A Flaw-by-Flaw Guide to Facebook’s New GDPR Privacy Changes

Josh Constine, writing for TechCrunch:

Facebook is about to start pushing European users to speed through giving consent for its new GDPR privacy law compliance changes. It will ask people to review how Facebook applies data from the web to target them with ads, and surface the sensitive profile info they share. Facebook will also allow European and Canadian users to turn on facial recognition after six years of the feature being blocked there. But with a design that encourages rapidly hitting the “Agree” button, a lack of granular controls, a laughably cheatable parental consent request for teens and an aesthetic overhaul of Download Your Information that doesn’t make it any easier to switch social networks, Facebook shows it’s still hungry for your data.

A good example of the dark patterns they’re employing:

But the fact that the button to reject the new Terms of Service isn’t even a button, it’s a tiny “see your options” hyperlink, shows how badly Facebook wants to avoid you closing your account. When Facebook’s product designer for the GDPR flow was asked if she thought this hyperlink was the best way to present the alternative to the big “I Accept” button, she disingenuously said yes, eliciting scoffs from the room of reporters. It seems obvious that Facebook is trying to minimize the visibility of the path to account deletion rather than making it an obvious course of action if you don’t agree to its terms.

Not only is it a tiny hyperlink instead of a button, the link is just a few pixels above the big “I ACCEPT” button.

Thursday, 19 April 2018