541 comments

[ 2.5 ms ] story [ 302 ms ] thread
Yessssss!

It's about damn time. Time to sit down, do some research, and write up some papers!

I’m assuming this is sarcasm? What do you propose be done instead of doing research and writing papers?
Not doing those things and achieving the same outcome at no cost.
Why would this be sarcasm? Wouldn't a well researched paper be the ideal public comment? I don't understand how the top comment here is so unpopular.
Nope. Not sarcasm. I'm going through each of the kiddo's tablets and cataloging every dark pattern, in every game. Then I'm writing up the details of our nightmare with PayPal, the couple of financial institutions I've had nightmares getting things closed out from, and possibly even chucking in a few examples of contact template language that I think qualify like "To opt out, send a hand-signed letter to yada-yada...".

I'm so tired of malicious compliance, hidden or disguised unsubscribe links, and complete disregard for the burden imposed on consumers.

Gacha games, loot boxes, that type of thing. Basically everything listed here.

https://queue.acm.org/detail.cfm?id=3400901

but also

https://www.darkpatterns.org/types-of-dark-pattern

or monitored here:

https://www.darkpattern.games/

I've come to realize these types of "Dark Patterns" exist in way more than just UI's. Businesses often find ways of leveraging the fruits of them for alternate revenue streams.

I'm sure there are academics out there who'll nail down the white paper aspect, butI tend to try to supply a boots on the ground eye-view since I spend a lot of time trying to teach people what to look out for, and why it's a problem.

I think the biggest dark pattern is social platforms holding the browser hostage instead of opening content in the users native browser app. Social media sites are built on user generated content. By keeping users in the app like this it puts the website at an inherent disadvantage and prevents them from providing a compelling first class experience that might compete with facebook for attention, due to their inherent parent child ui design.

Anti trust regulators came after Microsoft for deep bundling of functionality of browser and OS and I think they should do the same for facebook, google, reddit, etc. for the web view.

What is good about web sites trying to force users to use their app instead? That itself one of the worst dark patterns out there.

Edit: If my comment looks confusing, the comment I replied to has been edited. "compelling first class experience" is really a more vague term for "web sites being able to push their app on users"

While I agree this is a regrettable practice, the social media sites in question do the same thing too. The argument that Facebook is acting in users best interest by preventing websites from spamming users to use an app is incredibly self serving and not really all that believable.

I too wish it would go away, but both sites not having equal access the users in a similar way is anti competitive imo. Especially for businesses who increasingly need to participate on these platforms due to the fact that so many of their customers use their services.

I agree that this practice should go away - if you believe that, then the goal should be to eliminate this shady practice entirely, not try to make it more prevalent like you were suggesting before editing your comment.
Agreed, sorry for editing after you replied.
> What is good about web sites trying to force users to use their app instead?

If you're asking from the point of view of the social media site, the "good" thing is that a native app can steal much more personal information than a website.

Also (at least on iOS), content blockers don't work in the in-app browsers that FB uses. It's coded differently than a SafariWebView (which _does_ get the content blockers). Being an ad company, it makes sense that they don't want users doing that.
The Facebook app on my Android device doesn't do this.
All the video conferencing apps do this - Teams or Webex always try to download the app before they give you the option of using the browser unless you carefully navigate things.
Windows 10 does not respect the "default browser" setting when opening web-based content through apps. For example, clicking on "Help" links or search results from the start menu always opens in Edge.

This seems far worse than their IE-bundling issue back in the day... at least users have a few web browsers to choose from, but what good is that when user preference is overridden?

If Microsoft could ensure that the target browser would properly show the help documentation, then the complaint would hold more weight.
If there's documentation that renders correctly in modern edge but is unusable in Chrome(ium) or Firefox then that would be useful to see.

It's a valid concern but I'm fairly certain it's nowhere near the top reasons that they do this. They have a history of trying to shove users into Microsoft's unwanted browser against their (often informed) wishes.

(comment deleted)
If Microsoft can't hire people to be able to design a webpage that renders in all web browsers, then they have fallen much further than I would have even made fun of them.
Google does this even more egregiously with Android - my default browser is Firefox, but any links from Google News, Google Assistant and other Google software open in Chrome.
There's a setting to change that.

It shouldn't have to be a separate setting from the overall default browser, but at least it's relatively easy to change.

Yep, Samsung camera will only open Samsung gallery, and will show a "Unable to find application to perform this action" toast if you uninstall it (via adb, because it can't be uninstalled via gui). Also it's the only app you can set to open by double tapping the home button, so you can't configure another camera application with the same ease of use.
I wish Firefox provided two intents (does Android still call it that?), one for normal browsing and one for private browsing. Then any app that opens a link doesn't automatically get your active cookies from your main browser if you don't want it to.
I use Firefox Focus as my default. It does this. No tabs, no cookies.
Settings > Private browsing (under Privacy and security) > Open links in a private tab

An alternative is to use Firefox Focus (Firefox Klar on F-Droid) as your default browser, then its "open in" feature if you want to make it a permanent session.

(comment deleted)
They're doing a similar thing with the gmail app, at least on iOS. Practically everything now opens within gmail instead of the actual app. Google Meet links now open in gmail instead of Google Meet. I know they're both owned by the same company... but I don't want to give the gmail app microphone and video permissions.
On iOS if you click a link in a Google app it will ask you if you want to install Chrome or continue with Safari.
On iOS, Chrome is just a skin over Safari's rendering and JS engine.
Microsoft adding promotional material for Edge above the search results for "Google Chrome" in Edge also further reinforces this.
Apple does this as well on iOS where certain stock apps like Books always open links in Safari even when you have a different default browser set.
Not an iOS developer but I wonder if using the default browser requires using a different intent than the former behavior of "always open safari" did. Books, to me, seems like one of the more neglected first-party apps so it honestly wouldn't surprise me if this is just something that's sitting in the P4 column.

Only reason I assume this is all the Google apps on my phone bring up a sheet when I tap a link asking which browser I want to use-- with "system default" being one of the options.

Really there's no excuse for this, it can't be too difficult to adapt system apps to fall in line with the expectations for third-party apps.

to be fair, there is nothing other than safari on iOS...despite the window dressing.
Right, but other browsers have better behaviors to some people. For example, Safari's behavior of opening links as new tabs in the foreground is very annoying to me.
Doesn't Apple do the same with Safari? On macOS I think Safari opens up sometimes even though my default browser is Firefox. Maybe when clicking links in Apple Mails? Not sure.

It's funny how Apple gets away when doing the same thing or worse than Windows, yet Windows is always the one getting criticism. Like how Apple always try to enable Siri after an update. Or how managing when an update should be done is incredibly worse on macOS than on Windows.

Almost certain that macOS opens everything in my default browser of choice when clicking on a link in AirMail (Firefox).
Apple very recently added preferences for default browser/maps apps to iOS but as far as I can tell it’s totally broken. Resets all the time and only about 2/3rds of links open in the correct app even when it’s successfully set (especially for maps). Can’t speak to macOS. (The resetting may be fixed finally now, I’m not sure. I gave up for maps because it wasn’t worth it, which I guess was the goal).

Windows forces you to use bing/edge when you accidentally search from the launch programs menu, but I never intentionally search from there so it’s a minor inconvenience (for me). Never had it fail to respect that setting elsewhere. It also does a good job letting you set default apps for all types of files (and in fact letting apps change that setting themselves with a little user interaction) unlike iOS which only lets you change it for a few types of apps (and then through the worst designed settings menu I’ve ever seen). Can’t leave iOS behind though because I need my iMessaging.

Apple is actually worse. On iOS I will regularly click a link within an app, explicitly select “Open in Chrome” from the list of options, and it opens in Safari. Never seen anything that egregious from Microsoft.
Microsoft sounds like one of the worst companies participating in the "just ignore or overwrite user settings" trend.
That reminds me.. On macOS, the default application to open files with the .html extension is Safari, which I found is impossible to change. A tiny thing but it still makes me angry that someone at Apple intentionally removed my ability as a user.
> the default application to open files with the .html extension is Safari, which I found is impossible to change

Do you have some more context? I have found this trivial to change...

