of this strategy, which involves navigating to a help page and then finding the physical address to send a deletion request.

   This makes it possible for users to give up attempts to protect their privacy because of the hassle. The strategy exploits user frustration to maintain control over user data longer than the user expects.

5. Forced Action

   Forced manipulation is a deceptive design pattern that forces users to disclose personal information in order to access a service or complete an action. Users may be asked to provide more data than necessary, usually on the pretext that the data is required to fully use the service.

   For example, asking users to provide more information than is necessary to delete their account. Burger King, For instance, may ask for more personal information (such as address) when closing an account than was required to open an account.

   This makes it possible for users to be forced to share more personal data than they can afford, thereby weakening their control over their information. This practice may result in greater exposure of personal data and increase the risk of privacy breaches.

Use of Deceptive Design Patterns on Websites and Apps Aimed at Children

The OPC report also highlights the particular vulnerability of children to deceptive design patterns. Children may not fully understand the implications of data collection and may navigate websites and apps without parental supervision. The report emphasizes that websites and apps targeting children should avoid or minimize the collection of personal information and present privacy information in a child-friendly manner.

1. False Hierarchy: 56% of children’s websites and apps displayed a false hierarchy by making the option to sign up for the service more prominent than the option to continue without an account.

2. Confirm-Shaming: 54% of children’s websites and apps used emotionally charged language to dissuade users from deleting their accounts.

3. Nagging: 45% of interactions on children’s websites and apps involved repeated prompts or requests, three times more than on other websites and apps.

About UniConsent

UniConsent is a part of Transfon's privacy-first User Experience Platform that serves tens of millions of users per day to provide a seamless privacy experience for both users and publishers in the age of post GDPR. Contact us to know more: hello@uniconsent.com