Facebook, Google and Microsoft push users out of privacy-friendly options of their services in an “immoral”, according to a report prepared by the Norwegian Consumer Council.
We studied the privacy settings of companies and found a number of “dark patterns”, including intrusive default settings and deceptive words.
The companies which gave users an “illusion of control”, your report suggests.
Both Google and Facebook said that users ‘ privacy was very important to them.
The report Cheated for the Design was based on user tests, which took place in April and May, when the three companies were making changes to their privacy policies in compliance with the european union Data Protection Regulation (GDPR).
There are examples ofrespectful of the intimacy of the decisions hidden
privacy-intrusive defaults with a longer process for the users who want privacy-friendly options
some privacy settings that occurpop-ups, compelling the user to make certain decisions, while the key information is ignored or minimizedthere is no option to postpone decisionsthe threats of loss of functionality or removing the user account if certain settings are not chosen
For example, Facebook warns that any person who wishes to turn off the facial recognition that to do so means that the company “will not be able to use this technology if a stranger used your picture to pretend to be you.”
The report came to the conclusion that users are often given the illusion of control through their privacy settings, when you are not getting it.
“Facebook gives the user a feeling of control over the use of third party data to show ads, while it turns out that the control is much more limited than what initially appears,” the report said.
“And Google’s privacy dashboard promises so that the user can easily delete the data, but the dashboard turns out to be difficult to navigate, which is more akin to a maze than a tool for user control,” he added.
Microsoft was praised for giving equal weight to the privacy-friendly and hostile options in its installation process in Windows 10.
The consumer watchdog concluded: “The combination of privacy-intrusive the default values and the use of dark patterns to push to the users of Facebook and Google, and to a lesser degree, Windows 10, towards the less privacy-friendly options degree they consider unethical.
“We question whether this is in accordance with the principles of data protection by default and data protection by design, and if the consent given under these circumstances, can be said to be explicit, informed and freely given.”
In response, Google said: “During the past 18 months, in preparation for the implementation of the EU data protection regulation, we have taken steps to update our products, policies and processes to provide all our users with meaningful data transparency, and simple controls across all our services.
“We are in constant evolution of these controls based on the user experience of evidence – in the last month, we’ve made improvements to our Announcement of the Settings and Google Account information and controls”.
Facebook said: “We have prepared for the past 18 months to ensure that they comply with the requirements of the GDPR. We have made our policies more clear, our privacy settings easier to find and introduced better tools for people to access, download, and delete your information.”
Microsoft told the BBC: “We have seen the report of Norway, and I would like to reinforce the idea that we are committed to GDPR compliance across our services in the cloud, and provide GDPR-related guarantees in our contractual commitments.”
Shortly after GDPR entered into force in May, Google and Facebook were accused of breaking the privacy laws of group noyb.de the eu, established by activist Max Schrems.
He complained that the people has not been given freedom of choice when it came to the election of new privacy settings.