I was discussing some work on some opt-out we're going to be offering customers so they can either accept or decline certain automated patches to their systems, and I found myself describing the opt-out as "real opt-out", because you can flip the switch to "no" and all that happens is exactly what you want; you stop getting those changes automatically. You can still apply them manually later, or selectively, etc. We don't terminate your service or charge you more or do anything else. You just choose whether you want the convenience along with the bit of risk of changes, or if you want the control and the responsibility.
And I realized I had been subconsciously calling this "real" opt-out precisely because what I encounter in life as "opt-out" does not match that description.. "Real opt-out" is distressingly rare. Almost everything I encounter in real life is the style of ratchet described in this article, to the point where my brain without consulting me decided I needed a new word/phrase for what we were doing.
A new Cortana popup's been showing up on the Windows 10 machines this week, where you can enable it, or have it "remind you later". >.<
I feel like every mode dialog needs a "f--- off" response. When YouTube asks me every fifteen minutes if I'd like to try YouTube TV, my answer isn't "no thanks", a polite declination of this generous offer. It's "f--- off", you incessant greedy tools.
That's everywhere on Windows. They did the same thing to try to railroad people into installing Windows 10. They do the same thing for every software upgrade.
Actually, Microsoft's current strategy for pushing updates is to "accidentally" break the options that let you withhold updates for a period of time. They've broken them like three times in the last six months, arbitrarily forcing large groups of Pro users to later versions of Windows than they should've gotten.
I found a way to get rid of windows updates. You just need to not have enough disk space... Every time I boot, I have a modal asking me to free more than 8GB to start the update.
The goal isn't to "get rid of Windows updates". Windows Updates are important. Of course, we do need to control those updates better. And Microsoft needs to be better about keeping those updates stable.
I only meant it as a joke, I'm just wishing Windows Updates would be less bloated than they are now, it would help speed up the process and keep customer complaints down. Also I don't need to wait 20 minutes in front of a blue screen when I do updates in Ubuntu.
On the contrary, I've completely disabled OS update checks via OS X's settings menu on both my personal (El Capitan) and work (Sierra) computers. I've managed to keep both up to date on security updates while avoiding obnoxious High Sierra update reminders quite easily.
iOS is terrible in this regard, however. I've only managed to keep my phone on iOS 9 through a bug/workaround involving a tvOS beta cert.
The iOS 9 upgrade dialog was terrible. It would appear seemingly at random, often (but not always!) first thing in the morning as I was just unlocking my phone. Sometimes it would appear while I was in the middle of swiping around.
I was one mistaken tap away from accidentally upgrading to iOS 10 and losing access to my phone for the next hour or however long it took.
They finally got me. I'm on iOS 10 now. It's ok. One great feature is that the insistent iOS 11 upgrade dialog requires a passcode to actually do the upgrade, so it's very easy to avoid triggering it accidentally. It still pops up randomly though.
I can't stand the fact that iOS will download updates without asking... even when not connected to a charger. I've been on terrible train station wifi in a foreign land and noticed that an update "is now available!" Absolutely horrific decision from Apple on that one. The only way to stop it? Filling your phone with enough music/video/pictures that iOS can't fit the update in there...
Unfortunately sometimes you can't please everyone. For example, Firefox constantly nags me to update to Quantum. I tried it, realized some of my mission critical plugins (Session Manager) don't work there, so I've been holding out intentionally for alternatives.
Yet Firefox CONSTANTLY nags me to upgrade, and there's not even a "don't bug me for X amount of time" option.
It stuns me that any extension would be so critical as to keep one away from Quantum! (But then, I suppose I also don't understand why one would stay back with Windows 7 when 10 is out there either.)
For some of us, "Firefox with X extension" was functionally a different browser that happened to resemble Firefox. Tree Style Tabs, Tab Groups, etc. completely changed how one used the browser.
That's a great way of putting it. And in some cases, the combination of that functionality provided by those extensions made that frankenstein "version" of a browser more valuable than the benefits of Quantum.
I'd also add All-in-One-Gestures, Classic Theme Restorer to your list ;)
The longstanding root of the problem is that we're relying on software that is under the control of an adversarial party, especially for creating a UI. This necessarily means that incentives are misaligned, and we are left as an unaccompanied homo sapien to be outwitted by the machine in front of us that we may have paid for, but that does not work for us.
It will be interesting to see where the GDPR goes, especially with regards to surveillance companies we don't directly interact with. But as long as we continue to do things like utilize a specific retailer's software for researching and planning purchases, the incentives are for that retailer to design that software to push us into funneling as much business (and extraneous personal data!) as possible to themselves.
