In this article I interview Heather Burns, author of The
Web Designer’s Guide to the Consumer Rights Directive.
So, which dark patterns are now illegal in the UK?
The EU’s new consumer rights law bans certain dark patterns related to e-commerce across Europe. The “sneak into basket” pattern is now illegal. Full stop, end of story. You cannot create a situation where
additional items and services are added by default. No more having to manually remove insurance from your basket when purchasing plane tickets.
Hidden costs are now illegal, whether that’s an undeclared subscription, extra shipping charges,
or extra items. While the costs are still permissible, failing to advise the customer about them or explain what they are is not. Everything has to be
brought out in the open, explained, and clarified before checkout. Even if you are not able to declare a specific additional cost in advance – say,
supplemental shipping charges to remote areas – you still have to declare that these charges exist and will be applied to the order.
As a part of that, retailer fees and surcharges must be brought out into the open and explained. Retailers can no longer charge “processing fees” in excess
of what it actually costs them. Remember when a certain airline used to offer £2 return flights which carried a £45 credit card processing fee? Now, we all
knew damn well that the flight was £45 and the processing fee was £2, but there was nothing we could do about it. With the new law they cannot try to swap
the figures or surprise you with a £45 “processing fee” at checkout.
Forced continuity, when imposed on the user as a form of bait-and-switch, has been banned. Just the other day a web designer mentioned to me that he had only just
discovered he had been charged for four years of annual membership dues in a “theme club”, having bought what he thought was a one-off theme. Since he lives
in Europe, he may be able to claim all of this money back. All he needs to do is prove that the website did not inform him that the purchase included a
membership with recurring payments.
What UK laws have changed?
This law updated and replaced the 1997 consumer rights law, which was laughably outdated. It’s pretty amazing to think that until June this year, digital
products and downloads had no reference in trading laws, which meant that consumers had no protection.
The new law essentially had three goals. The first was to update those ridiculously old e-commerce laws. It’s a damning indictment of all the UK governments
and parties who have held power since 1997 that it took the EU to force us to bring our trading laws out of the Teletext era.
The second goal was to harmonise consumer trading laws across all of Europe so that people can do more cross-border shopping. Pour exemple, I love French pop
music. If I decide to spoil myself with a bumper order from Paris, I can now do so knowing that I am buying under the same conditions and protections as if
I’d gone to my local Fopp.
The third goal, and the one you’re concerned with, was to outlaw e-commerce’s worst Dark Patterns. There’s clearly been a lot of good public input into this
law. We’re really not used to seeing web laws that deal with real specifics rather than theoretical concepts.
Are some Dark Patterns still legal?
The directive only dealt with Dark Patterns concerning e-commerce. Dark Patterns concerning other issues like privacy, information disclosure, sharing and
advertising are not affected. We also have yet to see what new Dark Patterns will be invented in response to the Directive!
How come some e-commerce sites are still using the sneak into basket dark pattern? Are they breaking the law?
The law has not been well publicised. Lack of knowledge, of course, is no excuse. In my book I talked about “trading trolls” – people who would surf the web
specifically looking for noncompliant sites so that they can place an order, get the stuff, report the site for noncompliance, get their money back, and keep
the stuff. After all, if the site is breaking the law, they have no recourse there. I would, of course, never encourage anyone to do that.
*coughs loudly, and winks*
Let’s get specific – is Sportsdirect.com now breaking the law?
At the time of writing, sportsdirect.com sneaks a £1 magazine and mug into your basket with every purchase. As that is adding those items by default, thereby
forcing the customer to manually remove them, it is noncompliant. They cannot argue that a magazine and a mug are companion pieces to the items being
purchased. They are extra items, full stop. If the magazine is so essential they can simply include it in your shipping parcel like many retailers do. As for
a mug, the process of removing one from your basket treats us like one.
How about next.co.uk?
Next is stretching the law to its limits. Technically this is legal because it meets the information provision requirements. As with anything, though, just
because it’s legal doesn’t make it right. The Next Directory is not a paper catalogue, it’s a credit programme and a financial service. (I learned this when
I signed up for the directory, never received a copy nor the invoice, and then received a late fee notice and a mark against me on my credit record for not
paying for a stupid catalogue which I never received.) Financial services are exempt under the Directive, and so next.co.uk are deliberately being as
ambiguous as possible because they can.
And what about Ryanair?
It’s a fair bet to say that the company whose conduct led to this law being created in the first place is going to throw out quite a few examples of
noncompliant conduct. In this example, they are still adding the additional payment by default, leaving the consumer to manually opt-out of it. That’s wrong.
What’s going to happen to businesses who use these now-illegal Dark Patterns?
Quite simply, businesses who don’t comply face a loss of revenue. If you make a purchase, whether that’s buying goods or a service, on a non-compliant web
site, you have the right to recourse through your nearest Trading Standards office, in other words, your local Council. Unlike the cookie law, which is dealt
with by one UK-wide bureaucracy which has bigger fish to fry, this law is dealt with on a local level.
A failure to comply cancels the transaction. You can get your money back and keep the goods. If the sale was for a service or a digital download, the
contract is cancelled and no further payments are due.
So this isn’t a re-run of the cookie law farce we had a few years ago?
Absolutely not. The cookie law was the wrong law, drafted at the wrong time, in the wrong way, for the wrong reasons. The Consumer Rights Directive couldn’t
be more different. It was desperately needed, it’s common sense, and it reflects the way the web actually works.
How does the Consumer Rights Directive affect US companies who are dealing with UK or EU consumers?
The Directive applies to inter-EU sales only. A US company does not need to comply to sell in Europe. Although it would be awfully nice of them.
And finally, tell us about your book!
My book does what it says on the tin – The Web Designer’s Guide to the Consumer Rights Directive. It
started out as a blog post, but 11,000 words later I realised it was a bit more than that!
Writing the book was my attempt to bring sanity back to the web community. I’ve been researching and writing about the cookie law since 2012 and it’s taught
me a lot about the gap between practice and theory. One of the many things I came to realise is that laws concerning the craft of web development are cooked
up by offline politicians and then drafted by solicitors for solicitors. They throw an 80 page legalese .pdf onto a web site and say “there’s your lot, now
comply.” They don’t think about who actually does the work, and because they are neither coders nor crafters, they very often literally have no idea what
they are talking about.
The web community needed someone to translate these laws into plain English, break them down into small chunks, and explain how to comply in terms of
front-end and back-end implementations, not airy legal theory. And if aspects of the laws are ill-informed or disruptive, we have a responsibility as a
community to speak out.
[EDIT 27/08/14:] Use the coupon code ‘hackernews’ to get Heather’s eBook for just £6. That’s 50% off the list price! Buy now
Posted 26 August 2014, 10:51 am