Slashdot Mirror
Facebook, Google, and Microsoft Use Design To Trick You Into Handing Over Your Data, Report Warns (gizmodo.com)
An anonymous reader quotes a report from Gizmodo: A study from the Norwegian Consumer Council dug into the underhanded tactics used by Microsoft, Facebook, and Google to collect user data. "The findings include privacy intrusive default settings, misleading wording, giving users an illusion of control, hiding away privacy-friendly choices, take-it-or-leave-it choices, and choice architectures where choosing the privacy friendly option requires more effort for the users," states the report, which includes images and examples of confusing design choices and strangely worded statements involving the collection and use of personal data.
Google makes opting out of personalized ads more of a chore than it needs to be and uses multiple pages of text, unclear design language, and, as described by the report, "hidden defaults" to push users toward the company's desired action. "If the user tried to turn the setting off, a popup window appeared explaining what happens if Ads Personalization is turned off, and asked users to reaffirm their choice," the report explained. "There was no explanation about the possible benefits of turning off Ads Personalization, or negative sides of leaving it turned on." Those who wish to completely avoid personalized ads must traverse multiple menus, making that "I agree" option seem like the lesser of two evils. In Windows 10, if a user wants to opt out of "tailored experiences with diagnostic data," they have to click a dimmed lightbulb, while the symbol for opting in is a brightly shining bulb, says the report.
Another example has to do with Facebook. The social media site makes the "Agree and continue" option much more appealing and less intimidating than the grey "Manage Data Settings" option. The report says the company-suggested option is the easiest to use. "This 'easy road' consisted of four clicks to get through the process, which entailed accepting personalized ads from third parties and the use of face recognition. In contrast, users who wanted to limit data collection and use had to go through 13 clicks."
Google makes opting out of personalized ads more of a chore than it needs to be and uses multiple pages of text, unclear design language, and, as described by the report, "hidden defaults" to push users toward the company's desired action. "If the user tried to turn the setting off, a popup window appeared explaining what happens if Ads Personalization is turned off, and asked users to reaffirm their choice," the report explained. "There was no explanation about the possible benefits of turning off Ads Personalization, or negative sides of leaving it turned on." Those who wish to completely avoid personalized ads must traverse multiple menus, making that "I agree" option seem like the lesser of two evils. In Windows 10, if a user wants to opt out of "tailored experiences with diagnostic data," they have to click a dimmed lightbulb, while the symbol for opting in is a brightly shining bulb, says the report.
Another example has to do with Facebook. The social media site makes the "Agree and continue" option much more appealing and less intimidating than the grey "Manage Data Settings" option. The report says the company-suggested option is the easiest to use. "This 'easy road' consisted of four clicks to get through the process, which entailed accepting personalized ads from third parties and the use of face recognition. In contrast, users who wanted to limit data collection and use had to go through 13 clicks."
a target.
This info has been out there for years yet no one is listening and/or cares. The mantra of people seems to be "it's free" so why not. I have long ago seen this coming. Use Fedora Linux or Debian. Use an iPhone over Android despite Apple having some issues. Use P2P apps in lieu of things like Skype. Own your own domain and use that for email. It's cheap and you have control of your user name and domain name. Tie that domain name to a privacy-respecting service like Fastmail.
Don't use spy devices like Alexa or Google Home. These exist not to help you but to harvest your data 24/7. Roll your own solutions, especially if you're technical or in IT. Use your own skills. Run a Pi-hole, block and defund the ad companies and tracking companies. Like drugs, just say no...
I just can't believe that companies like Microsoft or Facebook or Google would ever do anything underhanded or manipulative! I mean, it's not like have years of history of doing this, right? Right?
(As someone else posted, opting out probably gets you scrutinized even more, perhaps as a test subject for even trickier under-the-radar manipulation.)
Just cruising through this digital world at 33 1/3 rpm...
"Another example has to do with Facebook. The social media site makes the "Agree and continue" option much more appealing and less intimidating than the grey "Manage Data Settings" option".
That's a bit rich for /. to post that. This site does the very same thing. At least in Europe it does. When opening the site we get the "We value your privacy" pop-up asking us to agree to all the advertising shenanigans. Oh look, the big "I agree" button is all coloured and in green, the universal colour for go, good or safe. The opt-out is just plain boring white.
Windows 10 greets me with a security warning every month, because I have switched off the option of submitting code samples for virus protection.
I develop my own software and I do *not* want it to go to Microsoft.
Every month I have to re-affirm that I have opted out of delivering my software to them. Stop that sh*t!
To Terminate, or not to Terminate, that's the question - SCSIROB
He said targeted, not tracked.
APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
While Facebook is avoidable good luck avoiding Microsoft and Google if you're not a member of the zombie Steve Jobs fan club...that said, whatever they extract is far less damaging than the Equifax breach, after that I'd say cell phone carriers and all of the historical gps data they share with third parties without your consent. Just like the instigators of the 2008 global financial meltdown the penalties = zero dollars.
Slashdot's no better. I've lost count of the times I've told it that I don't consent to processing my data for personalisation of advertising. Since refusing consent may not be punished, it's almost certainly in violation of GDPR.
You seem to be keeping your gaze too low. You are not just a target for buying stuff; you are also a target for modifying your opinion and behaviour in politics and other questions.
You can be targeted through other vectors than traditional ads, e.g. notification flows, news flows, ads-or-propaganda-disguised-as-news, product placement, insurance company policies, employability, police knocking on your door, ...
As an extreme, think China. The view we outsiders get is that if they collect the wrong data about you, they will *target* you in a way that no ad-blocker will stop.
Have you ever read their EULA?
"When you upload, submit, store, send or receive content to or through our Services, you give Google (and those we work with) a worldwide license to use, host, store, reproduce, modify, create derivative works (such as those resulting from translations, adaptations or other changes we make so that your content works better with our Services), communicate, publish, publicly perform, publicly display and distribute such content. "
Just because you'd pay $4.99/month, doesn't mean they won't use your data anyway.
You sound like a Google employee. There's no doubt about Google tracking. At least DuckDuckGo has a stated policy of not tracking, and is an alternative to the Google Goliath.
I think a lot of people also don't realize how much it costs to provide a service like Gmail because it's all electronic, and so they don't apply the 'nothing is for free' maxim to it.
"What lies behind us, and what lies before us are tiny matters compared to what lies within us." Ralph Waldo Emerson
They aren't really. They are making it difficult to opt out and easy to opt in, and using very deceptive tricks to encourage one behaviour over the other. They should be equally easy actions, with no deception to encourage or enforce opting in. Additionally, if you look at how some sites break down cookies into categories like "essential", "performance", "tracking" and "advertising" etc., you still see a lot of unwelcome stuff in the "essential" category (which can't be disabled in many cases). That's illegal now; I should be able to disable every last bit.