Dark Patterns and the CCPA: How Your Website Can Comply
Thursday, April 8, 2021

The California Attorney General recently approved modified regulations under the California Consumer Privacy Act (CCPA). One part of the modified regulations bans “dark patterns” on a website. What are dark patterns? Public comments to the proposed regulations describe dark patterns as deliberate attempts to subvert or impair a consumer’s choice to opt-out on a website. Dark patterns could be used on a website to confuse or distract a consumer into granting knowing consent instead of choosing the opt-out option.

The modified regulations therefore ban the use of dark patterns that:

  • Use an opt-out request process that requires more steps than the process for a consumer to opt back into the sale of personal information after previously opting out;

  • Use confusing language (e.g., double-negatives, “Don’t Not Sell My Personal Information”);

  • Require consumers to click through or listen to unnecessary reasons why they should not submit a request to opt-out before confirming their request;

  • Require a consumer to provide personal information that is unnecessary to implement an opt-out request; or

  • Require a consumer to search or scroll through the text of a website or privacy policy to submit the opt-out request after clicking the “Do Not Sell My Personal Information” link (but before actually choosing the option).

If your website uses any such dark patterns you may wish to revise those mechanisms and implement clearer, more transparent methods for your website’s users to opt-out.

 

NLR Logo

We collaborate with the world's leading lawyers to deliver news tailored for you. Sign Up to receive our free e-Newsbulletins

 

Sign Up for e-NewsBulletins