> The longstanding root of the problem is that we're relying on software that is under the control of an adversarial party, especially for creating a UI.
One of the original ideas of the "semantic web" was that the entities that provide data and the entities that display the data should be decoupled and freely combinable by the user.
That idea didn't gain particularly large support with website developers.
To make things worse UI is still a largely unsolved matter. Imagine being in the time of tillers instead of steering wheels but somehow splice in privacy and personal data. The more I read about this the more everything feels like a bad scifi novel.
What do you mean by "UI is still a largely unsolved matter"?
The way I see it, UI was solved somewhen in the 70s. Since then, we're only redoing the same building blocks with more or less glitter, and composing them in the same usual ways.
The problem is, really, that user-hostile interfaces are designed on purpose, to trick users.
It’s funny how they only want to repeatedly confirm your decision when you give the answer they don’t want.
Every time my Facebook messenger app updates it asks me to confirm my phone number (which it already has through some other method). It employs multiple dark patterns to trick me into confirming, and because of this I’ve very nearly done so by accident.
This stuff might be profitable in the short term but many of us see through it — especially the younger generations — and it’s eroding any trust you may still have with people.
Companies need to cut this shit out ASAP if they want to be trusted in the future.
In addition to the info itself being valuable to them, metadata such as the age of the info is also an important attribute to consider when placing a value on this info.
Cutting this out puts a company at a disadvantage to competitors. This is a case where the government "of the people and for the people" should step in and write some real legislation, and enforce it. Unfortunately, "of the people and for the people" is effectively ancient history now, they're far too busy bickering over Russian trolls and fulfilling their donors wishes. What a sad state of affairs.
I'm not against regulation on principle, but how specifically would you write something against these patterns? I have a hard time seeing how to describe them in a general way - and "I know them when I see them" doesn't make good law.
Write the law vaguely and make punishments potentially scarily harsh, the general idea that if companies would like to continue to play dumb farmer, they better hope they don't run into someone with a strict personality. In law, there is the notion of both the latter and the spirit of the law, so this notion isn't unprecedented.
You might think this is a bit crazy, and you'd be correct, but it's nowhere near as crazy as thousands of things in the actual reality of our current legal system (banks crashing the global financial system, yet no one was guilty of anything, black men being executed at point blank range and the cop walking away, etc etc etc etc etc).
This strikes me as an area where legislation could have a significant impact. It's an area where there is absolutely no economic incentive to do the right thing. It seems similar to the way email lists and spam were back in the early days of the internet. Based on my observations, the CAN-SPAM act requiring automated mailings to have an unsubscribe link actually seems to have been fairly effective at improving that situation. Granted, there is still spam, but the legit mailing lists are a lot easier to opt out of than they used to be. Perhaps some legislation relating to terms of service agreements could help with this problem?
Not privacy related but how about that damn “Ratchet” that iPhones have to get you to upgrade the OS? You are literally presented with two choices: upgrade now or remind me later. The remind me later choice means getting a daily nag with the same two choices. I inevitably lose this little cat’n’mouse game and accidentally click the upgrade now option. Yes, you can delete the update file to postpone the prompt for a bit but that is a hassle and only temporary anyway. APPLE, I DON’T WANT TO UPGRADE!!! Every time I inevitably accidentally upgrade, the UX responsiveness degrades another step. For the third phone in a row I’m at the point where I feel like I need to upgrade to new hardware to get back to the responsiveness level I want. I think we all know this is no coincidence.
You might be overly sensitive. My wife still runs an iPhone 6 (not 6s), on the latest OS. I can only just tell the difference between it and my 8 (also on the latest OS.) in app load times for giant apps. Otherwise (scrolling, network, etc.) there is no functional difference unless you're sitting there with a stopwatch.
Don't propagate the false "planned obsolescence" meme. It's tired and counter-productive, especially from a security standpoint.
Maybe you're just not that sensitive to it? App load times aren't what keeps me from updating, it's stability -- iOS 11 is still ridden with bugs, which is ridiculous for a 6 month old OS used by millions of people worldwide. Of course, CPU throttling is another valid reason to hold off, or, if you use a phone with a smaller screen like my SE, you might not want to update to an OS that doesn't scale well for your screen size..
Don't propagate the false "planned obsolescence" meme.