You might want to check again. I just checked and mine is set to (and works with) Chrome. Right click an HTML file and click "Get Info". Then look for the "Open With:" section and select your prefered browser. Then click the "Change All.." button. I just tested this with `echo "Hello World" > test.html` and then double-clicked it in Finder and it opened in Chrome.
Thanks for this tip! I have the opposite problem of GP; I installed Edge, and though it has never been my default browser, it's now the default browser for .html files... This fixed that issue.
Huh, you're right - I just did what you described, and was able to change the default application for .html files. Weird! I could have sworn I did the same thing a few times, and it kept reverting back to Safari.

Apparently this was an issue with the user, not the OS. My bad.

EDIT: Actually, I remember now that I had to use duti to change this from the command line.

https://formulae.brew.sh/formula/duti

(comment deleted)
Ecommerce sites showing a "27 people are watching this right now" alongside the product but from source code it turns out to be a Math.random()
As disingenuous as this may be, I feel it's probably not one of the most harmful examples
Should be punished as false advertisement.
Anything attempting to falesly manipulate someone with FOMO should be punishable. If not with jail time, then heavy fines. If not that, they should be forced to do the GoT walk of shame.
When it's using Math.random(), it kinda is.
I expect an outcome similar to what happened between the European Commission and Booking.com.

Booking.com pioneered a lot of e-commerce dark patterns like “X units left” and “Y people viewed this today”.

The EC pushed Booking.com to change its online sales tactics to be more transparent.

Booking.com lost a court case over this from what I’ve heard. “Only two rooms left!” nonsense.
Etsy does a "Only 4 items left, but 7 people have it in their cart" or something similarly worded
That one is based on real data (I worked there for a bit), but I generally agree this pattern is exploitative
Is it more or less exploitative than eBay watchers? Why so?
Etsy users put things in their cart to bookmark them.

I haven't been there for six years now, but one of the problems I worked on at Etsy was getting people to stop using their cart as a bookmarking tool. While I was there I worked on the functionality to fave an item as well as the functionality to add items to a List of favorites. There was another tool called Treasuries for this purpose that we phased out, so there were at least three systems that Etsy built to try to help people keep track of items they like without putting them in their cart. I know when we introduced Lists, several colleagues and I worked on that functionality for a few months before it ever saw the light of day. Even so, users continued to put things in their cart "so they wouldn't forget them". It was a very frustrating result; this was the exact behavior we were hoping that Lists would eliminate.

It wouldn't surprise me if it's true that the item really is in that many carts. I would also agree that it's not useful or accurate information for you, another shopper, since an Etsy user "having it in their cart" is in many cases not a very strong signal that they will purchase the item in question. Inflating the number intentionally would definitely be a dark pattern. If that number is intentionally inflated or is known to be inaccurate or fictional, dark pattern for sure.

Whether the current functionality qualifies as a dark pattern or not is a lot harder to judge. Is it poor design? Yes. For sure. Is it harmful to the user? Again, I think yes.

Is it a dark pattern if you design something poorly unintentionally? Does that term measure intent or impact? In a legal context I would expect the measure to be intent, so in that context this is probably not a dark pattern, but HN is not a court of law, so in this context... probably yes?

Intention doesn't need to be a part of defining a dark pattern. It is a dark pattern whether it was intended as such or not. However, intention could definitely be taken into account during sentencing/punishment decisions.
users continued to put things in their cart "so they wouldn't forget them". It was a very frustrating result; this was the exact behavior we were hoping that Lists would eliminate.

My wife does this, not just to Etsy, but on all kinds of e-commerce sites. So I apologize on her behalf.

I suspect that it's related that she's also one of those people who will never bookmark a web page. Instead, she keeps a hundred tabs open. I don't understand it. Some people are just wired that way.

I'm genuinely curious...what does she do when she wants to buy something then? From what you describe, she would have to remove all but what she wants, then re add everything.
I do this too. For most places I use it as a shopping list, and I just keep adding small things until I have enough for a bigger order, or until I get free delivery. Gotta save those bucks.

For places that sell expensive stuff like synths, guitars, tech stuff, I add it so I can see the total amount. Then I sleep on it. Sometimes more than one night. It might get bought along the way, so it's a great deterrent for impulse purchases.

Ohh that makes sense. Thank you for explaining!
Don't apologize. It's a pretty common practice. Some e-commerce vendors may not like it, because it disturbs their statistics or marketing shenanigans, but the error here is on their side - they assume that putting something in a cart is an intent to purchase. That assumption is wrong.

It's obvious why this happens. The shopping cart, as an e-commerce pattern, is a bookmarking tool. You put stuff there, it stays there while you browse the store for other stuff. If you step out for an hour and come back, things you added to the cart are still there. If you close the tab and open it later, the things are still there. If the price changes in between, it's updated. If an item goes out of stock, it's reflected on the cart screen. If it quacks and walks like a bookmarking tool, ...

The way for the e-commerce sites to stop it is obvious: put a time limit on the basket. Purge it if the user leaves it be for more than a couple hours. But for some reason, nobody seems to do that :).

As for the browser bookmarks, I also don't use them much (nor does anybody I know). They map badly to actual use cases. For short-term storage, tabs are perfect (especially when the browser saves them between restarts). For mid-to-long-term storage, you want to save your links where you can find them on any device, and often you also want to store them within the service itself (see also: stars on GitHub - they're not an expression of appreciation for the project, they're just bookmarks).

I do this too. A good question for OP is: why is this a problem? Just let users do what makes sense to them. Why do you have to get them to stop?
> stars on GitHub - they're not an expression of appreciation for the project, they're just bookmarks

Project maintainers often don’t think so. I think they should be just bookmarks and not a measure of popularity, better to hide the number of stars. It’d hopefully make some maintainers more humble and helpful. Maybe!

They are really good to understand whether project is used by enough folks for it to be validated and most likely maintained.
Isn’t that what the commit dates are for? Or the issue list?
Amount of issues to infer how much library gets used? That might work, but it feels like amount of issues would depend very much on the complexity of the library itself. It would be great if this number was also on the main page then and it would be possible to sort by that, but it still feels iffy to use that.

And maybe in some cases you would like to know amount of issues per amount of stars.

With issue count if it's a simpler type of library you would imagine there are quite few issues, but you'd still like to know whether this library is validated by enough folks. If it has plenty of stars and very few issues, this seems to be indicative of a very good option.

Ideally you look at all signals, also download counts from packagist/other managers as well.

I just don't think it would be a valid idea to remove the star count in an attempt to make some folks more humbler. I doubt it would make maintainers more helpful.

I like how Amazon has a "public list" and "private list" by default, in addition to all the custom lists you can make.

Seems like the reasonable thing to do in the above case is to have a default "shopping list", and if someone puts an item into their cart and doesn't buy it within the allotted time, it gets automatically moved to the "shopping list". Make the shopping list highly visible on all the cart-related views. Problem solved?

> Inflating the number intentionally would definitely be a dark pattern.

Inflating the number intentionally would be criminal fraud, plain and simple.

A dark pattern is making the „Delete account“ button smaller and grey while making the „No, take me back“ button huge and green.

Literally lying with the intent of getting money from somebody is fraud and has nothing to do with dark pattern.

Btw not attacking you personally, just wanted to clarify this misconception.

> Inflating the number intentionally would be criminal fraud, plain and simple.

With the amount of Math.floor(Math.random() * 1000) out there, I doubt any case has proven this to be something you can bring charges against a company for.

I'm sure there is a lawyer somewhere that is counting their percentage from when they win the rain maker of cases that takes the industry down on this fact alone. If only Grisham would write that novel.
Sorry but just because a crime is committed a lot, does not make it less of a crime.
My point is that we don’t know that it is a crime until someone fights over it in court.
> one of the problems I worked on at Etsy was getting people to stop using their cart as a bookmarking tool

I bookmark things in my cart in both Etsy and Reverb because the bookmarking requires an account, and I'm definitely not making one. But at least that doesn't seem to count in the "x users have this in their cart".

