We are trying a different format for our blog post this week. We decided to interview Clo S. and our very own Carlo Cilento on deceptive design, how to spot it in the wild, and what its future looks like.
Clo S. is the founder of This Too Shall Grow and a certified digital wellbeing coach; she helps people build better relationships with their devices. Her background in tech gives her an astute understanding of how digital platforms' mechanisms can be detrimental to our attention and mental health. Through her articles and newsletter, readers learn how to foster digital habits that actually serve them, and designers know how to create mindful products that protect people's mental health and well-being.
Carlo Cilento is a member of the Simple Analytics team and a privacy enthusiast with a legal background. He is active on the Simple Analytics blog, covering privacy news and data protection law topics. Along with the team, he tries to make the legal side of privacy accessible to a broad public by providing accurate, in-depth, and jargon-free content.
Let's hear what they have to say about the concept of deceptive design.
- What is deceptive design?
- What are common deceptive design patterns?
- How can you spot deceptive design patterns?
- Do you think it will be more commonplace in the future?
- How can you ensure you don't use deceptive design patterns yourself?
What is deceptive design?
Clo S.: I would call "deceptive" any design where, if the user better understood how it worked, they'd behave differently. So if it relies on a misunderstanding for the user to go ahead, then it's deceptive. Deceptive design can take many forms, though. It can be a confusing design pattern, misleading copywriting, or even copying a well-known mechanism and changing it for something different, but counting on the fact that the user will expect what they are used to.
For instance, say you sign up for a new online subscription with a one-week free trial. You enter your credit card information, knowing that if you haven't canceled in 7 days, you will be charged on a monthly basis. After 6 days, you decide to cancel and to do so; you head to your account's settings, which is where you expect to find a "cancel" button. If there is no such button and you have to send an email yourself to the customer service person, I think this is a bit deceptive. When it comes to online subscriptions, especially new services built in the 2020s, if you can sign up automatically, you should also be able to cancel automatically.
Carlo Cilento: I think of deceptive design as manipulating the user's consent through interface design. I feel it comes in shades of grey: all interfaces steer a user's interaction with a system, but deceptive interfaces are dishonest in doing so. It's hard to pin down, but I know it when I see it.
The example above is a good instance of deceptive design. I fully agree with your point about online subscriptions. Unsubscribing could and should be as easy as subscribing, but of course, websites have all the interest in making unsubscribing as burdensome and annoying as possible. And it often works: you have a busy day, put the burdensome task aside, and then forget about it. We have a limited amount of attention, and deceptive design takes advantage of it.
What are common deceptive design patterns?
Clo S.: I think fabricated scarcity and fabricated urgency are quite frequent. These are the messages telling you that there are only 2 items left in stock - when there's more - or that a special offer expires soon - when it doesn't. The goal is to pressure you into purchasing or committing to something through artificial limits of quantity or time.
Another deceptive design pattern is when checkboxes to sign up for a service, a newsletter, or anything else are ticked by default, and you have to uncheck them if you don't want to subscribe. This is actually unlawful according to GDPR, as consent must be explicitly given. Even more pernicious and annoying is when the site requires you to tick the checkbox if you don't want to receive their newsletter. This is peak deceptive design.
Carlo Cilento: Yup, pre-ticked checkboxes, and opt-out systems cannot collect consent under the GDPR, but companies still use them. Even big ones- Google is currently under investigation in France for doing this with an Android tracker.
Another widespread trick is presenting users with an unclear alternative. I often see cookie banners offering "accept" and "customize" as their options instead of just presenting the user with the option to refuse. Then you click "customize" and need to manually un-tick advertising and analytics cookies. Imagine doing this for every website! Good thing we have adblockers and some privacy-focused browsers blocking cookies for us.
How can you spot deceptive design patterns?
Clo S.: A lot of them are pretty standard. If you've seen them once, they're easy to spot. The site deceptive.design lists different types of deceptive patterns such as sneaking an item into your basket, "confirmshaming" (guilting you into subscribing or staying subscribed to something), and more. It even has a very well-documented hall of shame of deceptive design which goes pretty far back in time, until the 1938 voting ballot of Nazi Germany to annex Austria, where the circle to check "Yes" is bigger than the one for "No." Pre-Internet deceptive design, pretty wild, right? To spot deceptive design patterns, I would keep in mind the following:
- Is the site trying to persuade or pressure you to do something? That could be making a financial transaction but also giving away some of your data, signing up for a free account, or sharing your contacts' information with them, via the now typical "Invite your friends!".
- Is there a lack of clarity or transparency in how the website or its business model work?
- Is an action hidden or made difficult to complete, e.g., deleting your account, downgrading your paying plan, etc.?
- What motivates a specific design decision?
These questions are not a cookie-cutter bulletproof way to spot deceptive design, but they're pretty useful.
Carlo Cilento: I really like the third question. Sometimes I feel like I need to push against the interface to accomplish what I want to do. Of course, that can also happen with a poorly designed interface. But I always get a distinct, uneasy feeling when the interface gets in the way on purpose. Probably because it always happens when I'm trying to do something the website doesn't want me to. If I'm subscribing or handing over data, the experience just flows smoothly, which is suspicious.
Do you think it will be more commonplace in the future?
Clo S.: This is hard to tell. There is some policy against deceptive design, but it's still very sparse. The European Parliament recently adopted the following text in article 23a.1 of the Digital Services Act:
Providers of online platforms shall not design, organise or operate their online interfaces in a way that deceives, manipulates or otherwise materially distorts or impairs the ability of recipients of their service to make free and informed decisions.
In the US, the Federal Trade Commission is investigating potential deceptive patterns on the Amazon Prime platform. The design used on Prime is alleged to have misled users into signing up for a paying subscription. I hope this type of investigation towards big tech will deter other companies from resorting to deceptive patterns.
Carlo Cilento: Users are increasingly aware of deceptive patterns, but it still makes companies a lot of money, and I don't think they will stop until someone makes them. Some people are trying to: for example, NGO noyb filed many complaints about deceptive cookie banners, and the European Consumer Organization just started a legal battle against Google for incorporating deceptive design during Google Account signup (their report contains some nice examples of deceptive design, by the way). If all goes well, these legal actions may set some important precedents.
How can you ensure you don't use deceptive design patterns yourself?
Clo S.: This 2021 analysis conducted by three researchers at Princeton University looks into what exactly qualifies deceptive design as "deceptive." Some of the effects mentioned there rely on mechanisms that "subvert user intent," "confuse users," "manipulate users," and "undermine user autonomy." This paper also features a lengthy and exhaustive classification of deceptive patterns, such as obfuscation, nagging, and camouflage advertising. This list is good to keep in mind to avoid using deceptive design yourself.
Additionally, user research can help you spot misunderstandings. You could uncover something unexpected by conducting user tests and interviews on your own product. It's an excellent way to discover what people really understand about your product. It's an opportunity to find out if anything is unclear, frustrating, or pressuring and if you are in any way benefiting from a lack of understanding on your users' part.
Carlo Cilento: I believe being observant and not copying what others are doing is a good start. It's easy to be influenced by all the UIs you see around and use yourself daily. Still, when those UIs incorporate dark patterns, you might develop something deceptive in your work without even noticing. Searching for examples of deceptive designs can help you be critical of what you see and careful about design choices. And, of course, user feedback also helps with avoiding those pitfalls. Not being evil also helps, but that's a given.
You can find Carlo's work on the Simple Analytics blog.