Please don't apologise for poor treatment of customers on behalf of Apple. Remember the way they drove updates to iOS7, by essentially breaking all apps in the app store that weren't iOS7 friendly? Remember all the performance problems as otherwise perfectly serviceable older devices were updated to newer OSes they couldn't properly support? Remember how Apple provides no easy mechanism for downgrading again if an OS (or app) update does impair or outright break your device, nor any way to turn off the nags if it thinks you should upgrade even though all the reviews and real world anecdotes are saying the new version is a disaster?
It’s not regular app load times where I notice it. It’s things like Safari’s url bar autocomplete responding slower and slower with each update. Like noticeable lag with each keystroke. It doesn’t matter which default search engine is set either as I’ve tried various things to improve the situation giving the OS / Apple-built apps the benefit of the doubt. It’s things like the how picking an image in Photos and directing it to share as an SMS or email gets slower with each update. Like many seconds before the SMS composer shows up. And so on and so on...
Speaking of wives, mine has the same slowdowns as me. It happens on our iPads too. We like being on the same OS version so we have the same features and emojis and such. We have to let each other know when one of us gets tricked again into updating so the other can too. It’s a source of much frustration for us.
Whether it’s nefarious overtly planned obsolescence or just the “accidental” lazy kind where they put less effort into supporting older hardware, the effect is the same and it sucks.
You know, if a country ran an election over and over until they got the "right" answer it would obvious that said country wasn't a democracy. I would have no problems if every time I opened an app or logged into a website it asked if it could have the set of permissions it needed (or wanted). Or, it could ask me once, then make me go into the settings to change my answer if I changed my mind.
But asking over and over until I say yes, then never asking again is just as nefarious my aforementioned election strategy.
I don't think it's much of a stretch to call it abuse.
Imagine this was a person-to-person thing. Person A wants person B to consent to something person B does not want to consent to. And let's not beat around the bush here: we're all thinking of something sexual right now. A repeatedly asks B, and no matter how many times B says no, A claims that B said "maybe later". B does not get to say "fuck off" unless B somehow quits A altogether.
Now that is messed up enough already, but what these forms do is give you no other option than answer "maybe later". That's a level above putting words in someone's mouth that I am sure would be considered a form of violation if someone in a position of power could do that to someone else.
And that very much applies here: I don't get to create the pop-ups in an app or on a website, so the app-makers are abusing a position of power here.
I had just thought of this exact analogy too. Another one that came to mind is a forced/coerced confession. Usually it's combined with something more extreme like sleep deprivation/psychological abuse but the way it often works is just asking someone over and over for hours whether they committed the crime / how they did it. Eventually people confess just to make it stop. I see this as the same thing on a smaller scale: eventually you just accept the terms/update/whatever to make the annoying notifications go away. But you were still coerced into that decision out of annoyance and frustration
No, it doesn't, and I'm getting kinda tired of the EU being depicted this way.
A treaty gets rejected, renegotiated, the public is informed of the changes, and then is voted on again. For example, per your own linked article:
> Denmark — The Danish Maastricht Treaty referendum, 1992, 2 June 1992, 50.7% against, turnout 83.1%
> Denmark — The Danish Maastricht Treaty referendum, 1993, 18 May 1993, 56.7% in favour, turnout 86.5%
> In Denmark, two referendums were held before the treaty of Maastricht passed. The first one rejected the treaty. After the defeat of the treaty in the first refererendum, Denmark negotiated and received four opt-outs from portions of the treaty: Economic and Monetary Union, Union Citizenship, Justice and Home Affairs, and Common Defence. The second referendum approved the treaty amended with the opt-outs.
That is how politics is supposed to work: debate and negotiate until a consensus is reached, and even then keep updating the rules as things change.
This is not a "vote until you answer what we want you to answer." Sure, there is an agenda by the diplomats to integrate Europe into one transnational union. But they're open about that, and the public does get to vote on big decisions through these referenda. The process through which all of this happens is a lot more democratic than, say, a big corporations pushing political parties to push a law through (and yes, that also happens in the EU, but that's a problem in political systems everywhere).
Excellent post. I recently dealt with "The Ratchet" for several months on my old iPhone, because I didn't want to upgrade to the new OS at the time for battery/performance reasons. Every single day I'd get a full screen popup telling me to enter my passcode to update, or I could click on a smaller box at the bottom to remind me later. It was my own phone and I couldn't even make it stop asking me to update.