It’s fun to imagine the implications of dramatically raising the standard for commercial speech, such that statements which intend to mislead are prohibited.
I worked at a large online retailer in NL that got told they needed to change their delivery promise because that’s not a promise you can actually keep. So it does happen, but probably not often enough.
I’m glad to hear that! It also lines up with my anecdotal experience overseeing a marketing department that Benelux, German, and Japanese teams were on the opposite end of the spectrum compared to American, Israeli, and Chinese teams with respect to “marketing bullshit” practices.
apply it to physical stores, see how far it goes
my point being i did some stuff on 'x' available, hurry now - and went. and they never had them, but the difference is that i traded a quantifiable unit (human life expectancy) vs those online that just annoyed people
I’d argue that a simple law “companies may not lie to people,” with wide latitude for judges to define lying, would instantly and massively upend business for the better.
It would upend US media companies and politics, to the benefit of the entire world.
It would never get passed, though. The government relies on being able to force companies to lie to people for things like criminal investigations and so on.
Rookie mistake. You gotta Math.random() that shit server-side.
I was asked to implement something like this at a web startup years ago (since folded): I was supposed to juice the number of active users in the last month by a large random number in the range of 50,000-100,000 or so. I refused saying I didn't want to lie to our customers. My boss said, "it's not for them, it's for the board". Which, needless to say, was even more reason to refuse.

They assigned it to another engineer. The new "feature" was deployed.

He forgot to round the random number. So let's just say the home page reported the number of active users with very fine precision.

Unfortunately it was quickly fixed.

TrustArc is a company used by major brands that utilizes dark patterns to FAKE opt-out time for GDRP compliance. Major companies employ lies. It will hold your browser captive for 2 minutes in hopes that you cancel or accept all. If you don't, it shows "We are processing the requested change to your cookie preferences. This may take up to a few minutes to process.". Not even incompetence could make this an honest process.
Well, given that some sites employ hundreds of trackers and other barely-above-malware stuff, it does make sense for these requests to take ages.

Unfortunately, many people simply click on the "accept all" button and don't care about their privacy that much.

The idea of GDPR was that consumers would be hesitant upon seeing the massive amount of third parties that use your data and demand change from the providers, turns out people don't care / providers rather let privacy-oriented customers suffer than to take a hit on their advertising profits.

The problem is their competitors manage to accomplish opting-out near instantly.
But what requests would it even make? If you opt out you're effectively telling it to _not_ make any requests.
If it's the TrustArc Ads Compliance Manager, it makes a call to all the ad networks requesting the network's opt out cookie. The opt out cookie prevents the user from being tracked by that ad network across all sites. Cookie banner opt outs usually only prevent tracking from the site you are one.

Unlike GDPR, which uses a website as the gate for all cookies, the ad industry also has self-regulatory programs. Participation in these programs require that a website allow a user to opt out of all ad networks present on their site. TrustArc built a module to do that: https://preferences-mgr.truste.com/.

If you run the tool there, it will make a call to the ad networks listed. Of course if you're running an ad blocker, the call will get blocked and it will look like the tool doesn't do anything.

The problem is you're being presented a mandatory popup for what appears to be used as GDPR compliance but realize that it isn't because real ones are instant. This is fake GDPR in the sense that it isn't (compliant); it's other things, as you note. If the purpose is to facilitate GDPR, that opt-out time shouldn't be conflated (the ad stuff shouldn't be bundled), given that GDPR appears to have a requisite "It shall be as easy to withdraw as to give consent.". Is that a correct interpretation? You're suddenly notified you can't operate for minutes (unless you opt-in), which is definitely dark, and unnecessary (unless you want to achieve the action they're doing, but you didn't; you just need GDPR). Sitting captive for minutes is not a modern day web experience anyone finds acceptable, that's why Google is so focused on empowering loading speed inspection/resolution. The experience made me wonder if they use users who don't opt out (I almost gave up just to get out of being locked out) as a selling point. There wasn't, that I could find, an instant GDPR-compliant way around this obstruction. Why would any company care for this experience? If they wanted to be polite and do extra action (this ad network regulations thing), they have the tech to do it asynchronously/unobtrusively, right?
> Well, given that some sites employ hundreds of trackers and other barely-above-malware stuff, it does make sense for these requests to take ages.

Last time I checked, there were no requests being made client-side in the 1-2 minutes it took to cancel. It was pretty much the same number of requests for both accepting and denying. Maybe they changed it since it's too blatant.

Also, since it should be opt-in, then accepting should obviously take longer.

Wow, that is pretty blatent. When EU stomps on them I'm sure someone else will pop up. Any chance the companies employing trustarc could be liable?
The way GDPR works, I think the companies using TrustArc are more likely to be held liable than TrustArc itself. Unless TrustArc makes the unforced error of getting itself classified as a Data Controller.
> Unless TrustArc makes the unforced error of getting itself classified as a Data Controller.

Knowing how some scams and tax evasion schemes work I wouldn't be surprised if they could just set up a separate company that ends up with all the liability without any of the assets and just have that declare bankruptcy the moment the first fines hit. Rinse/Repeat as often as necessary.

I'd say they could if wasn't the EU parliament, but that would be a very bad move as the EU parliament would hit them harder if they tried that.
Based in SV with ~370 employees on LinkedIn and over 17K followers. this above comment needs to be posted verbatim into one of their most recent posts with a mention that GDPR makes its EU customers liable and an additional link to the FTC for public comments. It would make them scramble I think.

LinkedIn is underrated as a platform to call out brands, it's where many spend a lot of their money on PR / image.

May have witnessed this or similar on Oracle website, when I was still using Java. Always thought "what the hell are you processing?".
Oracle and it's products have been a big NONO for me and my customers for a long time.
Report this on Regulations.gov please! Just saying it on HN does nothing
I don't understand why most companies even bother. If they aren't going to be compliant in how they handle getting permission, why even pretend?

I think one reason is that we have reached a tipping point where website owners now view these banners as a signal of a "legitimate" website, without bothering to look into actual compliance.

Without enforcement, these things shouldn't exist. They are just a nuisance to everyone

I get this on docker.com without my script blocker.

Essential only -> Processing please wait (but you can cancel)

Customize -> Trying to trick me into allowing more, then processing as above

Accept -> Instant success

Took some screenshots since this is ridiculous (I may just not be used to the modern web since I aggressively block scripts): https://imgur.com/a/fJB0aHz

My favorite part is having to pull a bar up to decrease my consent-level.

Or that Docker now requires forced updates.... unless you pay. Then you can stay at a known version.
The worst one is probably trying to make it hard for users to stop paying for a service, like cancelling a subscription. That shit should be punishable by literal prison time.
The worst I’ve seen was Nord VPN. Three or four modals / screens where the action to stop your subscription was the smaller, secondary UI element, almost not even noticeable. How a dev or PM can live with themselves while implementing that I have no idea.
How a dev or PM can live with themselves while implementing that I have no idea.

Dev builds it the user-friendly way. PM uses Google Tag Manager to inject JS that changes the stylesheets to the evil way.

Nord has all kinds of problems.

My Nord subscription went from $5/month to $200/month recently. When I complained, the CSR told me to just cancel the account and sign up using the special offer link and a throwaway e-mail address.

That tells me there are deeper problems, and I'm not interested in doing business with that company.

About 10yrs ago NBA did this to me. They made it impossible to cancel a $99/m sub.

Their instructions were login and go to the cancel button but the cancel button was broken and said call this number. But no one ever picked up the number.

I will never buy a NBA branded thing after that obvious bullshit scam.

New York Times does this also. As far as I can tell it's literally impossible to cancel a subscription. I had to close the card attached to my account.
Nicely timed, thank you. They have a sale on I was contemplating taking up. Nope.
I heard that as far as web cancellation of NYT goes, the Cancel button magically appears if you enter your location to be in California.
If that's true that is real scummy. Someone should investigate with a VPN.
This is awful. If anyone from California could verify it would be interesting.
My girlfriend and I were both able to cancel. The number worked for us, but we had to say no through a bunch of sales pitches before we got it successfully canceled.
> we had to say no through a bunch of sales pitches

Just repeat the phrase "I want to cancel my subscription" to any question they ask. They'll get the message pretty quickly.

I'm highly in favor of making this illegal. My credit card expired and I switched my NYT subscription from through their website to through Apple (so I could cancel), and they sent my account to collections! Working with the collections agency to get it removed was easy, however.

I guess the law that I would be in favor of is twofold:

1) You must be able to cancel subscriptions from the same website that you created it from. After you cancel, the subscription must last until the end date. (So you aren't forced to set a calendar reminder for the day before.)

