Dark Patterns in Cookies and Consent Management

The term “dark patterns” was first coined by UX specialist Harry Brignull to describe attempts by software to manipulate users into behaving as companies intended. A good example of this would be an “Unsubscribe” button that is very small and is placed at the bottom of an email with the intention to discourage users from unsubscribing. Brignull identified many types of dark patterns, including:

1. "Roach motel," where a user signs up for a service with ease but finds it difficult to cancel

2. "Price comparison prevention," where a website makes comparing the prices and features of two products difficult

3. "Misdirection," where the website design intentionally draws the user’s attention to a specific area to distract from another area

Regulations such as General Data Privacy Regulation (GDPR) and the California Consumer Privacy Act (CCPA) mandate websites and apps display cookie banners and obtain users’ consent before collecting their data. While a step in the right direction, cookie banners, and consent management has not worked very well for most of the users. It has been difficult to find an appropriate cookie consent banner. The presence of dark patterns has made informed cookie consent a myth for most.

The dark patterns found in these consent management tools, while unintentional, result in consent fatigue. The options presented in these banners are hard to understand and difficult to choose from, often making users provide consent without reviewing them properly. Once consented, the user has limited control over how the collected data can be used. This has further increased angst and suspicion amongst users about the actual intentions of the companies.

What are some of the reasons that contribute to these dark patterns in consent management?