|Stöver, Alina; Gerber, Nina; Cornel, Christin; Henz, Mona; Marky, Karola; Zimmermann, Verena; Vogt, Joachim
|Users frequently receive cookie consent notices when they enter a website. They are supposed to enable an informed decision about data collection. Instead, they often contain deceptive designs - also known as dark patterns - that can nudge users to consent and thus compromise their privacy. In this paper, we explore the causes of the widespread use of dark patterns in cookie consents. To do so, we take the perspective of website operators, who are responsible for the use of cookie consent notices and are increasingly making use of Consent Management Platforms (CMPs) to manage end-user consent. CMPs usually contain certain design templates. To find out whether it is possible for website operators to generate notices without dark patterns using CMPs, we analyzed a selection of the templates offered by major CMPs. We show that 60% of the notices created with default settings contain at least one dark pattern. A notice that does not nudge toward a certain choice could only be generated with 62.5% of the CMPs. Our results imply that the responsibility for privacy-friendly notices lies more with the CMPs than with the website operators.
|Mensch und Computer 2022
|Mensch und Computer 2022 - Workshopband
|Gesellschaft für Informatik e.V.