Privacy Zuckering is a dark pattern that tricks users to disclose more personal information than the users had intended to.
Stuti Mazumdar & Symran Bhue - May 2022
How this pattern gets its name?
No points for guessing that this dark pattern is named after the Facebook founder and CEO, Mark Zuckerberg. In 2010 Tim Jones coined the term “Zuckering” while shedding light on the poor privacy practices of Facebook. Other suggestions at the time included ‘Zuckermining’, ‘Zuckerpunch’, ‘Facebaiting’, and ‘Facebunk’, among others.
How to identify this pattern?
Privacy Zuckering is deceptive, hides information and can also be asymmetric. The metric being prioritized is additional revenue from advertising or data brokerage.
This dark pattern is seen in the privacy policy i.e. the terms and conditions section when signing up on a platform or for a service. It employs a combination of techniques that make people reveal much more info about themselves than they intended to. The platforms then act as data brokers who collect and sell information to other companies who in turn use this information for ad targeting purposes. Privacy Zuckering is usually also at play where a service is trying to take bundled consent for a lot of different kinds of personal information of the user altogether rather than splitting it up and taking consent separately. The pattern is carefully hidden in lengthy privacy policies or terms of use forms.
Examples
Facebook and Google’s business model is such that they provide free services but monetise user data instead. Both organizations have been accused in a 2018 NCC report of providing nothing more than an “illusion of control” through various methods such as “hiding away privacy-friendly choices, take-it-or-leave-it choices, and choice architectures where choosing the privacy-friendly option requires more effort for the users.” The report goes into great detail about the way in which Facebook and Google have adopted exploitative practices to trick the users into disclosing more private data than they would have otherwise.
How to make it an ethical design pattern?
This dark pattern can confuse the user such that they don’t realize whether they are agreeing or giving up their data protection rights. One of the reasons for this confusion is asking for bundled consent from the users for a bunch of things all at once – who is going to read through or tick hundreds of checkboxes? Regulatory bodies in the US and Europe are trying to curb such practices as well. The most important thing is misleading prompts, manipulative language or long-winded confusing statements which require only the click of the ‘OK’ button and can often transfer user contacts, messages, browsing history, visual content, or location information without them even realizing it. These practices need to be avoided to keep the users coming back and continuing to use the service.
