Aarhus University Seal / Aarhus Universitets segl

Dark Patterns after the GDPR: Scraping Consent Pop-ups and Demonstrating their Influence

Publikation: Bidrag til bog/antologi/rapport/proceedingKonferencebidrag i proceedingsForskningpeer review

Standard

Dark Patterns after the GDPR : Scraping Consent Pop-ups and Demonstrating their Influence. / Nouwens, Midas; Liccardi, Ilaria; Veale, Michael; Karger, David; Kagal, Lalana.

CHI 2020 - Proceedings of the 2020 CHI Conference on Human Factors in Computing Systems. New York : Association for Computing Machinery, 2020. 3376321.

Publikation: Bidrag til bog/antologi/rapport/proceedingKonferencebidrag i proceedingsForskningpeer review

Harvard

Nouwens, M, Liccardi, I, Veale, M, Karger, D & Kagal, L 2020, Dark Patterns after the GDPR: Scraping Consent Pop-ups and Demonstrating their Influence. i CHI 2020 - Proceedings of the 2020 CHI Conference on Human Factors in Computing Systems., 3376321, Association for Computing Machinery, New York, 2020 ACM CHI Conference on Human Factors in Computing Systems, CHI 2020, Honolulu, USA, 25/04/2020. https://doi.org/10.1145/3313831.3376321

APA

Nouwens, M., Liccardi, I., Veale, M., Karger, D., & Kagal, L. (2020). Dark Patterns after the GDPR: Scraping Consent Pop-ups and Demonstrating their Influence. I CHI 2020 - Proceedings of the 2020 CHI Conference on Human Factors in Computing Systems [3376321] Association for Computing Machinery. https://doi.org/10.1145/3313831.3376321

CBE

Nouwens M, Liccardi I, Veale M, Karger D, Kagal L. 2020. Dark Patterns after the GDPR: Scraping Consent Pop-ups and Demonstrating their Influence. I CHI 2020 - Proceedings of the 2020 CHI Conference on Human Factors in Computing Systems. New York: Association for Computing Machinery. Article 3376321. https://doi.org/10.1145/3313831.3376321

MLA

Nouwens, Midas o.a.. "Dark Patterns after the GDPR: Scraping Consent Pop-ups and Demonstrating their Influence". CHI 2020 - Proceedings of the 2020 CHI Conference on Human Factors in Computing Systems. New York: Association for Computing Machinery. 2020. https://doi.org/10.1145/3313831.3376321

Vancouver

Nouwens M, Liccardi I, Veale M, Karger D, Kagal L. Dark Patterns after the GDPR: Scraping Consent Pop-ups and Demonstrating their Influence. I CHI 2020 - Proceedings of the 2020 CHI Conference on Human Factors in Computing Systems. New York: Association for Computing Machinery. 2020. 3376321 https://doi.org/10.1145/3313831.3376321

Author

Nouwens, Midas ; Liccardi, Ilaria ; Veale, Michael ; Karger, David ; Kagal, Lalana. / Dark Patterns after the GDPR : Scraping Consent Pop-ups and Demonstrating their Influence. CHI 2020 - Proceedings of the 2020 CHI Conference on Human Factors in Computing Systems. New York : Association for Computing Machinery, 2020.

Bibtex

@inproceedings{cf6a28da0379450388204456a23b7522,
title = "Dark Patterns after the GDPR: Scraping Consent Pop-ups and Demonstrating their Influence",
abstract = "New consent management platforms (CMPs) have been introduced to the web to conform with the EU's General Data Protection Regulation, particularly its requirements for consent when companies collect and process users' personal data. This work analyses how the most prevalent CMP designs affect people's consent choices. We scraped the designs of the five most popular CMPs on the top 10,000 websites in the UK (n=680). We found that dark patterns and implied consent are ubiquitous; only 11.8% meet our minimal requirements based on European law. Second, we conducted a field experiment with 40 participants to investigate how the eight most common designs affect consent choices. We found that notification style (banner or barrier) has no effect; removing the opt-out button from the first page increases consent by 22-23 percentage points; and providing more granular controls on the first page decreases consent by 8-20 percentage points. This study provides an empirical basis for the necessary regulatory action to enforce the GDPR, in particular the possibility of focusing on the centralised, third-party CMP services as an effective way to increase compliance.",
keywords = "consent management platforms, controlled experiment, dark patterns, gdpr, notice and consent, web scraper",
author = "Midas Nouwens and Ilaria Liccardi and Michael Veale and David Karger and Lalana Kagal",
year = "2020",
doi = "10.1145/3313831.3376321",
language = "English",
booktitle = "CHI 2020 - Proceedings of the 2020 CHI Conference on Human Factors in Computing Systems",
publisher = "Association for Computing Machinery",
note = "2020 ACM CHI Conference on Human Factors in Computing Systems, CHI 2020 ; Conference date: 25-04-2020 Through 30-04-2020",

}

RIS

TY - GEN

T1 - Dark Patterns after the GDPR

T2 - 2020 ACM CHI Conference on Human Factors in Computing Systems, CHI 2020

AU - Nouwens, Midas

AU - Liccardi, Ilaria

AU - Veale, Michael

AU - Karger, David

AU - Kagal, Lalana

PY - 2020

Y1 - 2020

N2 - New consent management platforms (CMPs) have been introduced to the web to conform with the EU's General Data Protection Regulation, particularly its requirements for consent when companies collect and process users' personal data. This work analyses how the most prevalent CMP designs affect people's consent choices. We scraped the designs of the five most popular CMPs on the top 10,000 websites in the UK (n=680). We found that dark patterns and implied consent are ubiquitous; only 11.8% meet our minimal requirements based on European law. Second, we conducted a field experiment with 40 participants to investigate how the eight most common designs affect consent choices. We found that notification style (banner or barrier) has no effect; removing the opt-out button from the first page increases consent by 22-23 percentage points; and providing more granular controls on the first page decreases consent by 8-20 percentage points. This study provides an empirical basis for the necessary regulatory action to enforce the GDPR, in particular the possibility of focusing on the centralised, third-party CMP services as an effective way to increase compliance.

AB - New consent management platforms (CMPs) have been introduced to the web to conform with the EU's General Data Protection Regulation, particularly its requirements for consent when companies collect and process users' personal data. This work analyses how the most prevalent CMP designs affect people's consent choices. We scraped the designs of the five most popular CMPs on the top 10,000 websites in the UK (n=680). We found that dark patterns and implied consent are ubiquitous; only 11.8% meet our minimal requirements based on European law. Second, we conducted a field experiment with 40 participants to investigate how the eight most common designs affect consent choices. We found that notification style (banner or barrier) has no effect; removing the opt-out button from the first page increases consent by 22-23 percentage points; and providing more granular controls on the first page decreases consent by 8-20 percentage points. This study provides an empirical basis for the necessary regulatory action to enforce the GDPR, in particular the possibility of focusing on the centralised, third-party CMP services as an effective way to increase compliance.

KW - consent management platforms

KW - controlled experiment

KW - dark patterns

KW - gdpr

KW - notice and consent

KW - web scraper

UR - http://www.scopus.com/inward/record.url?scp=85086024543&partnerID=8YFLogxK

U2 - 10.1145/3313831.3376321

DO - 10.1145/3313831.3376321

M3 - Article in proceedings

AN - SCOPUS:85086024543

BT - CHI 2020 - Proceedings of the 2020 CHI Conference on Human Factors in Computing Systems

PB - Association for Computing Machinery

CY - New York

Y2 - 25 April 2020 through 30 April 2020

ER -