Dark Patterns – how AI bends our minds online

Dark Patterns use AI and social engineering to manipulate and bend your mind when online.  This deceptive and manipulative practice influences a person’s decision to perform a particular action.

What is worse is that Dark Patterns exist in over 95% of the world’s most popular apps, influencing free will, stealing personal data, and strongly influencing outcomes. You may buy or commit to something you didn’t even need.

These frightening findings resulted from a comprehensive study by UniSA’s Australian Research Centre for Interactive and Virtual Environments (IVE). Essentially, it explores online problems where humans are at the centre of the solution. The worst part of IVE’s findings is that we only have basic regulations against deceptive and misleading advertising under Australian Consumer Law but no regulation against Dark Patterns.

As these commercial entities are not breaking specific laws, they are passively permitted to exploit these loopholes. They cleverly use these tactics to deceptively and manipulatively achieve their goals, often at the expense of the consumer. While covering the more obvious dark patterns, the current state of regulation still leaves room for these more subtle manipulative strategies to thrive.

What is a Dark Pattern (also called a deceptive pattern)?

It can be as simple as

• Bright, colourful or even grey emotionally appealing patterns that draw your eye to select that.
• Apparent massive sale price reductions
• Nudges and Choices – Recommendations not to buy X but Y
• Urgency – last one, price increased in 60 seconds, buy now for a special deal…
• Fake reviews or arbitrary star ratings
• Tools to keep you on the site, including how long you spend on a particular page
• AI profiling for laser-focused marketing using your IP address, location, profile from a data broker and even social media profiles.
• Customer tracking across the internet: where you clicked from and where you clicked to (cookie tracking, transparent pixels, and much more).
• Outright scams and frauds

Dark Patterns promote innocent interaction. This can range from turning a website visitor into an email list subscriber, a subscriber into an account holder, a free account into a paid account, a free trial user into a monthly subscriber, or a user providing minimal data to providing maximal data.

The metrics for success are not how well the customer was satisfied (most help) but how many tricks they fell for (most harm)

Dark Patterns on online platforms materially distort or impair, either on purpose or in effect, the ability of recipients to make autonomous and informed choices or decisions. Those practices can be used to persuade the service recipients to engage in unwanted behaviours or make undesired decisions that have negative consequences for them. European Union.

Enter AI – resistance is futile

AI learns everything about you to customise Dark Patterns – dynamically adapting to your responses. It gathers massive data, including social media profiles and phone sensor data. It can even detect face recognition, voice recognition, gender, age, and emotions.

AI can implement dynamic pricing and appeals to keep you on the site especially if you look like leaving.

Generative AI, such as ChatGPT, also powers deceptive business practices. Fake reviews and false ratings are pervasive, and providing deceptive information on product quality disrupts users’ decision-making processes. Generative AI can generate highly believable and persuasive fake reviews on the fly. Read Astral AI-generated comments flood Reddit.

Some of the Dark Patterns

• Anchoring: The price you first see is your reference. Any lower price is a ‘bargain’. One of the main appeals is to place an artificial value on the item by inference. “Why would you pay this much?”
• Framing: Are you saving money by buying now or losing money by not buying? We all like to save.
• Status Quo: Accepting your present state over change is easiest. That explains why so few shop around for banks and utilities. Your existing supplier is like a comfortable pair of slippers.
• Priming: Prior exposure to information on a brand can influence a decision. AI can plan to maximise exposure without you knowing.
• Bandwagon: You tend to agree with the majority even if it disagrees with your view. Wanting to fit. Everyone else does this, so you should, too. This is especially important in China for earning ‘social credit’.
• Sunk Cost: Akin to ‘in for a penny, in for a pound’ so you keep buying brand X even though there may be better.

Data harvesting

No one ever reads the privacy policy or terms and conditions. The following was an April Fool’s joke, but 7,500 people bought it that day.

Help us to help you

Users are encouraged to provide extra information, with the stipulation that the information will not be visible to others. Still, it is in their best interest to provide it to improve their overall experience. It is the oldest negotiating trick: ‘If you do this, I will do that.’

Social media use Dark Patterns with the promise that it will only help better connect with relevant people and marketing.

Personalised Ads – loss-gain framing

Microsoft offers the option to opt out of personalisation, stating that the ads are “intended to inform and enrich your time on the web” and that the ads “are chosen based upon who you are, making them more relevant to what interests you.” This suggests that you will have a much worse experience if you opt out of personalisation.

Misleading colours, words and more

The use of green implies eco-friendly. Statements about being more eco-friendly than your competition don’t require proof. Why do so many Asian advertisements overuse red – the Chinese colour for good luck?

Words can be double negatives or lead to contrary behaviour. For example, when unsubscribing, you expect to tick a box to confirm, but the action is to keep subscribing.

The small print may take all your rights away. For example, the consent to receive marketing emails is part of the privacy policy you must accept to finalise the transaction. Worse, the terms may be in a collapsed field, and you don’t see them unless you scroll down.

Account deletion

Known as immortal accounts, you cannot delete the account, only a tiny segment of useless data. Facebook does this, and it can still track you through immortality.

