This week’s catchphrase is “deceptive design”. Originating from darkpatterns.org in 2010, we have all experienced it. A user interface that tells you to buy now, with only 3 left (clearly not verifiable), a website telling you that they will not hold your email but actually they do. LinkedIn got sued in 2015 for doing that, by the way. Websites that make it easy to subscribe but hard to cancel; Dark patterns website even have a hall of shame for these practices.
This week, the Norwegian Consumer Council and seven other European organisations have filed GDPR complaints, arguing that Google is guilty of deceptive design practices to acquire personal data. The group is challenging the goog’s legal basis for processing extensive personal data. The report argues “that consumers are deceived into being tracked when they use Google services. This happens through a variety of techniques, including withholding or hiding information, deceptive design practices, and bundling of services. We argue that these practices are unethical, and that they in our opinion are in breach of European data protection legislation because they fail to fulfill the conditions for lawful data processing.”
For some of us, deceptive design is unethical, illegal and needs to be policed. For others who have spent much time on consumer behaviours, the human person’s selective attention, distortion and retention to information makes the boundary between trickery and marketing rather subjective.
That said, GDPR is clearly opening up a whole new avenue for complaints and suits from organisations that feel the need to take collective action on behalf of their members or their citizens. GDPR activism - a new source of Robin Hood revenue?