Dark Patterns and the Legal Requirements of Consent Banners: An Interaction Criticism Perspective

  title={Dark Patterns and the Legal Requirements of Consent Banners: An Interaction Criticism Perspective},
  author={Colin M. Gray and Cristiana Santos and Nataliia Bielova and Michal T{\'o}th and D. Clifford},
  journal={Proceedings of the 2021 CHI Conference on Human Factors in Computing Systems},
User engagement with data privacy and security through consent banners has become a ubiquitous part of interacting with internet services. While previous work has addressed consent banners from either interaction design, legal, and ethics-focused perspectives, little research addresses the connections among multiple disciplinary approaches, including tensions and opportunities that transcend disciplinary boundaries. In this paper, we draw together perspectives and commentary from HCI, design… Expand

Figures and Tables from this paper

Consent Management Platforms under the GDPR: processors and/or controllers?
It is concluded that CMPs process personal data, and two major CMP providers in the EU: Quantcast and OneTrust are paired with a legal analysis, and multiple scenarios wherein C MPs are controllers are identified. Expand
Current Requirements and Implementations in the field of Web Tracking in the pre-age of E-Privacy Regulation
This research aims to develop legal and functional-technical requirements to meet the current challenges in the field of web-tracking and implemented a web scraper in order to analyze the top 100 e-commerce websites in Germany. Expand
In-depth technical and legal analysis of Web tracking on health related websites with Ernie extension
Searching for doctors online has become an increasingly common practice amongWeb users. However, when health websites owned by doctors and hospitals integrate third-party trackers, they expose theirExpand
The Right to Customization: Conceptualizing the Right to Repair for Informational Privacy
This article proposes two technologically-oriented approaches, termed ‘variants’ and ‘alternatives’ that could enable the technical implementation of a right to customization, and posit that these approaches cannot be demanded without limitation, and that restrictions will depend on how reasonable a customization demand is. Expand
What Can CHI Do About Dark Patterns?
This workshop is to bring together a transdisciplinary group of design practitioners and researchers to discuss dark patterns across domains and look beyond the design community and consider what changes designers might advocate for via interactions with e.g., consumers, media, and policymakers. Expand
End User Accounts of Dark Patterns as Felt Manipulation
A card sorting method is used to support thematic analysis of responses from each cultural context, identifying both qualitatively-supported insights to describe end users' felt experiences of manipulative products, and a continuum of manipulation. Expand


Evil by Design: Interaction Design to Lead Us into Temptation
Learn how companies make us feel good about doing what they want. Approaching persuasive design from the dark side, this book melds psychology, marketing, and design concepts to show why we'reExpand
Dark and bright patterns in cookie consent requests
Dark patterns are (evil) design nudges that steer people’s behaviour through persuasive interface design. Increasingly found in cookie consent requests, they possibly undermine principles of EUExpand
Dark Patterns at Scale: Findings from a Crawl of 11K Shopping Websites
  • Proceedings of the ACM on Human-Computer Interaction
  • 2019
Interaction criticism: An introduction to the practice
A synthesis of practices of criticism derived from analytic philosophy of aesthetics and critical theory is offered, including the introduction of five core claims from this literature and the outline of four perspectives that constitute a big-picture view of interaction criticism. Expand
Circumvention by design - dark patterns in cookie consent for online news outlets
The analysis uncovered a variety of strategies or dark patterns that circumvent the intent of GDPR by design in data collection consent notices from news outlets built to ensure compliance with GDPR. Expand
Dark Patterns after the GDPR: Scraping Consent Pop-ups and Demonstrating their Influence
This study provides an empirical basis for the necessary regulatory action to enforce the GDPR, in particular the possibility of focusing on the centralised, third-party CMP services as an effective way to increase compliance. Expand
Do Cookie Banners Respect my Choice? : Measuring Legal Compliance of Banners from IAB Europe’s Transparency and Consent Framework
This work analyzes the GDPR and the ePrivacy Directive to identify potential legal violations in implementations of cookie banners based on the storage of consent and detects such suspected violations by crawling 1 426 websites that contains TCF banners. Expand
A Human-Centric Perspective on Digital Consenting: The Case of GAFAM
A basic human-centric framework regarding digital consent is developed and it is suggested that the approach might even raise doubts regarding the lawfulness of the acquired consent–particularly considering the basic requirements of lawful consent within the legal framework of the GDPR. Expand
Brands Aren't Social Distancing From Social Media, They're Boycotting!
  • 2020
Brands Aren’t Social Distancing From Social Media, They’re Boycotting! https://www.forbes.com/sites/petersuciu/2020/07/01/ brands-arent-social-distancing-from-social-media-theyre-boycotting
  • 2020