Spelunking Dark Patterns

"It's a Trap!" - General Akbar

It's happened to many of us. We've downloaded an app, started playing with it on our phones or desktops and then suddenly, what looks like a simple click sends you down the road into an application wormhole you can't get out of until you complete whatever dastardly functionality you became stuck in. Or exit the program all together.

Dark patterns, as defined by darkpatterns.org, are "a user interface that has been carefully crafted to trick users into doing things".

Emma Keaveny gave a talk at 2016 European Testing Conference. She spoke about her personal experience with dark patterns and why they were the focus of her talk.

"I was in a Weekend Testing Sunday session when I got duped by LinkedIn and its Friend Spam Dark Pattern. [I] was testing the mobile version, and chose to test the contacts, as I was going through the contacts screens you are shown who isn't connected in your email and phone contacts, a small, helpless send all button was at the bottom of the page, so I pressed that for the emails, notifications were sent, I was OK with this, with the mobile contacts I thought a warning would come up when I pressed the button, like a "Hold on you are going to spend money spamming!", but nope, they went through, there was also no real way to tell that you had sent all these contacts, the screen would go blank and you moved on to the next page, however if you went back to the same page all the contacts would appear again, so you could re-spam them as much as you want on your own cost! I was told by Neil Studd (the host) that this was a dark pattern, a friend spam pattern, and that's where I went exploring the term," said Keaveny.

Keaveny is not alone in her experience with mobile apps and the very deceptive ways they get information from your phone or charge your mobile account. In fact, many things have dark patterns and the easiest to miss are the ones that set defaults.

Defaults Can Lead to Dark Places

The use of defaulting options is a very prevalent design pattern and can quickly lead to dark patterns. The dark pattern comes in when the user is unable to easily identify whether the default is the preference they would prefer to have. This type of  dark pattern is called a "Trick Question"(1).

In the research paper "Decision-Making Approaches and the Propensity to Default: Evidence and Implications," where participants in an retirement plan were surveyed, the percentage of participants that choose the default option who would have preferred to have chosen another plan doubled compared to actively chosen plans. There was also a strong correlation with procrastination and the default option.(5)

Often the business, whether it's intended to help or harm the user, is mostly responsible for driving these patterns due to metrics which drive up membership, views, or even profit (2).  A majority of dark patterns take advantage of users who would have an implicit trust because of the brand they are dealing with or have choice fatigue and go with a default setting, sometimes not understanding what they are agreeing to. Most people are guilty of not reading a EULA or a user agreement document, and clicking the "Agree" button, simply because these have become standard items and mostly filled with legal speak and jargon which the average user becomes very bored with reading, so they skip to the end and press the button.(3)

{Writer's note: From personal experiences I don't stop to read EULAs and I know how much I could be giving away in them. The only EULA I recently read is one that I had to verify was updated for our software release.}

 Based on the 2016 Design In Tech report, "78 percent of design, engineering and product leaders say that at their company, the stakeholder that drives ultimate product decisions is Product. In 2nd place was Engineering at 16 percent."(4) It also notes that ethical design decisions are a topic of concern trying to harness behavior and motivation for good rather than just for profit.(4)

This battle of good verses evil plays out when some design decisions are made. The graphic is from an article comparing the various benefits verses evil-doing that can happen when defaults are implemented. (6)

Light Vs Dark

From "Dark Patterns: Deception vs. Honesty in UI Design" by Harry Brignull(also the originator or darkpatterns.org)

Caveat emptor (Let the Buyer Beware)

General experience and various tales of woe with lessons like "buyer beware" and "you pay for what you get", along with "a sucker is born every minute," should give one caution to any transaction they seek to make. Often, this isn't the case.

There is a current trend in stock management where robo-advisers are buying or selling stock based on market trends and user requests. There are some disturbing possibilities as this trend grows more popular with how the algorithms are buying and selling stocks.(7) Could dark patterns be playing a part in this as well? It's possible. It's even more worrying because it's a less visible process, and because you are dictating an action and that action requires choices that are now out of your control and in the hands of an algorithm that could have been biased in the company's favor.