2) Sending an account to collections falsely should carry a 100x penalty. If they make a mistake and their billing system sends your account worth $300 to collections, they pay a $30,000 fine. Should motivate someone to write some unit tests for that.

I would be in favor of a different approach: a merchant should not, under any circumstances, be able to remove money from an account, charge a credit card, or otherwise take money from someone without the explicit authorization of the customer. In this context, explicit means one of two things:

1. The customer intentionally authorized that specific transaction. A specific transaction means one transaction. If a merchant wants to use this approach, they need to ask for authorization each time they charge.

2. The merchant may register a subscription or other recurring charge arrangement with the customer’s bank or card provider. The customer must explicitly authorize this registration at the time it occurs and may, by contacting their bank, revoke the authorization at any time. The merchant may not recreate the authorization without the customer re-authorizing it at the time of creation.

Eventually, the whole pull model of money transfers needs to go away. Taking money from someone by knowing their account number is nonsensical and should not be possible.

Though I’m skeptical of cryptocurrencies as a market, I’m very bullish on the technology long-term for use-cases like this. Having programmable money where every party is able to audit something like a smart contract and see how their deposited money will be treated is huge. We could effectively get rid of pull-model money transfers and instead relegate similar functionality to open smart contract pools.
Even worse! Now you don't have protection from your credit card company not redress through the courts.

You already have the ability to "audit" the EULA/ToS/PP; it's that link you never click next to the "I agree" button.

The powerful (in money, size, skill, fame, strength, etc.) always try to (ab)use systems to bully the weak. Smart contracts only amplify their ability to do so.

Why would a company, which (reasonably) declines to deploy its limited legal resources negotiating with each user, possibly be interested in deploying its limited engineering resources to negotiate a smart contract with each user—especially when one screw-up can "legally" bankrupt the company? (See The DAO.)

If there can be no negotiation, the options are:

  1. You reject their terms and don't use the service.
  2. You accept their terms and legally use the service.
  3. They accept your terms and you legally use the service. (Usually too risky/costly for them.)
  4. You reject their terms and illegally use the service anyway.
We could legalize option 4, but that is a very bold move—the equivalent of the Chicxulub impact on legal and business practices.
So I love this, but I imagine that all those VC funded subscription-for-x do not... (dollar shave, etc etc)
I think the explicit authorization is the contract you sign that allows for the subscription. It's already pretty risky to loan people money, and your system makes it even riskier. (Consider the business model of cloud providers; you agree to pay for whatever you use, and then they charge you for last month's usage. If you could just not pay, then the business wouldn't really be viable. You'd have to figure out what you're going to use in advance, and pre-pay, and the consequences for getting it wrong by 1 cent would be unnecessary downtime. Cloud providers of course let you pre-pay at a discount, but having both pre-pay and post-pay make a lot of sense. But, we're all paying extra because of the people that walk away at the end of the month and don't pay their bill.)

It would be worthwhile to consider not letting "click agree" create a binding contract. I think I'm in favor of that.

I agree that things like newspapers don't need to be a subscription or have a contract. On the first of the month they should just pop up a dialog that asks if you still want the subscription, and if so, it charges your card for 1 month. I would certainly like that, but it does carry a risk on my end -- if they go out of business on the second of the month, I'm stuck paying for 29 days of the subscription I can't use.

Like I said, the big problem is not being able to cancel. That's why I buy subscriptions through Apple -- there's always a cancel button. I think we should make that mandatory for every subscription provider.

This is literally what “sending you a bill” is. They don’t need to have an upfront agreement to charge your card. They need an upfront agreement that you will pay for services used at the end of the month. This is standard invoicing that these companies already do just without automatically charging cards.

When you pay your medical bills it’s still an explicit payment.

So for newspapers and whatnot, the bill is the problem, not charging your credit card. You can close your credit card to stop the payment, but you can never get out of a contract you signed.

Businesses probably need contracts in order to function, but they are overused in business-to-consumer transactions. That's the underlying problem that we should solve -- you should be able to walk away, no questions asked, from paying for a newspaper or magazine.

I think there are a couple of issues. One is that most countries consider giant piles or fine print that no one reads to be binding contracts and that customers can’t credibly negotiate them. The other is that it’s far too easy for merchants to extract money from customers without the customers’ consent.

Attacking the latter might make a large difference even if the former remains unsolved. The New York Times can get away with making cancellation difficult because they have the power to unilaterally take money from their (former?) customers. But, if anyone could trivially revoke their authorization to charge them money, I doubt that the New York Times would actually try to sue or collect from their customers en masse. Sure, they could try, but that would be a fantastic way to piss everyone off and to recover very little money.

I'm always amazed reading that this isn't already the case in the US. In India, every charge requires SMS based 2fa. Starting a bank mandate (ECS/NACH) for automatic transfers needs me to physically sign a paper. It can be revoked any time by the user without any involvement of the receiving party, and can be done online as well.
>The merchant may register a subscription or other recurring charge arrangement with the customer’s bank or card provider.

An advantage of Direct Debits in the UK is that I see them all in my banking app and can cancel them individually. A company is legally required to gain my consent again before charging again.

Of course, just because you cancel your Direct Debit doesn't mean you aren't legally on the hook for that payment.

They can still send demand letters and "send you to collections".

I think unlimited recurring subscriptions should just not be allowed, period: all multipay plans should have a fixed & finite pay period, after which the service expires. Only the card holder has the unilateral right to re-establish the payments.
What if the user wants to cancel before the term is up? If that's allowed, there won't be discounts for annual plans. (Maybe not a bad thing, but maybe inefficient.)
> You must be able to cancel subscriptions from the same website that you created it from.

More to the point, it should be required that canceling/downgrading is as easy as or easier than signing up/upgrading. Want to offer 1-click-buy, you also need to offer 1-click-cancel.

I don't think that's accurate today. I recently cancelled my NYT subscription from their website, didn't even need to call them.

How long ago was your experience?

About 10yrs ago
I ran into this myself 18 months ago. I had subscribed years ago online, but was unable to cancel online.

I informed the person who canceled my subscription over the phone that I'd never consider doing business with them again, unless they fixed the problem.

I hope it's fixed now! That'd be a great improvement

I also was able to easily cancel online a few months ago (not in California). I'm wondering if they changed their policies recently, in which case this complaint is out of date.
They way to do this is to run the subscription though something like Google Play. Then you cancel it on Google's side.

Be wary if a company avoids Google. For example Tinder started forcing users to subscribe directly instead of using Google. This is because most people cancel almost immediately since once you subscribe you find all your matches are bots.

The entire purpose is to make it just hard enough so you think ohh it's only 10$ a month. Another trick is to offer a month free. Hulu does this. If you cancel on their website you get several pages which try to convince you to stay.

Google also makes it easy to manage all your subscriptions in one place. What is all this crap I'm paying for, I can quickly see what and delete it. Also I'm much more likely to try a service ( I'm studying Chinese right now and have used various apps) if I can do it via Google Play .

This is one of the few things that actually makes me happy with the closed ecosystem of the App Store on iOS. There's virtually no risk with subscriptions in there- they can all be canceled in a few clicks in the Subscriptions section of your Apple ID. And if something's straight up a scam or an accidental (but unconsumed) purchase, you can request a refund from Apple with rather little friction.

First-party trials annoy me since cancelation is instant, unlike trials from third-party apps (those cancel after the trial period if you cancel during). Fortunately, you can go to Report A Problem and just say you didn't mean to have the subscription charged and they'll refund it as long as it's a few days from the charge date.

> This is one of the few things that actually makes me happy with the closed ecosystem of the App Store on iOS.

And yet there are scams that are costing users $5 million a year, or more, on the iOS App Store[1].

[1] https://news.ycombinator.com/item?id=26794228

There are also scams costing people money without using iOS, for example where the person is tricked into thinking they have a debt and sending thousands of dollars in cash to a random address[1]. What’s your point?

1: https://youtu.be/VrKW58MS12g (it’s the Mark Rober phone scammer video)

I'd need to see the purchase page to fully form an opinion on this. Apple has rather strict guidelines for displaying cost and that appears to be one of the most important parts of app review. I'd equate someone being surprised by a subscription cost to someone not looking at menu prices when eating out: all purchases through the app store use the same sheet to display price, renewal period, free trial, etc when requesting payment.

