Bill would outlaw 'Dark Patterns' that help tech companies get your data

The target is those default settings that let companies collect as much data as possible.

Laura Hautala Former Senior Writer
Laura wrote about e-commerce and Amazon, and she occasionally covered cool science topics. Previously, she broke down cybersecurity and privacy issues for CNET readers. Laura is based in Tacoma, Washington, and was into sourdough before the pandemic.
Expertise E-commerce | Amazon | Earned wage access | Online marketplaces | Direct to consumer | Unions | Labor and employment | Supply chain | Cybersecurity | Privacy | Stalkerware | Hacking Credentials
  • 2022 Eddie Award for a single article in consumer technology
Laura Hautala
2 min read

You've seen it before. You go to create a new account with an online service, and you notice everything is preset to collect your contact list, photos, browsing history -- the list goes on. As you scroll down and uncheck the options you don't like, you think, "This ought to be illegal!"

Well, two US senators have a bill for you. Introduced Tuesday, the Deceptive Experiences To Online Users Reduction -- or DETOUR -- Act aims to curtail design practices online that "convince users to hand over their personal data without really understanding what they are consenting to," said Sen. Mark Warner, a Democrat from Virginia, who's co-sponsoring the bill with Sen. Deb Fischer, a Republican from Nebraska.

"Some of the most nefarious strategies rely on 'dark patterns' -- deceptive interfaces and default settings, drawing on tricks of behavioral psychology, designed to undermine user autonomy and push consumers into doing things they wouldn't otherwise do," Warner said.

James Martin/CNET

Concerns from lawmakers over data collection have dogged Silicon Valley for more than a year. When the Cambridge Analytica data privacy scandal came to light in early 2018, Congress called Facebook executives to Washington for tracking users in hidden ways. Tech companies are facing additional scrutiny from legislators over their role in the spread of misinformation during the 2016 US presidential election, and Facebook and Google also face questions from Congress about the spread of white nationalism on social media.

A press release from Warner's office noted that the bill comes a day before the one year anniversary of Facebook CEO Mark Zuckerberg's testimony before Congress about the Cambridge Analytica scandal. Facebook didn't immediately respond to a request for comment.

The bill would create a body that would put out best practices and guidelines for web services to follow. The organization would act as a self-regulation mechanism for the industry. However, the US Fair Trade Commission would serve as a "regulatory backstop."

What's more, the proposed legislation would require companies every 90 days to get informed consent for any "behavioral or psychological experiments" they perform on users and to create internal review boards to watch out for user well-being. In 2014, Facebook saw backlash to its practice of running behavioral experiments on users, after it revealed results from a study that showed users who saw more happy posts also posted happy content to their timelines.

Finally, the bill would ban companies from designing web services meant to create compulsive use by children under 13.

Privacy and consumer advocates from organizations like the Electronic Privacy Information Center and Common Sense Media praised the bill in the press release, as did a handful of tech companies, including Mozilla and Microsoft.
"We support Senators Warner and Fischer in protecting people from exploitative and deceptive practices online," said Fred Humphries, corporate vice president of US government affairs at Microsoft. "Their legislation helps to achieve that goal and we look forward to working with them."