August 4, 2021

Volume XI, Number 216

Advertisement

August 04, 2021

Subscribe to Latest Legal News and Analysis

August 03, 2021

Subscribe to Latest Legal News and Analysis

August 02, 2021

Subscribe to Latest Legal News and Analysis
Advertisement

Dark Patterns and the CCPA: How Your Website Can Comply

The California Attorney General recently approved modified regulations under the California Consumer Privacy Act (CCPA). One part of the modified regulations bans “dark patterns” on a website. What are dark patterns? Public comments to the proposed regulations describe dark patterns as deliberate attempts to subvert or impair a consumer’s choice to opt-out on a website. Dark patterns could be used on a website to confuse or distract a consumer into granting knowing consent instead of choosing the opt-out option.

The modified regulations therefore ban the use of dark patterns that:

  • Use an opt-out request process that requires more steps than the process for a consumer to opt back into the sale of personal information after previously opting out;

  • Use confusing language (e.g., double-negatives, “Don’t Not Sell My Personal Information”);

  • Require consumers to click through or listen to unnecessary reasons why they should not submit a request to opt-out before confirming their request;

  • Require a consumer to provide personal information that is unnecessary to implement an opt-out request; or

  • Require a consumer to search or scroll through the text of a website or privacy policy to submit the opt-out request after clicking the “Do Not Sell My Personal Information” link (but before actually choosing the option).

If your website uses any such dark patterns you may wish to revise those mechanisms and implement clearer, more transparent methods for your website’s users to opt-out.

Copyright © 2021 Robinson & Cole LLP. All rights reserved.National Law Review, Volume XI, Number 98
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement

About this Author

Kathryn Rattigan Attorney Cybersecurity Data Privacy
Associate

Kathryn Rattigan is a member of the firm's Business Litigation Group and Data Privacy + Cybersecurity Team. She advises clients on data privacy and security, cybersecurity, and compliance with related state and federal laws. Kathryn also provides legal advice regarding the use of unmanned aerial systems (UAS, or drones) and Federal Aviation Administration (FAA) regulations. She represents clients across all industries, such as insurance, health care, education, energy, and construction.

Data Privacy and Cybersecurity Compliance

Kathryn helps clients comply...

401-709-3357
Advertisement
Advertisement