Of course, the app's premise is a scam, but my comment was about the ease of canceling and managing subscriptions. Dare I say that apps like this would be even more bold and prevalent if alternative app stores were available.

This. PayPal works too, probably others.
> Tinder started forcing users to subscribe directly instead of using Google. This is because most people cancel almost immediately since once you subscribe you find all your matches are bots.

More likely it's because Google takes a 30% cut. Adyen takes a ~4% cut. I still maintain that if Apple and Google took a 5% cut from their app stores, no one would have complained.

I was able to cancel my subscription with minimal fuss.

I did have to interact with a chat window, which was of course annoying.

I also made damn sure I received a cancellation email. Too many horror stories to not do my due diligence.

You can also open a temporary credit card linked to your real credit card using www.privacy.com

If you have problems cancelling a subscription, you can simply cancel the temporary card that privacy.com created for you

someone upthread got sent to collections after a card-cancel way, so, still some risk
It really does make you wonder that “the paper of record” deals in such immoral actions what else they are willing to compromise on. I seem to remember Pg being completely misrepresented by the same paper [1]. Maybe they are just really unethical people with a good brand.

[1] https://twitter.com/paulg/status/1236975851255857152

NY Magazine too. After renewing my subscription at 2x the original rate I paid, they made it incredibly difficult to cancel. When I called their customer support, they told me I had purchased my subscription through a third party so they couldn’t cancel it for me and I’d have to contact the third party.

Me: what’s their contact info? Agent: inquiries@nymag.com Me: This is a third party but they have an NY Mag email address? Agent: Yes. Me: ... How are they a third party then? Agent: One second, I’m transferring you to my supervisor.

Nothing turns me off a brand I like and want to support more than 1) autorenewals at 2x your intro price and 2) making cancellations both arbitrarily difficult and insulting.

If your billing address is in California, the NYT do let you cancel online.

They intentionally make it extremely high friction.

I'm in California and was able to cancel online but only after waiting in queue and then "chatting" with a retention specialist for 10 minutes.

This was about 2 years ago so maybe they've changed since.

Paying for news in 2021 is a lot like paying for porn in 2021. Who does that.
People who want quality journalism pay for it. It comes up in the comments here a lot, how journalism has gotten lazy/bad because of the lack of money in doing it well. The solution is to pay those doing it well.
The problem is anyone can make a blog and there are a ton of good writers. The media used to be an exclusive club like Hollywood but now anyone can make their own news blog so there’s nothing special about NY times or any of the others except their name and possibly some unique information sources from their contacts. I have read many small news blogs that are better written than the major news outlets. They also don’t choke you down with intrusive ads and pop ups and give you paywalls just to read their version of the same story being reported on other blogs for free. Their days are numbered to be sure.
That's interesting! I recently cancelled my NYT subscription using their live chat with no trouble at all.
Same here. No problems at all. (I’m in Ohio.)
You can change your payment option to paypal, remove your card from NYT, then remove your card from paypal. They'll complain to you for a couple weeks, but they'll cancel it for you after a while after that.
you can cancel auto-sub in paypal w/o removing the card
I recently cancelled without any issue... by virtue of paying for it initially with Paypal, which makes it trivial to cancel the recurring payment on my end. When I called them to cancel, and they tried giving me a runaround, I interrupted to tell them I had already cancelled the payment anyway so they literally had no choice; then I hung up. No worries! I will never subscribe to anything that doesn't accept Paypal for payment, thereby giving me the last word in controlling said payment (yes, I know a credit card would allow this, only not as easily.)
I ran into this as well with NYT (grabbed a sub for election season only). You can cancel if you chat with someone during business hours - and immediately shoot down any attempt to to extend etc.

Related, I really hate Apple taking a permanent 30% cut of iOS subs, but I will use that route whenever possible. Canceling an iOS sub is always a painless single click experience from a known location. In fact I usually subscribe and immediately cancel so I’ll renew only if I actively choose to do so.

I do not know how it is in the US, but where I live those automatic subscriptions are cancelable (and usually refundable) by the user via the bank or credit card company if the company collecting it is not responding. This is very easy in the first 56 days and a bit harder afterwards. They can retry to collect but you can keep doing it. The idea is you send them a official letter telling them you revoke your authorization which they have to do, not adhering to that request is their problem not yours. Depending on the contract this might trigger fines or require you to front the entire bill at once but for normal recurring subscriptions this is not an issue and otherwise should be reasonable (paying a 'fine' higher than the total sum is not allowed for instance).
Thanks for pointing this out!

I wonder if someone can start a service to facilitate this for people. So many dark patterns, so many opportunities to ease the transaction costs/friction of disentangling? ;)

It's the same in the U.S. If you do this, the failed charges might be sent to collections agencies, but that doesn't usually matter much to lenders if it's a small subscription - although this $100/mo NBA charge might cause some issues.
American debit cards generally don't have these protections, but American credit cards absolutely do have robust consumer protection mechanisms.

It's also a pretty big negative mark for merchants that get charge-backs issued against them, if just a small percentage of people used charge backs to cancel these "subscriptions" it would make their processing fees skyrocket or even get them dropped by the major processors

One reason to use a company like Apple to concentrate your online subscriptions I’d possible - terminate there and it’s done.
The New York Times does this. Unforgivable.
As a general rule, it ought to be no more difficult or time-consuming to cancel a service than it was to sign up for it in the first place.
Companies are required to provide California residents with an easy-to-use mechanism for cancelling subscriptions, and any subscription that you sign up for online must be cancellable online [1].

This actually works quite well. I've had no trouble cancelling any subscriptions in the past few years, including the New York Times, which took maybe 3 or 4 clicks from the account screen (IIRC, there was an optional "why are you cancelling?" screen, then they offered a discount, and that was it).

[1] https://leginfo.legislature.ca.gov/faces/billTextClient.xhtm...

That should be the default, signup and cancellations should be available via the same channel.
Just use Privacy's virtual cards to sign up for services. If a service doesn't let you cancel, just cancel the card itself. That's what I've been doing.

Of course, it's a different story if you signed some kind of contract, but for the pay-montly kind of things, it's a no brainer. You also keep your real cards number private in case the service gets hacked and Privacy doesn't seem to check the name, so you can give a fake name to the service.

This looks like a great service!

Edit: crap, looks like it's US-only :/

Revolut supports one time cards... provided you're happy with Revolut.
Yep it does! Had no idea.
Every time you sign up for a monthly service, there’s an agreement and terms which is a contract between both parties.

While this works, depending on the service and what it says, they can send your debt to collectors.

And that’s why there needs to exist regulation around it.

Audible does not allow you to cancel through the app, and cancelling via the web takes you through two extra pages of customer retention, "Continue Cancelling", or similar.

I haven't used the Scribd app, but cancelling the service through the web similarly takes more than one extra page of customer retention "special offer" pages.

I signed up for a one month “free” trial of Scribd. I noticed they charged my card but I (wrongly) assumed it was a pre-authorization that would fall off before it ever actually hit my account. I liked Scribd okay but I felt I hadn’t really given it a fair shake during my trial month and figured I’d pay for this month, too and then decide whether I’d keep it. Woke up yesterday and checked my card statement for the month only to find out Scribd charged me for my “free” trial. Since I didn’t notice until my free month was up they charged me for this month, too. I cancelled this morning and had to go through one “special offer” page (for “Scribd Lite” @ $4.99/month IIRC).

I’m SOL on this month’s charges but you’d better believe I disputed the original charge with Amex. Scribd even sent me a “receipt” for my “free” trial showing a total of $0.00 at the exact time they charged me $9.99.

It’s just bad business. I should have heeded the many warnings about Scribd’s deceptive billing and now they’ve added yet another unhappy customer who will complain about their shady business practices at every opportunity I get.

po*nhub is almost criminal at this to be honest smh
Would be nice to see some regulation / rules on cancellations of reoccurring payments / services.

It's not like it would have to be super technical, most judges would have no problem interpreting it.

Blue apron. I can’t figure out how to cancel through the app, so I keep cancelling The deliveries
Good example of this is where you can only unsubscribe via phone so they can route you to a 'specialist' that attempts to talk you out of it. i.e. you can subscribe via software but but unsubscribe via phone.
If a company makes it difficult to cancel, you can always talk to your card issuer. They are required to allow you to stop all future payments to a recipient but may force you to request this in writing.

