Facebook Tricks to Affect User Privacy Decisions

From Privacy Wiki
Jump to navigation Jump to search
Facebook Tricks to Affect User Privacy Decisions
Short Title Facebook's Design Tricks That Affect Users' Privacy Decisions
Location Global
Date 2012

Taxonomy Decisional Interference
Information Behavioral, Computer Device
Threat Actors Facebook

Affected Users of Facebook
High Risk Groups
Secondary Consequences

Facebook uses privacy dark patterns in its design in order to trick users into giving up their personal information.


Facebook was found to use manipulative design tricks in order to affect users in their privacy decisions. This can be seen as Decisional Interference through privacy dark patterns.

Here are some of the examples.

Replacing two buttons "Allow" and "Don't Allow" with one button: in the old design Facebook used two buttons – “Allow” and “Don’t Allow” – which automatically led the user to make a decision. In the new one they chose to use a single button, e.g. "Play game".

Putting important information into tiny gray text: the new Facebook design puts notification about user granting access to their personal information into a very tiny gray text, knowing that users most probably will ignore it.

Hiding the “basic” information a user is about to expose to the apps they are adding: old Facebook design put detailed explanation about the data processing and sharing, but in the new versions they decided to hide it behind a little question mark symbol.

Hiding detailed permissions below "action line": human eyes automatically focus on the main action button. Facebook exploits this and puts most important privacy information below the line of the action button, so that users are likely to miss it.

Changing the language and the tone: Facebook on purpose hides the term “Permissions”, using "friendlier" language instead, such as "play game".

In 2010 Facebook used another trick to let users opt out of Facebook partner websites collecting and logging their publicly available Facebook information. Anyone who declined that “personalization” saw a pop-up that asked, “Are you sure? Allowing instant personalization will give you a richer experience as you browse the web.”

Until recently, Facebook also cautioned people against opting out of its facial-recognition features: “If you keep face recognition turned off, we won’t be able to use this technology if a stranger uses your photo to impersonate you.” The button to turn the setting on is bright and blue; the button to keep it off is a less eye-catching grey.

Facebook's Instagram repeatedly nags users to “please turn on notifications,” and doesn’t present an option to decline.

Facebook also redirects users to “log out” when they try to deactivate or delete their account.

Risk Statistics

Laws and Regulations