Skip to content

Commit

Permalink
create dark patterns.md
Browse files Browse the repository at this point in the history
  • Loading branch information
stephtngu-CR authored Dec 1, 2020
1 parent 5cc13e7 commit 95f2a9c
Showing 1 changed file with 45 additions and 0 deletions.
45 changes: 45 additions & 0 deletions experimental/darkpatterns.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
# Dark Patterns Privacy Testing Research
**Goal of this document**
* Develop something that can be used along side the Digital Standard
* Develop the pieces that need to exist directly inside the Digital Standard to fully asssess user experience
* Figure out what should be and can be tested with respect to good/bad user design

**References**
* NCC’s Deception by Design and Every Step You Take reports
* darkpatterns.org
* https://twitter.com/spotthepattern

### Things we want to measure (re: Privacy)
**What is the default flow for any path-of-least-resistance user?**
* Get people to do it on usertesting.com to see what the norms are
* Explore the space of possibility
* What are the settings and features in question?
* What are the defaults for those settings?
* Which settings explicitly define what they control?
* Which settings give sufficient fidelity on control?

**How easy is it to choose the privacy friendly option (including account deletion)?**
* Hidden defaults?
* How many clicks does it take to enable?
* Are there even settings to do so?
* Are the buttons the same size, position, color, font?
* Does the UX use buttons too tiny, blocked, or inactive to select, etc.?
* Does the UI fool users into interacting with it?
* Boxes that suddenly appear under your finger
* Are there false notifications or distractions?

**How easy is it to change defaults before finalizing account creation?**
* Does the user have the ability to tailor their experience based on privacy?
* Is the user interface designed to push the user to prefered use of service rather than explore settings (FB example from over the summer where a notification bubble distracted users from exploring settings)

**Is the user repeatedly nagged or pressured to make decisions contrary to their privacy?**
* Are there dialogs or prompts that appear repeatedly to ask for contacts, location, etc.?
* Especially onerous when the user has already set a setting to not allow access
* Does the interface imply a sense of timing that is designed to pressure the user into making a quick decision? (aka forced timing)
* Does the user have access to nuanced notification controls?
* Does the site use forced timing or crafted/artificial urgency mechanisms? (i.e., ticket sites)

**Are there elements of the user interface designed to distract users when they are about to make a choice about their privacy?**

**Are users clearly notified and able to clearly read instructions and policies that impact their privacy?**
* Are privacy policies presented in a reasonable fashion that you can access later?

0 comments on commit 95f2a9c

Please sign in to comment.