However in my experience, you can usually accomplish it with a phone call and can often dispute the most recent charge as well.

IMHO, chargebacks are the best way to fight back against companies that use dark patterns in their billing/cancelation process.

> That shit should be punishable by literal prison time.

Forcible corporate dissolution, chapter 7 style.

I'd also play around with throwing C levels in jail for a week.

Once its real skin in the game, I'd imagine they would have a real good look at their company-level actions.

Washington Post keeps sending me "Please subscribe" emails even after I opted out of their emails so many times.
This is why I love privacy.com

If it takes more than a couple of clicks from the accounts section, or so ambiguously states the cancellation process that it suddenly seems hazardous, then I just cancel the temporary privacy.com card.

It was surprisingly easy to register a comment. For those of you commenting here, consider clicking through and comment there.
No kidding! I copy/pasted my HN comment verbatim, as it was also a question to verify if a tracker that runs constantly that isn't able to be blocked by domain counts as a Dark Pattern.

Edit: Here is a link to that comment [0].

[0]: https://news.ycombinator.com/item?id=27023236

(comment deleted)
Great I'm going to submit one about how the Apple iOS store forces you to get rid of your old devices and buy new ones.

They make it extremely inconvenient to find out which apps are supported on your device. They don't hide the apps that aren't, so you are forced to download the app and wait to check to see if it's compatible or not.

> you are forced to download the app and wait to check to see if it's compatible or no

The App Store doesn’t let me download apps that are not compatible with my device.

>The App Store doesn’t let me download apps that are not compatible with my device.

Let's not split hairs over this.

I just got rid of my iPad that does. You tap "get" on the app and after doing something for 5-10 seconds it pops up a modal that says it's not compatible.

Why was the app store showing apps to me that are not compatible or, rather, why was there no way to filter out the ones that are not compatible?

> Why was the app store showing apps to me that are not compatible or, rather, why was there no way to filter out the ones that are not compatible?

To show you what you're missing out by not buying the latest iPad

I’m not sure what I want with this - on MacOS it’s goddamn infuriating trying to download an OS that you want to install on a machine that isn’t the one you are browsing from.

You can’t just use the App Store and end up doing all sorts of horrible things.

I’ve commented on this before and had people send me links that show you can do it in the US App Store, but I can’t from NZ.

Oh are you talking about how you how certain things are hidden from search in the macOS app store? I found that annoying too. I had an old machine that I wanted to upgrade to Catalina and searching through the app store gave no results. Some how I found this link[0] and it magically brings me to macOS Catalina in the app store. Why didn't it come up in the search?

[0]: https://support.apple.com/en-us/HT211683

You aren’t being forced to do anything. Apple already supports their devices much longer than the industry standard. If you don’t like Apple stop using their products.
Everything you said is true but it still has no bearing on the fact that it's a dark pattern to make it inconvenient to have an old device. They have the means and technology to filter out incompatible apps, but they've decided not provide it.
I don’t think that is a dark pattern.
Could you elaborate on why you don't think it's a dark pattern?
Isn't there a literal "Compatibility" section in the App Store listing where it tells you if the app will work on your device or not?
As a user, I should be able to have the experience of browsing an app store with only apps that are compatible with my device and OS version. As a user and average consumer, it was not obvious to me that there was a compatibility section at all because I have to scroll past reviews and app privacy to get that information.
There's a "Compatibility" section under each app which tells you whether it works on your device. You can also click on it so it tells you exactly which OS versions are supported.
So instead of filtering it out or graying out the "get" button, I need to click on the link in the app store and find the compatibility section (the last part of the page) to find out if it's compatible?

That's a dark pattern.

It's been a looooong time since I've had this issue, but I distinctly remember the "get" being grayed out (for example, gps-dependent apps on a non gps-enabled iPad). Has this regressed?
Yes. It's regressed. This video [0] is an example of what happens, EXCEPT on mine the pause was considerably longer before the "unable to purchase" pop up came up.

[0]: https://youtu.be/lMMrU732w6Q?t=82 (and if you look at the comments, you can see that I'm not the only consumer frustrated by this issue)

I think this falls a little below the level of what should be a federal crime. It's an annoying usability issue, but ultimately which devices are supported is up to individual developers and not Apple. (It cuts both ways: there are some apps that aren't updated to run on the newest devices. So you could take that as Apple encouraging you to keep your old device and to NOT upgrade.)

Think about it this way: you want to haul Apple into federal court because they poorly cache app store search results on a CDN. The DoJ will have to hire new expert attorneys to prosecute this, and it could take years. That means they either stop prosecuting other federal crimes while working on that one, or your taxes increase to pay the new attorneys necessary for this case. The ultimate outcome for Apple will be paying some tiny fine that probably is less than a year's salary for a software engineer and being forced to fix their CDN setup, while the taxpayers pay millions of dollars. Best case. The worst case could be years of legal costs for the government, and absolutely nothing in return for the taxpayers.

I think you have to choose your battles, and this isn't the pick. Consumers aren't getting severely fucked, it's just kind of annoying to some people. We can use our limited tax dollars more effectively.

>So you could take that as Apple encouraging you to keep your old device and to NOT upgrade.

Does Apple show you apps that won't run on the newest devices/OS versions in the app store?

>It's an annoying usability issue, but ultimately which devices are supported is up to individual developers and not Apple.

But Apple runs the store, so the onus on them is to present the store in a way that gives me what is compatible with my device. When I go to the physical store, I don't expect to find kid's sizes in the adult clothing section (and vice versa). Even if the "clothing developer" in question only makes child sized clothes.

>prosecute

Whoa, hold on. We're in a thread asking for public comment on dark patterns.

Look at point 6 in the event announcement PDF:

> What harms do dark patterns pose to consumers or competition? For example, do certain dark patterns lead consumers to purchase products or services that they might not otherwise have purchased, pay for products or services without knowing or intending to, provide personal information, waste time, spend more on a particular product or service, remain enrolled in a service they might otherwise cancel, or develop harmful usage habits?

(emphasis mine)

>Consumers aren't getting severely fucked, it's just kind of annoying to some people.

Sorry, I'm not understanding your point. Most dark patterns don't severely fuck anyone and are just kind of annoying to some people. I think that's the point of this FTC public comment - to get a consensus on what dark patterns are.

(comment deleted)
When creating a member account within AWS Organization it asks for root account email, this address is never validated before account is created. If you made a typo in that email and it happen to be on a valid domain you have no access to, then it is impossible to close that account and support is refusing to do anyhing, even if you contact them immediately.
I’m not sure that’s a “dark pattern” that’s just AWS incompentence, spiced up with a dash of “no my department” in customer service.
Push notifications and their subtle ability to form usage habits (see notification -> open app -> browse feed) is a "Dark Pattern" that is used all across the consumer app industry. You can tell how focused a company is on growth and engagement by how many notifications you get a day (Clubhouse for instance slammed me with notifications until I shut them off).
Clubhouse has one of the worst notification management systems ever.

There’s no way to select specific notifications you want (e.g. person you follow starts a room). Instead you get inundated with useless notifications about random rooms.

FTC website falls victim to the darkest pattern of all: relying on javascript to manipulate html elements, so this is just a blank page; yet another anti-HTML site.
As a non-American: is this actually something the FTC has authority over?
Maybe? We'll see what happens when/if they actually try. Lobbyists' phones are probably going off right now with big tech trying to spur them into action.
At least theoretically yes. One of their main purposes is to establish regulations to protect customers.
Most of those dark patterns revolve around stealing personal data to sell it to data brokers, sometimes accompanied by extortion to give more of that data. If a big international corp made money by stealing bicycles or cars, its execs would quickly end up in prison, but this is what's happening right now in the internet. If our politicians had balls and moral, they would make it a crime to steal PII, unless the firm has a contract with the customer signed by ink, not transferrable, expiring in a year at most, with gov entities exempt. Unfortunately, PII theft has become the backbone of the modern economy.
Here's a fun one:

An e-commerce website that offers a subscription page for signup but requires you to contact customer service by phone or email in order for you to cancel. Went through this recently with Bespoke Post. I sent the cancellation email, their customer service person replied saying that they would instead suspend my subscription for three months, and required me to send them another email.

