Dark Patterns: esempi, guida e check-up secondo le linee guida EDPB
Checkup e rimozione
di cookies e traccianti:
per titolari, DPO, CISO,
gestori e installatori di siti e app.
vai
I Dark Patterns invalidano le informative legali
Installare un template, utilizzare un framework css: cosa c'è di piu' semplice ? Tuttaiva il DSA, digital service act, espressamente vieta l'uso dei dark patterns.I dark patterns producono l'effetto di confondere i visitatori:
- contenuti
- interfacce
Principali categorie 13 found in 116 :
Tutti / Hindering: Data protection controls relation Explaining Consequences Data protection directory Change spotting and comparison Cross Conflicting Information Use of examples Providing definitions Coherent wordings Explaining consequences Notifications Shortcuts Back to top Sticky navigation Left in the dark Fickle Left in the Dark Pag 22 Skipping Stirring Hindering Overloading best practices
Tutti / Hindering: Data protection controls relation Explaining Consequences Data protection directory Change spotting and comparison Cross Conflicting Information Use of examples Providing definitions Coherent wordings Explaining consequences Notifications Shortcuts Back to top Sticky navigation Left in the dark Fickle Left in the Dark Pag 22 Skipping Stirring Hindering Overloading best practices
Hindering - Misleading information (Annex checklist 4.4.3)
next
Example 3: When registering to a social media platform via desktop browser, users are invited to also use the platform’s mobile Application. During what looks like another step in the sign-up process, users are invited to discover the app. When they click on the icon, expecting to be referred to an Application store, they are asked instead to provide their number to receive a text message with the link to the App.
next
Example 3: When registering to a social media platform via desktop browser, users are invited to also use the platform’s mobile Application. During what looks like another step in the sign-up process, users are invited to discover the app. When they click on the icon, expecting to be referred to an Application store, they are asked instead to provide their number to receive a text message with the link to the App.
Hindering - Longer than necessary (Annex checklist 4.4.2)
next
Example 7: During the sign-up process, users who click on the “skip” buttons to avoid entering certain kind of data are shown a pop-up window asking “Are you sure?” By questioning their decision and therefore making them doubt it, social media provider incites users to review it and disclose these kinds of data, such as their gender, contact list or picture. In contrast, users who choose to directly enter the data do not see any message asking to reconsider their choice.
next
Example 7: During the sign-up process, users who click on the “skip” buttons to avoid entering certain kind of data are shown a pop-up window asking “Are you sure?” By questioning their decision and therefore making them doubt it, social media provider incites users to review it and disclose these kinds of data, such as their gender, contact list or picture. In contrast, users who choose to directly enter the data do not see any message asking to reconsider their choice.
Hindering - Dead end (Annex checklist 4.4.1)
next
Example 10: Users are not provided with any links to data protection information once they have started the sign-up process. Users cannot find this information as none is provided anywhere in the sign-up interface, not even in the footer.
next
Example 10: Users are not provided with any links to data protection information once they have started the sign-up process. Users cannot find this information as none is provided anywhere in the sign-up interface, not even in the footer.
Hindering - Dead end (Annex checklist 4.4.1)
next
Example 11: During the sign-up process, users can consent to the processing of their personal data for advertising purposes and they are informed that they can change their choice whenever they want once registered on the social media by going to the privacy policy. However, once users have completed the registration process and they go to the privacy policy, they find no means or clues on how to withdraw their consent for this processing.
next
Example 11: During the sign-up process, users can consent to the processing of their personal data for advertising purposes and they are informed that they can change their choice whenever they want once registered on the social media by going to the privacy policy. However, once users have completed the registration process and they go to the privacy policy, they find no means or clues on how to withdraw their consent for this processing.
Hindering - Dead end (Annex checklist 4.4.1)
next
Example 18: In its privacy policy, a social media provider offers many hyperlinks to pages with further information on specific topics. However, there are several parts in the privacy policy containing only general statements that it is possible to access more information, without saying where or how.
next
Example 18: In its privacy policy, a social media provider offers many hyperlinks to pages with further information on specific topics. However, there are several parts in the privacy policy containing only general statements that it is possible to access more information, without saying where or how.
Hindering - Misleading information (Annex checklist 4.4.3)
next
Example 28: Users browse their social media feed. While doing so, they are shown advertisements. Intrigued by one ad and curious about the reasons it is shown to them, they click on a “?” sign available on the right bottom corner of the ad. It opens a pop-in window that explains why users see this particular ad and lists the targeting criteria. It also informs users that they can withdraw their consent to targeted advertisement and provides a link to do so. When users click on this link, they are redirected to an entirely different website giving general explanations on what consent is and how to manage it.
next
Example 28: Users browse their social media feed. While doing so, they are shown advertisements. Intrigued by one ad and curious about the reasons it is shown to them, they click on a “?” sign available on the right bottom corner of the ad. It opens a pop-in window that explains why users see this particular ad and lists the targeting criteria. It also informs users that they can withdraw their consent to targeted advertisement and provides a link to do so. When users click on this link, they are redirected to an entirely different website giving general explanations on what consent is and how to manage it.
