Website operators are not the enemy either - Analyzing options for creating cookie consent notices without dark patterns

AutorStöver, Alina; Gerber, Nina; Cornel, Christin; Henz, Mona; Marky, Karola; Zimmermann, Verena; Vogt, Joachim
ArtConference Proceedings
AbstraktUsers frequently receive cookie consent notices when they enter a website. They are supposed to enable an informed decision about data collection. Instead, they often contain deceptive designs - also known as dark patterns - that can nudge users to consent and thus compromise their privacy. In this paper, we explore the causes of the widespread use of dark patterns in cookie consents. To do so, we take the perspective of website operators, who are responsible for the use of cookie consent notices and are increasingly making use of Consent Management Platforms (CMPs) to manage end-user consent. CMPs usually contain certain design templates. To find out whether it is possible for website operators to generate notices without dark patterns using CMPs, we analyzed a selection of the templates offered by major CMPs. We show that 60% of the notices created with default settings contain at least one dark pattern. A notice that does not nudge toward a certain choice could only be generated with 62.5% of the CMPs. Our results imply that the responsibility for privacy-friendly notices lies more with the CMPs than with the website operators.
KonferenzMensch und Computer 2022
InMensch und Computer 2022 - Workshopband
PublisherGesellschaft für Informatik e.V.