I'd LOVE to see an FTC rule that requires companies who take subscriptions by web have link on the account page to unsubscribe by web.

I had an experience a couple of days ago with exactly this type of thing (I downloaded the comment form, and I'll send it in).

In this case, it nearly cost the app maker a sale (I doubt they'll go out of business on the loss of my sale. As it happened, they didn't actually lose the sale).

I wanted to ID some of the plants in my yard, looking for native vs. introduced, so I downloaded a couple of apps. One was a good one, but was really a "crowdsourced" one. I had to sign up for an account, and participate in a community. Not a showstopper; but not really what I was looking for. I'm into instant gratification.

The other one was an ML-type app that would analyze photos in realtime.

When I started it up, it immediately wanted me to get the in-app purchase to the "premium" version, which is actually a yearly subscription.

The dark pattern, was how they did that. They obfuscated and deprecated the navigation to the free variant. It was almost impossible to see the buttons behind the premium banner, and it was difficult to actually touch them.

At first, I immediately shitcanned the app, as I assumed that you were required to get a subscription before using it at all.

I did a bit more research, and everyone was saying it was a decent app, and that it could be used without the subscription.

So I tried it again. This time, I squinted, and found the links.

It worked really well. I'll be getting the subscription.

The moral of the story is that they were so big on a dark pattern, trying to force new users to start paying immediately, that they actually drive off sales. The app works well. They don't need to hide it. That's what apps that suck do. This app does not suck.

> The moral of the story is that they were so big on a dark pattern, I'll be getting the subscription.

Yeah thanks for rewarding them for that.

>> The moral of the story is that they were so big on a dark pattern, I'll be getting the subscription.

> Yeah thanks for rewarding them for that.

That was not a nice thing to do -altering a quote, to make it appear as if I said something I didn't. I am leaving your response in its unmodified entirety, above.

Look, you have your opinion, I have mine, but It's a decent app. I will be providing feedback to them -as a paying subscriber, there's a good chance my feedback will be heard.

But the thing I have against dark patterns, is the same thing I have against what you did -it's dishonest.

That was not intended to be read as a literal quote or an attempt to make it appear as if you said something you didn't. That's a fairly common way of picking a message apart to make a point, on some parts of the internet. Sometimes people paraphrase instead of literally copying words (esp. if there's no good short sequence of words to borrow), but quote marks are still used. I wish we had a better notation for this. I'm sorry to have caused confusion.

Anyway, the point was just to express my disappointment in that people keep supporting a company even after complaining about their horrible dark patterns. And I don't really mean to single you out personally, it's everywhere: people complain and then keep using and rewarding the service(s) they complain about. IME this rarely leads to them becoming better over time, they just get worse over time because they can get away with it. Abuse users until the very end. It seems to work, we have so many users and more are rolling in!

Of course if you're actually giving them feedback, all the power to you. I respect your opinion too.

To give you an idea where I stand, a few days ago I was thinking of buying a keyboard for my workshop PC. I have a couple Planck EZs and they're decent keyboards. So I went over to the ZSA site, started reading about their new keyboard (Moonlander), and... MODAL POPUP ADVERTISING A MAGAZINE[1]! Now I remember the time when browsers started adding popup blockers built-in, and everyone (except scummy advertisers) rejoiced. So I find it disturbing, disgusting, and extremely disrespectful to bring back popups in the form of modals. I kinda try to put my money where my mouth is, so my reaction was to unsubscribe their magazine (the way they presented it when I bought my plancks wasn't so bad) and take my shopping elsewhere.

[1] https://i.imgur.com/9bCDNMl.png

Understood.

I believe that, as a software developer, I am constantly encountering the classic "Do $20,000 worth of work for me for free." If I refuse, it can sometimes get quite unpleasant.

As it so happens, I actually do a great deal of free software. The users can sometimes be a bit on the "knucklehead" side, but they usually respect my boundaries.

The people that don't, tend to be business owners. I sort of expect it, as a good business owner is always looking for every advantage they can. I can sometimes get rather peeved by their attitudes. Around these parts, business owners tend to be especially aggressive, and NY is known for a hyper-aggressive environment and culture.

The people that wrote the app do a valuable service. They trained up a fairly effective neural network. The apps are...OK. Not outstanding, but OK. They do get their primary function done pretty effectively. That took time and skill.

They want to be paid, and I don't begrudge them. I believe that supporting paid software is a moral imperative for me. I won't go about laying my values on other people, but I choose to have this attitude, and I like to follow it with action.

Sure. I think we mostly stand on the same line here.

I just tend to take hard stance against anything I find user hostile. Nagging, dark patterns, exploiting addictions, attempts at leeching personal information, lock-in, etcetra will quickly put you on my no buy list.

I think those things are evil at worst and a waste of time and resources (in a global, zero-sum way) at best, and long term we'd be better off if everyone rejected such behavior and put their money towards business that focuses solely on providing superb service without the abuse. Unfortunately these abusive practices tend to work as far as profit is concerned.. it's like tragedy of the commons, in a way.

I want to get paid too, and live in a nicer world.

Well, I did send them feedback, and pointed at the OP.
And got a response that made absolutely no sense at all, so I suspect their CRM is staffed by ‘bots.
> That's a fairly common way of picking a message apart to make a point, on some parts of the internet. Sometimes people paraphrase instead of literally copying words (esp. if there's no good short sequence of words to borrow), but quote marks are still used.

Among people who can’t make their point with an accurate representation of someone else’s words. All the descriptive words for this behaviour are negative, for good reason. I suspect you know this, hence the throwaway account.

> I wish we had a better notation for this.

The better notation for this is not to do it, that’s why there is no notation for it.

> I'm sorry to have caused confusion.

I’m not sure HN is for you. Don’t do this again if you’re really sorry.

For the record, there is a way to highlight changes. An ellipses denotes that material was left out. Brackets denote that something was changed. In either case, the intent should never be to alter what was said. Using yours as an example:

> That was not intended to be read as a literal quote...[It was intended to] paraphrase instead of literally copying words (esp. if there's no good short sequence of words to borrow), but quote marks are still used. I wish we had a better notation for this. I'm sorry to have caused confusion.

[0]: https://writingcommons.org/article/inserting-or-altering-wor...

Well, the only reason why the throwaway user was dishonest was because they didn't use ellipsis to indicate snipping content in between.

They're technically correct. The app used a dark pattern and you responded by subscribing. From their intents and purposes, the dark pattern did its job rather well.

I’ve tried some ML plant ID apps and they were all totally off. What’s this good one called, if you don’t mind saying?
Seek works incredibly well but has no paid version, so maybe that's something else.
https://www.picturethisai.com

I should qualify this by saying I have a small yard on Long Island, NY. The weeds and plants are fairly distinct and well-known.

Depending on where you are, YMMV.

I should also mention that this app is a battery hog, the likes of which I have never before encountered (and I include the Facebook app in that generalization). Just running it for about three minutes, knocks 2% off my battery.
Have you tried Seek (https://www.inaturalist.org/pages/seek_app)? It's from iNaturalist, which might be the community-based one you found, but you can easily ignore the community stuff and use it without an account. Works pretty well, I recommend it.
Yes, iNaturalist Seek was the community-based one. It was also regarded well.
Slack has a fun dark pattern - they purposefully remove functionality from their web app to make you install their native app.

The web app has a workspace switcher sidebar, but it only appears on ChromeOS, where you can't install the native client.

https://webapps.stackexchange.com/questions/144258/slacks-we...

Reddit is just as guilty of this. If you want to see all the comments on a thread on their mobile site, you're pushed to install their official app and presumably create an account when doing so. As far as I can tell, the best workaround is to use the desktop site.
Not just the website, but the old.reddit version. The new Reddit design is a disaster in terms of usability.

I also disable all custom subreddit styles, because so many of them are horrible.

r/mildlyinfuriating's custom style is a work of art.
Also Zoom. Their web version seems to no longer work on Safari/Mac and Firefox/Mac, so they essentially force you onto native or don't use it.
I use i.reddit.com. I think it was their old mobile site. Works like a charm.
And on iOS at least, whenever you visit the site you'll get a popup that blocks the page with two options: continue in mobile app, or continue in safari.