Hindering - Dead end (Annex checklist 4.4.1)
next
Example 30: Users want to manage the permissions given to the social media platform based on consent. They have to find a page in the settings related to those specific actions and wish to disable the sharing of their personal data for research purposes. When users click on the box to untick it, nothing happens at the interface level and they get the impression that the consent cannot be withdrawn.
next
Example 30: Users want to manage the permissions given to the social media platform based on consent. They have to find a page in the settings related to those specific actions and wish to disable the sharing of their personal data for research purposes. When users click on the box to untick it, nothing happens at the interface level and they get the impression that the consent cannot be withdrawn.
Hindering - Dead end (Annex checklist 4.4.1)
next
Example 31: A social media provider works with third parties for the processing of its users’ personal data. In its privacy policy, it provides the list of those third parties without providing a link to each of their privacy policies, merely telling users to visit the third parties websites in order to get information on how these entities process data and to exercise their rights.
next
Example 31: A social media provider works with third parties for the processing of its users’ personal data. In its privacy policy, it provides the list of those third parties without providing a link to each of their privacy policies, merely telling users to visit the third parties websites in order to get information on how these entities process data and to exercise their rights.
Hindering - Longer than necessary (Annex checklist 4.4.2)
next
Example 32: A social media provider does not provide a direct opt-out from a targeted advertisement processing even though the consent (opt-in) only requires one click.
next
Example 32: A social media provider does not provide a direct opt-out from a targeted advertisement processing even though the consent (opt-in) only requires one click.
Hindering - Dead end (Annex checklist 4.4.1)
next
Example 43: Users click on “exercise my right of access” in the privacy notice, but are redirected to their profile instead, which does not provide any features related to exercising the right.
next
Example 43: Users click on “exercise my right of access” in the privacy notice, but are redirected to their profile instead, which does not provide any features related to exercising the right.
Hindering - Longer than necessary (Annex checklist 4.4.2)
next
Example 50: When users choose to delete the name and place of their high school or the reference to an event they attended and shared, a second window pops up asking to confirm that choice (“Do you really want to do so? Why do you want to do this?”).
next
Example 50: When users choose to delete the name and place of their high school or the reference to an event they attended and shared, a second window pops up asking to confirm that choice (“Do you really want to do so? Why do you want to do this?”).
Hindering - Longer than necessary (Annex checklist 4.4.2)
next
Example 57: In this example, users first see a confirmation box to erase their account after having clicked on the corresponding link or button in their account. Even though there is some Emotional Steering in this box, this step can be seen as a security measure in order for users not to delete their account following a mis-click in their account. However, when users Adopted - version for public consultation 58 click on the “Delete my account” button, they are confronted with a second box asking them to textually describe the reason they want to leave the account. As long as they have not entered something in the box, they cannot delete their account as the button associated with the action is inactive and greyed out. This practice makes the erasure of an account Longer than Necessary, especially as asking users to produce a text describing why they want to leave an account requires extra effort and time and should not be mandatory to delete one’s account.
next
Example 57: In this example, users first see a confirmation box to erase their account after having clicked on the corresponding link or button in their account. Even though there is some Emotional Steering in this box, this step can be seen as a security measure in order for users not to delete their account following a mis-click in their account. However, when users Adopted - version for public consultation 58 click on the “Delete my account” button, they are confronted with a second box asking them to textually describe the reason they want to leave the account. As long as they have not entered something in the box, they cannot delete their account as the button associated with the action is inactive and greyed out. This practice makes the erasure of an account Longer than Necessary, especially as asking users to produce a text describing why they want to leave an account requires extra effort and time and should not be mandatory to delete one’s account.
Hindering - Longer than necessary (Annex checklist 4.4.2)
next
Example 58: The social media provider makes it mandatory for users to answer a question about their reasons for wishing to erase their account, through a selection of answers from a drop-down menu. It appears to users that answering this question (apparently) enables them to achieve the action they want, i.e. to delete the account. Once an answer is selected, a pop-up window appears, showing users a way of solving the issue stated in their answer. The question-answer process therefore slows down users in their account erasure process.
next
Example 58: The social media provider makes it mandatory for users to answer a question about their reasons for wishing to erase their account, through a selection of answers from a drop-down menu. It appears to users that answering this question (apparently) enables them to achieve the action they want, i.e. to delete the account. Once an answer is selected, a pop-up window appears, showing users a way of solving the issue stated in their answer. The question-answer process therefore slows down users in their account erasure process.
Chi siamo
Un team affiatato di consulenti legali, privacy, informatici e marketing che parlano chiaro. Come te.
Lorenzo Iazzetti
ImprenditoreMarketing
Marketing
Vendite.
Giulia Nepi
avvocato civilistaPrivacy
Avvocato civilista
Consulente privacy.
Valentino Spataro
Privacy consultantWordPress dev
Consulente privacy
Sviluppo WordPress e app.
Assistenza
Indicare il link al sito/app e Lasciare i recapiti per essere ricontattati.
Preventivi gratuiti a partire da 249€+iva (salvo no profit)
Informazioni
IusOnDemand srl
viale dei Mille 4
20129 Milano, Italia
20129 Milano, Italia
+39 (Phone) 02 4548 9591
(Telegram) @iusondemand
info@CookieKIT.itRimozione