Responsible Design Part 10 of 14: Privacy Zuckering

Privacy Zuckering is a dark pattern that tricks users to disclose more personal information than the users had intended to.

Stuti Mazumdar & Symran Bhue -   May 2022

Privacy-Zuckering Illustration: Deceptive practices in online privacy.

How this pattern gets its name?

No points for guessing that this dark pattern is named after the Facebook founder and CEO, Mark Zuckerberg. In 2010 Tim Jones coined the term “Zuckering” while shedding light on the poor privacy practices of Facebook. Other suggestions at the time included ‘Zuckermining’, ‘Zuckerpunch’, ‘Facebaiting’, and ‘Facebunk’, among others.

How to identify this pattern?

Privacy Zuckering is deceptive, hides information and can also be asymmetric. The metric being prioritized is additional revenue from advertising or data brokerage.

This dark pattern is seen in the privacy policy i.e. the terms and conditions section when signing up on a platform or for a service. It employs a combination of techniques that make people reveal much more info about themselves than they intended to. The platforms then act as data brokers who collect and sell information to other companies who in turn use this information for ad targeting purposes. Privacy Zuckering is usually also at play where a service is trying to take bundled consent for a lot of different kinds of personal information of the user altogether rather than splitting it up and taking consent separately. The pattern is carefully hidden in lengthy privacy policies or terms of use forms.

Examples

Facebook and Google’s business model is such that they provide free services but monetise user data instead. Both organizations have been accused in a 2018 NCC report of providing nothing more than an “illusion of control” through various methods such as “hiding away privacy-friendly choices, take-it-or-leave-it choices, and choice architectures where choosing the privacy-friendly option requires more effort for the users.” The report goes into great detail about the way in which Facebook and Google have adopted exploitative practices to trick the users into disclosing more private data than they would have otherwise.

How to make it an ethical design pattern?

This dark pattern can confuse the user such that they don’t realize whether they are agreeing or giving up their data protection rights. One of the reasons for this confusion is asking for bundled consent from the users for a bunch of things all at once – who is going to read through or tick hundreds of checkboxes? Regulatory bodies in the US and Europe are trying to curb such practices as well. The most important thing is misleading prompts, manipulative language or long-winded confusing statements which require only the click of the ‘OK’ button and can often transfer user contacts, messages, browsing history, visual content, or location information without them even realizing it. These practices need to be avoided to keep the users coming back and continuing to use the service.

Finally, everyone has the right to privacy which should not be invaded by any means. The control to draw the line around what can be shared and how much – should be in the hands of the user and not any digital service provider.

Symran Bhue

Symran Bhue

I am a Digital Marketing Strategist by profession and an Artist by interest. An IT Engineer, an Artist/Design enthusiast and an MBA in Strategy and Finance, I understand things from Technology, Design as well as Business perspective.

Stuti Mazumdar

Stuti Mazumdar

Experience Design Lead at Think Design, Stuti is a post graduate in Communication Design. She likes to work at the intersection of user experience and communication design to craft digital solutions that advance products and brands.

Share on

Was this Page helpful?

Suggested Read

Thank you for your feedback.