OPC key findings:
20 per cent of websites and mobile apps �used confirm-shaming in the account deletion process
2
Interface interference: Design elements that can influence users’ perception and understanding of their privacy options
Examples:
Interface interference occurs when a website or mobile app uses design elements that are distracting, conflicting or confusing, making it difficult for users to understand their privacy options.
Confirm-shaming:
65 per cent of websites and mobile apps �used a false hierarchy in the privacy settings
65 per cent of websites and mobile apps had default privacy settings where a less privacy-protective option was pre-selected
Privacy options should be presented in neutral language
OPC recommendations:
Privacy options should be displayed equally and be equally visible
Even where opt-out consent is a valid form of consent under privacy laws, organizations should require users to take action to provide consent
Less privacy-protective options should �not be pre-selected as a default setting
Emotionally charged language is used to persuade the user to choose the privacy option that the organization wants the user to select, when the user attempts to make a more privacy-protective choice (e.g., using “we’re sad to see you go” language when a user attempts to delete an account)
The privacy option that the organization wants the user to choose is emphasized/more obvious, while the more privacy-protective option is obscured/less visible (e.g., a cookie banner that has a prominent “ACCEPT ALL” button and a muted “Reject all cookies” button)
False hierarchy:
The privacy option that the organization wants the user to choose is a default setting, while the more privacy-protective option requires the user to take action (e.g., pre-selection of a setting that allows the organization to sell personal information)
Pre-selection:
Cookie Notice
COOKIE SETTING
ACCEPT ALL
Reject all cookies