Delaying tactics

Additional windows asking you to prove you are human gives AI the time to recalculate its approach and keep you on the site longer.

Special offers

You have been chosen or are a winner for some deal with a short countdown timer to take up the offer. Often, the big button is to pay full price, and the small print button is to skip the offer.

Confirm shaming

Where the apparent consequences of opting out are worse than the consequences of consent.

Safety online shaming

Where the website asks for more details to confirm who you are. Usually, questions about gender, age, location, phone number, etc. Worse are ‘secret questions’ that can garner more information for ID Theft.

Apparent forced consent

Dropbox and other cloud storage services ‘insist’ that you open a free account to download information sent by someone. Most mobile phones often download unwanted third-party apps by default. If you look carefully there should be a skip button.

Bait and Switch

You may be trying to cancel a subscription, but the large colourful button is to keep using it. Or you may have decided to purchase a product only to find it’s unavailable (the last one sold), and you are switched to an alternative. Online air and accommodation booking sites are masters at this and can quickly take you from the cheapest to the next available fare and so on.

You are in control – a false sense of security

The text implies you can easily change preferences in the app – NOT.

Pressure to spend

Finance instructions use this knowing your credit limit – why not spend it now?

Pressure to join

The special price is for members only. Read Members-only pricing may not be illegal, but it is damned irritating.

Decision uncertainty

Ambiguous choices and bright, colourful buttons that ‘Accept and Continue’.

Forced Explanation

A chatbot pops up and tries to convince you to change your mind—a very successful tactic.

Emotive appeal

I thought we were friends (cute puppy crying). The main button is ‘Accept and continue”.

Is it happening here?

Does a bear s%*t in the woods? IVE found that 95% of the world’s most popular apps were heavily indulging.

It cited the case of Kogan Australia, fined $310,800 in 2021 for violating Australian spam laws. The ACMA found that Kogan sent consumers over 42 million marketing emails from which they could not easily unsubscribe. Instead, consumers were required to create a Kogan account and log in. Come in, sucker!

It called out social media for knowing how to provide a thrill, satisfaction, and a drive to view more content and spend more time on their service. Employing patterns in the delaying provision category, such as autoplay, infinite scrolling, and pull-to-refresh, social media services tap into our dopamine-craving cycle.

 Social media companies have mastered how to tap into our pleasure and addiction drives in a way that is wholly to their benefit and the detriment of the user.

Right to be forgotten – not in Australia

Immortal accounts are still a prominent dark pattern of concern. In Australia, users do not have a right to be forgotten. The closest they have are some relevant Australian Privacy Principles (APPs) in the Privacy Act that enable them to request that a commercial entity remove personal information. This removal is at the commercial entity’s discretion; no rule forces them to do so.

It is too late after the horse has bolted. Your data has been monetised and used.

Any solutions?

The IVE has painted a grim picture of how prevalent, harmful, and pervasive Dark Pattens are. It is clear that even being aware of these patterns cannot completely protect a person from their influence.

For every new regulation, new forms of dark patterns will circumvent it.

IVE suggests that if AI can develop Dark Patterns for online companies, then users should be able to harness AI to detect and defeat them. However, the extent of dark pattern use is beyond comprehension. Researchers looked at 10,992 popular websites and found 3744 different dark patterns and 2,417 different ‘cookie trackers’ across most sites.

IVE says there will always be an arms race between AI creating dark patterns and AI identifying them. Software detection solutions will likely be integrated into browsers and phone software to help us deal with overwhelming and undetectable dark patterns.

What can you do

• Learn to recognise dark patterns
• Read terms and conditions carefully
• Use ad-blocking and privacy tools

CyberShack’s view: Dark patterns are impossible to legislate against

IVE says that no matter how many sites like CyberShack publicise the problem, humans are slow to react and even slower to change behaviours.

We can tell you to use long and complex passwords (Read How long does it take to hack your password?), yet 12345 (and simple variants) are still the most used worldwide.

We can tell you to use a paid antivirus program (Read Is Windows Security good enough to foil the bad guys?), yet over 50% don’t have one on their PC and way less on a Mac. It is only 17% on a phone. Yet real-life experience shows that 50% will catch a virus, download malware and have ransomware delete all their files.

We tell you how to be aware of and avoid scams (Read Online scams fool even the best of us. What to look out for) – romance, online dating, health, investment, inheritance, threats/sextortion, employment, and now AI deep fake impersonation, yet billions of dollars are lost annually.

We warn you that data harvesters like Temu and Shein are dangerous (Read Temu – more Chinese spyware – the catch in cheap online shopping and Shein – more Chinese spyware – fast fashion at the expense of privacy) and yet over 12 million Aussie active users buy cheap junk. The data and money end up in China.

You continue to use Facebook (Read Can you trust Facebook? No, non, nine, nee, nay, nej, não, όχι, nyet) or TikTok (Raed TikTok is dangerous – a drug, subversive and spyware) et al., yet these are the worst data harvesters on the planet.

OK, proselytising over because many readers listen; in that case, we have done our job.

Brought to you by CyberShack.com.au