Current through Register Vol. 47, No. 20, October 25, 2024
Section 4 CCR 904-3-7.09 - USER INTERFACE DESIGN, CHOICE ARCHITECTURE, AND DARK PATTERNSA. The following principles should be considered when designing a user interface or a choice architecture used to obtain Consent when required under C.R.S. §§ 6-1-1303(5), 6-1-1306(1)(a)(IV)(C), 6-1-1308(4), and 6-1-1308(7): 1. Consent choice options should be presented to Consumers in a symmetrical way that does not impose unequal weight or focus on one available choice over another such that a Consumer's ability to consent is impaired or subverted.a. Example: One choice should not be presented with less prominent size, font, or styling than the other choice. Presenting an "I accept" button in a larger size than the "I do not accept" button would not be considered equal or symmetrical. Presenting an "I do not accept" button in a greyed-out color while the "I accept" button is presented in a bright or obvious color would not be considered equal or symmetrical.b. Example: If multiple choices are offered to a Consumer, it should be equally easy to accept or reject all options. Presenting the option to "accept all" when offering a Consumer the choice to Consent to the use of Sensitive Data for multiple purposes without an option to "reject all" would not be considered equal or symmetrical.2. Consent choice options should avoid the use of emotionally manipulative language or visuals to unfairly, fraudulently, or deceptively coerce or steer Consumer choice or Consent.a. Example: One choice should not be presented in a way that creates unnecessary guilt or shames the user into selecting a specific choice. Presenting the choices "I accept, I want to help endangered species" vs "No, I don't care about animals" may be considered unfairly emotionally manipulative.b. Example: The explanation of the choice to Consumers should not include gratuitous information to emotionally manipulate Consumers. Explaining that a mobile application "helps save lives" when asking for Consent to collect Sensitive Data for Targeted Advertising may be considered deceptively emotionally manipulative if the Targeted Advertising is not critical to the lifesaving functionality of the application.3. A Consumer's silence or failure to take an affirmative action should not be interpreted as acceptance or Consent.a. Example: A Consumer closing a pop-up window which requests Consent without first affirmatively selecting the equivalent of an "I accept" button should not be interpreted as Consent.b. Example: A Consumer navigating forward on a webpage after a Consent choice has been presented without selecting the equivalent of an "I accept" button should not be interpreted as affirmative Consent.c. Example: A Consumer continuing to use a Smart TV without replying "I accept" or "I consent" in reply to a verbal request for Consent should not be interpreted as affirmative Consent.4. Consent choice options should not be presented with a preselected or default option. a. Example: Checkboxes or radio buttons should not be selected automatically when presented to a Consumer.5. A Consumer should be able to select either Consent choice option within a similar number of steps. A Consumer's ability to exercise a more privacy-protective option shall not be unduly longer, more difficult, or time-consuming than the path to exercise a less privacy-protective option.a. Example: Consumers should be presented with all choices at the same time. Presenting an "I accept" button next to a "Learn More" button which requires Consumers to take an extra step before they are given the option of an "I do not accept" button could be considered an unnecessary restriction.b. Example: Describing the choice before Consumers and placing both the "I accept" and "I do not accept" buttons after a "select preferences" button would not be considered an unnecessary restriction.6. A Consumer's expected interaction with a website, application, or product should not be unnecessarily interrupted or intruded upon to request Consent. a. Example: Consumers should not be interrupted multiple times in one visit to a website to Consent if they have declined the Consent choice offered when they arrived at the page.b. Example: Consumers should not be redirected away from the content or service they are attempting to interact with because they declined the Consent choice offered, unless Consent to process the requested data is strictly necessary to provide the website or application content or experience.c. Example: Consumers should not be forced to navigate through multiple pop-ups which cover or otherwise disrupt the content or service they are attempting to interact with because they declined the Consent choice offered.7. Consent choice options should not include misleading statements, omissions, affirmative misstatements, or intentionally confusing language to obtain Consent.a. Example: Choices should not be driven by a false sense of urgency. A countdown clock displayed next to a Consent choice option which states "time is running out to Consent to this data use and receive a limited discount" where the discount is not actually limited by time or availability would be considered creating a false sense of urgency.b. Example: Choices should avoid the use of double negatives when describing Consent choice options to Consumers.c. Example: Consent choice options should not be presented with confusing or unexpected syntax. "Please do not check this box if you wish to Consent to this data use" would be considered confusing syntax.d. Example: The language used for choice options should logically follow the question presented to the Consumer. Offering the options of "Yes" or "No" to the question "Do you wish to provide or decline Consent for the described purposes" would be considered an illogical choice option. The choice options "provide" and "decline" would be considered to logically follow the same question.8. The vulnerabilities or unique characteristics of the target audience of a product, service, or website should be considered when deciding how to present Consent choice options. a. Example: A website or service that primarily interacts with Consumers under the age of 18 should consider the simplicity of the language used to explain the choice options or the way in which cartoon imagery or endorsements might unduly influence their choice.b. Example: A website or service that primarily interacts with the elderly should consider font size and space between buttons to ensure readability and ease of interaction with design elements.9. User interface design and Consent choice architecture should operate in a substantially similar manner when accessed through digital accessibility tools. a. Example: If it takes two clicks for a Consumer to Consent through a website, it should take no more than two actions for a Consumer using a digital accessibility tool to complete the same Consent process.B. In addition to the principles included in this part 4 CCR 904-3, Rule 7.09 , Controllers may consider statutes, administrative rules, and administrative guidance concerning Dark Patterns from other jurisdictions when evaluating the appropriateness of the user interface or choice architecture used to obtain required Consent.C. Controllers shall not use an interface design or choice architecture to obtain required Consent that has been designed or manipulated with the substantial effect of subverting or impairing user autonomy, decision making or choice, or unfairly, fraudulently, or deceptively manipulating or coercing a Consumer into providing Consent. 1. The principles outlined in 4 CCR 904-3, Rule 7.09 are factors to be considered when determining if a consent interface design or choice architecture has been designed or manipulated with the substantial effect of subverting or impairing user autonomy, decision making or choice, or unfairly, fraudulently, or deceptively manipulating or coercing a Consumer into providing Consent.D. Consent obtained in violation of this part 4 CCR 904-3, Rule 7.09 may be considered a Dark Pattern, as defined in C.R.S. § 6-1-1303(9).E. The fact that a design or practice is commonly used is not, alone, enough to demonstrate that any particular design or practice is not a Dark Pattern.F. Consent obtained through Dark Patterns does not constitute valid Consent in compliance with C.R.S. §§ 6-1-1303, 6-1-1306, and 6-1-1308.46 CR 06, March 25, 2023, effective 7/1/2023