Deceptive Patterns: Book by Harry Brignull

Chapter 31: Changes afoot in the United States

To begin with, it’s worth mentioning that the US is not insulated from the EU. For example, the GDPR and DSA have an extraterritorial effect. This means any business in the US has to change their practices in line with European legislation if directing products at Europeans.

EU laws have similar goals and values to the US, so they don’t require businesses to do completely opposite things. At present, the EU laws are generally more strict – so if a business complies with EU law, they’re also likely to comply with their local US federal and state law at the same time. In theory this should be attractive to US businesses as it will make them less of a target to the increasingly vigilant FTC and the ever-growing class action lawsuit industry.

While the EU has been focusing on legislation, the US has mainly been focusing on enforcement, particularly with a view to preventing anti-competitive behaviour, as it could lead to negative outcomes for the national economy and the wellbeing of its citizens. In July 2021, President Biden signed an executive order that encouraged federal agencies to increase competition and to limit corporate dominance. Around the same time, the president appointed Lina Kahn to be chair of the Federal Trade Commission, an expert in the regulation of anti-competitive behaviour, and passionate about the regulation of deceptive patterns.1 In a recent announcement, Khan made the agency’s position very clear indeed:2

‘Protecting the public, and especially children, from online privacy invasions and dark patterns is a top priority for the Commission, and these enforcement actions make clear to businesses that the FTC is cracking down on these unlawful practices.’
— Lina Kahn, FTC Chair (December 19, 2022)

In recent years, the FTC has been ramping up its enforcement actions against companies that employ deceptive patterns. In September 2022, the FTC published a staff report titled ‘Bringing Dark Patterns to Light’, detailing its position and providing guidance for businesses, with numerous examples of...

In recent years, the FTC has been ramping up its enforcement actions against companies that employ deceptive patterns. In September 2022, the FTC published a staff report titled ‘Bringing Dark Patterns to Light’, detailing its position and providing guidance for businesses, with numerous examples of enforcement actions.3 In November 2022, the FTC reached a $100 million settlement with Vonage, the internet phone service provider, for using deceptive patterns that prevented customers from cancelling their services.4 Despite allowing customers to sign up for a free trial easily online, the FTC complaint alleged that Vonage forced customers through a difficult cancellation process on the telephone, containing significant hurdles and adding expensive junk fees when they tried to cancel.

In March 2023, the FTC achieved a record $245 million settlement with Epic Games regarding its use of deceptive patterns in the game Fortnite. According to the complaint, Epic Games designed its payment system in a manner that facilitated accidental purchases. Specifically, once credit card details were entered into the Fortnite system, a player could make in-game purchases with a single button press, without a cardholder consent process or any other additional steps (such as a confirmation step, or re-entering the card CVV number). Epic ignored internal feedback from staff and over one million complaints from customers regarding this problem, instead insisting on a no refunds policy. Following the FTC’s investigation, this resulted in the largest ever settlement for a case involving deceptive patterns, requiring Epic to return millions of dollars to users and to redesign their payment experience to prevent accidental purchases and to enable straightforward refunds, among other things.

The tech industry has responded to the FTC’s recent activity via a think tank called the Information Technology and Innovation Foundation (ITIF). In 2022, ITIF was financially supported by Adobe, Airbnb, Amazon, Apple, Comcast, Facebook, Google, Microsoft, Uber, Verizon, and many others. They have a long history of representing the interests of the tech industry.

In January 2023, ITIF published an article hitting back at the FTC, arguing that ‘dark patterns’ is an ‘alarmist term’ that has been ‘popularized by anti-technology activists to spread fear’.5 In the article, ITIF makes some strange arguments. For example, it states that ‘accidental purchases […] are not, on their own, illegal’ (while true, this is wilfully missing the point), and that ‘Neither of these [FTC] complaints were based on a confusing design of Epic’s in-game purchasing interface.’ This is in direct contradiction with the FTC, which plainly describes the case in its complaint and associated press release: ‘Fortnite’s counterintuitive, inconsistent, and confusing button configuration led players to incur unwanted charges based on the press of a single button’.6

Although the content of the ITIF article is muddled, the tone is very telling. The FTC’s recent work has got the tech industry feeling rattled and defensive. We can assume that the changes afoot in the EU are also a source of concern for them.

Buy the book...

Since 2010, Harry Brignull has dedicated his career to understanding and exposing the techniques that are employed to exploit users online, known as “deceptive patterns” or “dark patterns”. He is credited with coining a number of the terms that are now popularly used in this research area, and is the founder of the website deceptive.design. He has worked as an expert witness on a number of cases, including Nichols v. Noom Inc. ($56 million settlement), and FTC v. Publishers Clearing House LLC ($18.5 million settlement). Harry is also an accomplished user experience practitioner, having worked for organisations that include Smart Pension, Spotify, Pearson, HMRC, and the Telegraph newspaper.

Buy the book
Inquire about expert witness services
Previous
30. Changes afoot in the European Union
Next
31. AI, hypernudging and system-level deceptive patterns