The other place I noticed it recently was Reddit's mobile website, which asks me to download the app TWICE every time I reopen it on my phone. The first prompt is a bottom banner taking up about 40% of the screen on my phone with the small link to the mobile site situated uncomfortably close to the much larger button which takes you to the app store. The second is a popup from clicking on a link, which takes up about 60% of the screen and is centered. It's workable, but it's almost as annoying, persistent, and anti-user as Facebook messenger on mobile web browsers.
It's infuriating seeing some of your favorite products try to pull this on you. I wish I could tell the developers to stop being assholes to their faces.
The Reddit example extends to Android as a whole - I can't speak to Apple iOS due to inexperience.
Browsing websites with a companion app always prompts you to view in the app or install the app, and the presentation is always biased toward doing so instead of declining. I wish there was an option to indicate that you don't want to be prompted in this fashion in the future - either all around, or to have it remember specific apps that you don't want to install.
It really is a persistent annoyance. The Reddit website in full desktop mode has also recently been pestering users about logging in, and it does so every time you navigate to the site if you aren't already logged in to an existing account.
It is really quite annoying, and has actively caused me to use the site less. I'm much less likely to use a timesink or unfocused browsing activity if I'm being pestered while doing so. I imagine that this type of activity is a significant portion of the whole for such websites, so it really seems disingenuous, unless their long-term plan is to pull a Facebook and focus on revenue through selling user data to third parties (which I imagine is most likely the case).
Maybe. Per Article 7(3) (in particular the last sentence)[0]:
>The data subject shall have the right to withdraw his or her consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. Prior to giving consent, the data subject shall be informed thereof. It shall be as easy to withdraw as to give consent.
As I read it, if you're going to annoy your no-consent-given-(yet)-users with a "convenient" popup every time asking whether they consent... Then you also have to annoy your consent-already-given-users with an equally "convenient" popup every time asking whether they still consent. Break the anti-pattern by forcing the developers to pull it all the way through.
At any rate, it gets rid of the "Aha! given at last! now you can never revoke it!"-part of the ratchet.
To pick on a different company, every once in a while when I start Revolut (fintech mobile bank acount like thingy), I get asked if I want to upload my contact list so that I can easily send/receive money from my contacts. There is no option to "Never".
If you're using iOS, then they only get one shot at asking for permission with the system prompt, and if you say no, they can't do it again. So what most applications do is show a custom prompt (which they can show an unlimited number of times), and if you agree to that, then they show the system prompt, which users are unlikely to refuse at that point.
This means that it's pointless for them to show their custom prompt if you've already refused access, because even if you agree, they can't get the system prompt to show up again. So you can probably make the repeated prompts disappear by either a) agreeing to their custom prompt then refusing access when the system prompt appears, or b) going to Settings > Revolut and refusing access to your contacts there. The latter is probably the best way of doing it.
> This means that it's pointless for them to show their custom prompt if you've already refused access, because even if you agree, they can't get the system prompt to show up again. So you can probably make the repeated prompts disappear
No. I have seen this defeated on a few apps-- they harass you with the custom messages, and when it realizes it can't trigger the system prompt, it just tells you to go into settings and approve it manually. Failure to follow through means the custom messages will continue harassing you as long as the permission has not been granted.
> it's pointless for them to show their custom prompt if you've already refused access... So you can probably make the repeated prompts disappear
I wonder if they actually catch this case, or just say "if no access, show prompt"? It wouldn't shock me to find out that many apps are so ill-designed that refusing at the iOS screen simply creates a permanent popup with no actual use.
I'm wondering whether GDPR is going to make this worse.
It used to be that the GWR train Wifi would automatically log me in. But now that has changed, and it takes me to a pre-populated log-in screen, which requires me to untick the "Add me to the mailing list" button, and tick the "T&Cs" and "Privacy statement" buttons.
I suspect that this is a GDPR hoop to show they have consent for every bit of data they use. But all I have to do is forget to untick the "Add me to your mailing list" button once...
The GDPR doesn’t allow default-checked opt-in checkboxes. They aren’t “clear affirmative actions”.
Article 4.11: ”'consent' of the data subject means any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her”
So now we have to go back to every site/service/app including unchecked but mandatory tick boxes about agreeing to their terms and privacy policy in the checkout process, thus both annoying just about everyone and potentially reducing conversion rates while making no practical difference to anything whatsoever? I guess we can file that with the "cookie" law and the consumer protection rules that say if you want to download any digital content you just bought immediately instead of waiting 14 days first then <insert scary legalese about losing a right to cancel under some law you never heard of here>. I think they're under "well intentioned but utterly lacking in practical understanding".