With the popular trend of moving to subscription based models for nearly everything these days, billing and hidden costs are becoming the norm for users. The pain of paying up is only off-set by how much the user gets out of the service. The "shut-up-and-take-my-money" principle, lets services get away with some pretty devious things, like setting up accounts to automatically renew, or adding a service charge to handle payments or deliveries. Or just adding a fee because they can. The more popular a service, the more likely people will put up with fees and charges.

The use of dark patterns have ethical implications, whether for good or evil, whether on purpose or accidental, only the consumers can decide, with their voices and their money, what patterns are acceptable.

Accidental  Darkness

While speaking with Keaveny over Skype about her experience, a small revelation happened. It was possible her dark pattern, which certainly qualifies as a dark pattern, might have been also a localization problem. When you have a company that creates a feature to get more people to sign up for their service, using contacts and texting those contacts, if they are based in the US, this is a relatively a non-issue and generally doesn't cost most users. People in Europe on the other hand, could have contacts from multiple countries and texting those contacts could cost quite a lot compared to texting in the US. Knowing your audience and understanding the impact to that audience could avoid many issues that could evolve into a dark pattern, or even worse, a dark pattern with other impacts to service and usability. I would imagine that LinkedIn didn't set out to cause distrust by using a dark pattern. They were likely thinking of a quick way to help users gain more contacts on the platform. Unfortunately, not thinking about global implications could possibly have cost LinkedIn some mobile application users, but only they would know that.

A Working Example

Once you know what dark patterns are, they are easy to spot in everyday life. Here are a few tips to spot dark patterns in your own testing environment.

1) Defaults are probably the number one offender when it comes to dark patterns being utilized behind them. If you have a story with a default setting, gather information about what current uses are around that setting and why it's needed and what the drive for it is. Is it metrics? Is there a better way to get those numbers rather than using a dark pattern? Start the conversation with your team and find out if it's a good default or a bad one. Especially look at any checkboxes or radio buttons around Email settings, preferences, security settings, and even account settings. These are usually where defaults become dark patterns.

From a tech article on the web.

2) Ads are probably the second most used dark pattern. When ads are a large part of the revenue of free software, it's extremely hard to get management and product to not stick them in every nook and cranny they can find. Try to find some compromises for users if you can.

3) Read your EULAs! Important things could be hidden in the EULA. It's a pain, but it could save a lot more pain later, depending on how those EULAs were written. And sometimes you even find neat easter eggs in them.

A EULA from a game on the Steam network.

4) Read over the examples at darkpatterns.org! It has a pretty good list of patterns that are out there on the web, and even examples of offenders of those patterns. It's not just the little companies either. There are some big names out there.

1. http://darkpatterns.org
2. http://www.90percentofeverything.com/2013/07/23/the-slippery-slope/
3. http://conversionxl.com/defaults/
4. https://simplysecure.org/blog/maeda-report
5. http://www.business.illinois.edu/weisbenn/RESEARCH/PAPERS/Defaults_Paper_2015-11-12-FINAL.pdf (pg 39,41)
6. http://alistapart.com/article/dark-patterns-deception-vs.-honesty-in-ui-design
7. http://www.wallstreetdaily.com/2015/06/23/dark-pools-liquidity/


  1. thanks for writing about design patterns. I'd like to share with you, how dark pattern tricked me to sign up for a premium account? The other day, I was looking for free issue management system to set up for one of my projects.

    I did a Google search and they were many results. One which got my attention was Atlassian JIRA. They have plotted dark pattern in a way that they make you think it is free to use. These are the things they have highlighted in their pages; Get started free, Team up, for free and You’re starting for free, for up to 5 users.

    I did not know about dark patterns and I know it now and I am capable of recognising them. Thanks to you.

  2. Thanks for your comment, Karthinkeyan! That's a good example of a dark pattern. I'm glad the blog has helped!

  3. A great blog!! :) It really ignites the whole dark pattern topic. Its a shame that we are so used to them that they are now considered the norm, when the hell did that happen!! lol


Post a Comment

Most Read Posts

Ready, Tester One? *GO!*

Learning From Failure: The Tricky iOS Environment

Postman In The Pipeline: Newman Delivers