There are still too many obstacles that users of websites and apps face when they have to manage cookies or delete their accounts. Privacy policies, on the other hand, are easy to read and easily accessible. This is what emerges from the analysis of the Guarantor for the protection of personal data in the context of the Privacy Sweep, the fact-finding survey of the international network of GPEN (Global privacy enforcement network), dedicated this year to the so-called deceptive design models (dark patterns).
Dark patterns are interfaces and paths that, in relation to the processing of personal data, try to influence users towards unaware, unwanted and potentially harmful choices, often contrary to their interests, but favorable to those of the platforms.
Between January 29 and February 2, 26 data protection authorities of the GPEN have sifted through 899 websites and 111 apps, and in 97% of cases they have identified the presence of at least one type of deceptive design. Among the indicators taken into consideration: the use of complex and confusing language in the information, the insertion of additional and unnecessary steps, the introduction of design elements to influence the perception of privacy options, the request for excessive personal information to access a service.
The attention of the Italian Privacy Guarantor focused on 50 websites of so-called “comparators” of services and products and concerned the cookie banners and the methods of deleting user accounts.
In more than 60% of cases the banners showed with greater emphasis the option less favorable for the privacy of users, in almost 40% of cases to refuse this option the user was forced to a greater number of steps; in a smaller number of cases (about 30%) no other option was presented than that of accepting all cookies.
From the sites examined, even the cancellation of a user account often presented bumpy paths due to the absence of a specific cancellation function, the excessive number of clicks to reach it, the request for excessive personal information and the use of language aimed at dissuading the user.
The analysis also shows how important it is for users to have easy access to the privacy policy and, instead, how, too often, an automated index of the topics is missing, which would further facilitate the usability of the information.
https://www.garanteprivacy.it/home/docweb/-/docweb-display/docweb/10053275