Those tick boxes can only be mandatory if the data is actually needed to provide the service - the user can't be forced to allow his data to be used for marketing purposes, for example. Also, if it's obvious for what purpose the data will be used (e.g. filling in your address for delivering a package), you don't need a tick box.
So there should be little need for mandatory boxes.
As ever with the GDPR, things are going to get subjective and you take your chances until the picture is clearer. A strict interpretation appears to be that, for example, a business that uses a customer's email address as an account ID on its web site and sends only essential messages to that email address doesn't need consent, because the legal basis for the processing is performance of a contract, but if the email address is also used for other form of communication (even if the message is genuinely relevant and something the customer would almost certainly want to receive) then that may require active consent. That could lead to a lot of places adding those checkboxes back in just to make sure they're covered, even if they aren't strictly necessary.
Actually, they can't add those checkmarks, because consent must be specific (use this data for this purpose), so a generic tick box about agreeing to their terms and privacy policy won't fly.
Well, at that point, all semblance of reality would have been lost anyway. It seems highly unlikely that any businesses, even huge ones that have data-hoarding business models, are going to start itemising opt-in consents in their sign-up process rather than just having a compliant privacy policy and a single active consent to processing under it.
Unless they really want to play chicken over something that is clearly an unreasonable interpretation of the rules, I doubt it.
Using the GDPR to go after one big player that seriously screwed up is one thing. I certainly wouldn't be comfortable if I held Facebook stock right now.
But going after all the big players, just for not complying with something that is probably impractical for any of them to comply with, is something else entirely. How long do you think public sentiment is going to support government regulators and the GDPR if the likes of Facebook, Google Mail, WhatsApp, Instagram and SnapChat all go dark across the EU for an hour, or a day, or a week?
There's nothing unreasonable about it, it's the plain reading of Article 7 (2).
Regarding the big sites, I don't see how is that relevant to your initial point about whether "every site" will have mandatory checkboxes, and so I'll let someone else read the magic 8 ball.
Like the article says, there might be a way, somewhere deeply hidden in the website to revoke the consent, but do you really want to spend half an hour for that (if the button really, exists, and if it actually does anything)
If the link is buried, that is a violation of the GDPR. Contact details for the controller and the Data Protection Officer must be given at the point where data is collected: https://gdpr-info.eu/art-13-gdpr/. There's also something else about an affirmative duty to facilitate exercise of rights, but that's less clear-cut.
A non-functional link is also a GDPR violation.
That said, I agree in general: it's a burden on me to make these websites respect my rights, and that's kinda bullshit. I either have to go through the hoops the site sets up, or I have to go through the bureaucratic hoops of the organization that judges the hoopiness of the website's hoops. But if I do care enough, there is now a stick to wield, which is an improvement.
GWR is to blame for that. They're seizing the opportunity presented by having one more interaction (among many) with you, to saddle that interaction with this ratchet pattern. There's nothing special about GDPR that leads inexorably to that.
>Of course it would be trivial to have a log of recently given permissions and an ‘undo’ option for each of those.
No, that's not trivial. It's not hard, but it's pretty far from trivial. Trivial would be removing the "not now" functionality from this question.
Maintaining a list of permissions and implementing the ability to undo them from a common area doesn't sound trivial at all to me, even if that only meant "no permission in the future".
If you were designing the app from the ground up to support that, it'd be a lot easier. But it still wouldn't be "trivial".
I went to go find the definition of "trivial", but I didn't get what I expected, and I'm sure it isn't what the author meant, either. "of little value or importance."
I was looking for something along the lines of "taking a negligible amount of effort". And I don't think implementing an entire interface and storing a list of data for it is trivial, let alone the part where you can take actions from that interface that potentially have system-wide ramifications.
The computer science sense of "trivial" comes from the mathematical sense, "Related to or being the mathematically most simple case. More generally, the word "trivial" is used to describe any result which requires little or no effort to derive or prove." [0]
And of course "trivial" is related to "obvious" when used in a math lecture.
Working to protect consumers by preventing anticompetitive, deceptive, and unfair business practices, enhancing informed consumer choice and public understanding of the competitive process, and accomplishing this without unduly burdening legitimate business activity.
GDPR only applies when the user doesn't give consent. This dark pattern is about obtaining that consent, not about using the user's data without consent.
And I realized I had been subconsciously calling this "real" opt-out precisely because what I encounter in life as "opt-out" does not match that description.. "Real opt-out" is distressingly rare. Almost everything I encounter in real life is the style of ratchet described in this article, to the point where my brain without consulting me decided I needed a new word/phrase for what we were doing.