Dark Patterns - Opt-Out / Opt-In

Hanlon's Razor states, "Never attribute to malice that which is adequately explained by stupidity."

It would be nice to think that all mistakes and errors we encounter are just the result of bone-headedness. Sadly, that's not the case. Quite often malicious people deliberately try to trick you into taking actions you would normally have ignored.

In usability, we call this a "Dark Pattern".

A Dark Pattern is a type of user interface that appears to have been carefully crafted to trick users into doing things, such as buying insurance with their purchase or signing up for recurring bills.

I came across a classic example of this when I signed up to speak at a conference recently:

Name redacted to protect the guilty.

Name redacted to protect the guilty.

The tick-boxes perform the opposite action to each other. One says "tick for no email" the other says "tick to receive email".

A casual reader is likely to see that the first box is "opt-out" and then naively assume that the second tick box performs the same action.

Recently, the department store John Lewis had to pay damages after they spammed a customer.

In their defence, they said:

“Mr Mansfield voluntarily gave us his email address, set up an account online and chose not to opt-out of marketing communications when that option was available to him.

(Emphasis added).

It is not enough to simply ask the customer to opt-out. Companies need to ensure that they only market to people who have actively chosen to opt-in.

In the EU, companies are governed by Article 13 of the Directive on Privacy and Electronic Communication, which states that companies...

...may use these electronic contact details for direct marketing of its own similar products or services provided that customers clearly and distinctly are given the opportunity to object, free of charge and in an easy manner, to such use of electronic contact details at the time of their collection and on the occasion of each message in case the customer has not initially refused such use.

(Emphasis added)

The UK interpretation of the law - The Privacy and Electronic Communications (EC Directive) Regulations 2003, section 22 - states that email marketing may only be sent when...

...the recipient has been given a simple means of refusing (free of charge except for the costs of the transmission of the refusal) the use of his contact details for the purposes of such direct marketing

(Emphasis added)

Looking at the above screenshot, I think it could certainly be argued that there wasn't a "simple" way to refuse to be contacted. It's not "easy" to quickly understand that the same action (ticking a box) can have radically different consequences.

Companies need to ensure that they're only pushing marketing to those people who have clearly stated that they want to receive it. Dark Patterns like this aren't just unethical - they're potentially illegal.

Leave a Reply

Your email address will not be published.

%d bloggers like this: