Dark patterns are increasingly used to trick even savvy web users.
Navigating ethics and privacy online is difficult, and it only gets worse when money is involved. With so much of our identities already online, many are now realizing that their wallets are the privacy boundary they aren’t willing to cross.
During the presidential race last fall, some Americans unknowingly crossed this boundary while donating money using online fundraising services, and four state attorneys general are currently trying to uncover more information. In late April, the attorneys general for New York, Minnesota, Maryland, and Connecticut sent letters to two online fundraising services requesting information on their use of prechecked boxes that opted contributors into a recurring donation schedule. Two organizations received these letters: WinRed, which accepts donations for Republican candidates, and ActBlue, its Democratic equivalent.
One campaign donation turned into thousands of dollars
A New York Times investigation in April showed how WinRed had used prechecked boxes in their online donation forms which automatically opted donors into monthly or even weekly donations after they voluntarily donated an initial sum, similar to a subscription service. In situations like this, the onus is on the user to deselect the service rather than actively select participation. However, enough users missed the boxes for the scheme to be a fundraising success.
The New York Times article found that “a clear pattern emerged. Donors typically said they intended to give once or twice and only later discovered on their bank statements and credit card bills that they were donating over and over again.”
Both ActBlue and WinRed used prechecked boxes without explicitly informing their users throughout the 2020 election, but not to the same degree, a fact illustrated by comparing the scale of donation refunds. WinRed, a for-profit donation service, was repeatedly flagged for fraud, and the Trump campaign ended up refunding $122 million, more than 10 percent of what it raised on WinRed in 2020. The Biden campaign, via ActBlue, which is a nonprofit organization, refunded 2.2 percent of online donations.
Throughout the election, other groups also used the precheck tool, including the Democratic Congressional Campaign Committee. However, the DCCC stated that the user receives a notification directly after the donation is processed alerting them to their decision.
After receiving the letter requesting information from the attorneys general, ActBlue said in May that it was phasing the use of this tool out, and beginning on July 1, ActBlue now requires any fundraiser that still uses prechecked boxes to explicitly ask users to donate on a recurring basis. WinRed, on the other hand, has been pushing back. In fact, the company has sued Minnesota to stop the scrutiny, saying that federal law oversees its activities and state consumer protection laws should not concern them. In a statement on its website, WinRed accuses the attorneys general of “exploiting their positions of power for partisan gain” and calls the inquiry itself “unlawful, partisan, and hypocritical.”
Worth noting is that many Americans using online platforms to donate are working-class men and women, retirees, and veterans who were not financially able to give recurring sums of money. The New York Times investigation found that some contributors who had donated and subsequently been caught in the donation trap only realized the extent of the damage once their rent payments bounced or their credit cards were rejected. And most of the people getting caught in deceptive donation tactics are older, a trend that is consistent across both parties. Data analyzed by the Times shows that the average age of donors who received refunds is about 65 for ActBlue and almost 66 from WinRed. In addition, according to federal records, 56 percent of WinRed’s online contributions come from retired Americans, which means that older Americans are donating more, and getting refunded more due to dissatisfaction.
Since May, legislation has been introduced in the House and the Senate to ban the use of prechecked boxes at the federal level. But Vox’s Sara Morrison writes that, as online capabilities grow, legislation surrounding online privacy laws will not be easy to formulate: “The line between deliberate deception and legally urging a user to make a choice that materially benefits a company can be blurry.”
Making choices online isn’t as straightforward as you think
Whether or not WinRed cooperates with the states’ request for information, the fact remains that they were able to take over $100 million from Americans all over the country with a few clicks. This not only indicates a misplaced trust in digital spaces, it also shows that websites are willing to exploit this trust for their gain — and many people are only starting to realize how much the digital spaces they frequent can get away with. A large part of this is the use of dark patterns.
Sara Morrison defines dark patterns as “design that manipulates or heavily influences users to make certain choices,” while Harry Brignull, who coined the term, wrote that a dark pattern is “a user interface carefully crafted to trick users into doing things they might not otherwise do.”
The problem is that we don’t know when we’re being tricked. When trust is breached, as in the case of the prechecked boxes, the resulting loss is monetary and there are ways to quantify it, like referencing a bank account. When the loss is personal information, it’s harder to notice, and in many cases, harder to understand why we should care.
As Morrison reports, one example is careful word choice: like Instagram preferring “activity” and “personalized” rather than “tracking” or “targeted.” This obscures the real meaning of what a user is agreeing to and leads to more people allowing the app permissions. Because users don’t often know what they’re agreeing to, and the results of clicking an “allow” button are not usually intrusive, it’s easier to do this than to constantly be barraged by follow-up requests.
In addition to hiding information in fine print, as WinRed did with its prechecked boxes, some websites use emotional manipulation to get the information they want. The signup button to receive a fashion newsletter might say “I love wearing nice clothes,” while the opt-out button might say, “I don’t have a washing machine.”
WinRed used this tactic on its donation page in messages like: “If you UNCHECK this box, we will have to tell Trump you’re a DEFECTOR & sided with the Dems.” Whether this type of user shaming is in conjunction with saying no to a newsletter or no to your presidential candidate, dark patterns are designed to get more people to say yes online.
As of now, the attorneys general are waiting for more information from both WinRed and ActBlue on their transparency practices. WinRed has argued that state players should not be involved in this issue, but the attorneys general take another perspective, stating that online donation policies affect individuals at a state level and thus the issue lands under their jurisdiction.
“Every Minnesotan is protected under the law from fraud and deception,” John Stiles, deputy chief of staff to Minnesota Attorney General Keith Ellison, told CNN. “It’s the attorney general’s job to protect Minnesotans and enforce those laws, no matter who may break them.”
Author: Maryam Gamar