Prior research found that a significant portion of EU-based websites responded to the GDPR by implementing privacy dialogs that contained inadequate consent options or dark patterns nudging visitors towards accepting tracking. Less attention, so far, has been devoted to capturing the evolution of those privacy dialogs over time. We study the evolution of privacy dialogs for a period of 18 months after the GDPR became effective using screenshots from the homepages of 911 US and EU news and media websites. We assess the impact of government and third-party actions that provided additional guidance and tools for compliance on privacy dialogs’ choice architecture.
‹ All reading
Trends in Privacy Dialog Design after the GDPR: The Impact of Industry and Government Actions
The results suggest that exogenous shocks may prompt websites to enact changes that bring on-the-ground implementation of the GDPR at least nominally closer to its intended goals (such as making rejecting tracking easier for visitors).