It's basically "install our shitty app, or keep using the web version?", except it's worded and displayed in a confusing/misleading way with what seems to be an attempt to mimic a system dialog.

Not to mention how awful their AMP pages (redundant, blame grammar) are already. Searching for topics on Reddit is a nightmare, you’re stuck with their awful native search, their awful mobile app, or the awful mobile site.
And yet through the miracle of scrolling and screen zooming I’m somehow able to use old.reddit.com just fine even on my relatively small iPhone X
For iOS, I recommend Apollo (https://apolloapp.io/). A reddit client that isn't from Reddit.
Thank you! I almost universally use the mobile website but it just keeps getting worse, presumably on purpose. I installed the official app but it’s very bad. I’ll download this one now!
You will still have the annoyance of search results only opening the official client but Apollo is a great app made by a single developer who has put a lot of time and effort into the app. He (Christian) is also very active on the /r/apolloapp subreddit and communicates upcoming features/bug fixes. Apollo does have an option to scan your Copy/Paste buffer so when you open the app, and if there is a reddit link in your buffer, it can open it for you. The downside is you will always see "Apollo read the clipboard" (or whatever the iOS message is) when you open Apollo. Another workaround is to create (or use an existing [0]) iOS shortcut. The way this works is you will pretend you are sharing the reddit page and then click on the shortcut and it will launch Apollo and open the page you are on. The shortcut is pretty basic, just uses some string replacement and Apollo's url scheme to achieve it.

[0] https://www.reddit.com/r/apolloapp/comments/9ijiji/siri_shor...

Just to add to this: I can highly recommend Apollo as well, it's the official app in my mind. Nothing else even comes close. Also, there is no need for a shortcut. If I open the sharing menu, "Open in Apollo" is already present and I never needed to add the shortcut.
Long pressing and opening in a new tab works for expanding child comment threads (but not for viewing all 500+ commends under a post).

Once that stops working, I'll have to always use old.reddit on my phone, which won't be great UI on mobile - but I suppose it can't be too hard to make a Stylus stylesheet to make it usable. And once old.reddit is gone, well, that's the end of Reddit for me.

i.reddit.com is the old mobile site.
Unfortunately it has no way to expand image/video previews without navigating to a different page. Makes it a lot harder to use for me.
Can confirm that you cannot use the app with logging in with a Reddit account.

Just yesterday, I got tired of the annoying "use the app or login" messages when tapping to view more comments on a post, so I caved and installed the app - given the language of the nag, I thought I wouldn't have to login, and the Reddit UX of constant full-page reloads just to view more comments is such a joke I figured the app had to be better.

But no, you have to login with a Reddit account to use the app :/

I'm so thankful for the Reddit redesign, I had a serious problem spending way too much time on that site. Now it's almost completely unusable.
Same here! I deleted the app and use the web app because it so much more painful so I don’t spend near the time on it.
Same. It's impossible to use on a phone, so I haven't even logged in months.
Now reddit have gone from blocking 'adult' content on mobile browser to flagging stuff as 'unknown content' and trying to force you to install app.

I was trying to research a vinyl cutter purchase instore with spotty coverage and every bloody reddit page would be blocked within seconds of loading with this stupid unknown content crap.

So is letting you know about old.reddit.com a bad thing?
if they removed old reddit i would stop using the site
So I’m in the same boat but I’ve noticed an interesting dark pattern they use now to discourage old Reddit.

I often land in a comment section of a specific post, and then want to see more of the subreddit by clicking the link of the subreddit in the top of the page. Since about a month now, every subreddit shows me it’s only available through the app. I used to then preface the url with old. however now they’ve somehow done it that I will see the specific (locked) subreddit page, but the url will just be Reddit.com with nothing else, effectively making it impossible to add the old. before the url.

On mobile old.reddit.com loads in desktop mode and is very hard to use.
Is there any way to get an old reddit experience on mobile? Custom CSS. Extensions. Anything? The mobile website for reddit is pure garbage.
https://i.reddit.com, or equivalent reddit.com/.compact

If they remove that then they'll finally have pushed me off reddit on mobile, but I think it's obscure enough that it'll stay in the near future

After installing the official app I can’t remember why I was so resistant to installing it in the first place. Why do you resist?
On mobile, reddit.com/.compact is an option. It's pretty stripped down but has some solid pros: it's fast, it has evenly sized (height) posts, the comments are easy to view. The post links with in-reddit photos/video do direct to the bad site, unfortunately. Another con (or pro) is infinite scrolling.
On Reddit's mobile web page, after clicking the 'continue in browser' button, go to hamburger menu -> settings -> "Ask to Open In App" and uncheck the checkbox. Removes all the 'reminders'.
Has anyone else noticed reddit on mobile browsers being ridiculously slow? My experience is that the page loads fine, but then there's 10 seconds or so of loading animation before the page displays. Requesting desktop site makes it load immediately. I'm 95% sure they just have a timer they make you sit through in an effort to get you onto their app.
Just opened a Reddit page on Desktop and it has 7.77mb resources and 97 requests and 4 seconds till DOM loads. Its bloated, probably to boost app downloads. Imgur also features fighter plane levels of bloat to show an image and comments.
Oh so taken from the same page as the Reddit App it seems
I'm just impressed how bad slack is on mobile. Either I'm getting messages on my computer and phone (on phone after I've responded on the computer) or not at all.
I've been having this problem with push notifications for quite a few apps, but Slack just seems to genuinely do whatever the hell it wants, regardless of whatever I've set preferences to.
Yeah I know what you mean. Like sometimes I'll get messages hours after they are sent. Even when my main computer is off so would be considered "away". Now I just have to frequently check slack and that in itself feels like a dark pattern.
Same here... no clue what's happened over the last few years. Slack used to be pretty reliable when I first used it.
Can you explain why this is a dark pattern? How does slack benefit from you using the native app vs. the web app?
I mean I personally keep Slack on my Dock since it's open pretty frequently. This integrates it even more into my workflow since I can quickly check and see if I have any unreads/etc. making it more grating to switch to another chat app. Maybe it's not a "dark pattern" but it certainly is a method to increase adoption.
You can do this with a browser like Chrome by creating a shortcut with "Open As Window".
One major benefit of native app over web app is their ability to send notifications to get the user's attention.
I don't know that they do, but they could potentially read your local files as part of telemetry, gps, nearby wifi network ssids and MAC addresses, etc.
As an engineering manager in an unrelated field... this could also be a way to not have to support a feature on X platform because I don't have the resources to make it work on every possible mobile browser. Or the mobile browsers don't support X feature and I don't want to (or can't) spend the resources to make it work there, QA it there etc. It's not something likely to be able to curb with regulations.
I do not think this is a dark pattern. I don't see any exploitation or misrepresentation.

I think we should be careful to distinguish between exploitation / malicious intent vs. airing of grievances of about UI/UX feature completeness.

Does this mean that all apps that can’t also be used via the web are a ‘dark pattern’?

I ask because I can easily imagine that if most customers are using apps, they might choose to remove functionality from the website rather than maintain it, just because it’s not worth it.

If it's something that makes more sense as a website, then yes. I would go so far as to say any app that doesn't work offline is likely a dark pattern
If they really don’t want people to use it on the web they should simply turn down the web site and tell people to use the app or GTFO. Instead they keep it up but cripple it and then repeatedly beg the user to something they clearly don’t want to do.
Companies discontinue or reduce support for products they don’t want to continue investing in all the time.

Some users are obviously going to be unhappy about this.

It’s not a dark pattern.

How is this a dark pattern? It really just seems like a design disagreement.

If we’re going to call any design we don’t like a ‘dark pattern’, then the term becomes meaningless.

I mean to many people here commercial software is all a ‘dark pattern’ because they prefer FOSS.

But this isn’t what ‘dark patterns’ means.

Generally it’s about tricking people into agreeing to things based on false beliefs, or making things hard to cancel.

I don’t see how it has anything at all with what features are placed in what products as long as there is no deception.

It's a dark pattern because the usual reason is to be able to gather more data from the user, and to limit user control. By that notion I would say any design decision that helps the company while harming the user is a dark pattern.
> It's a dark pattern because the usual reason is to be able to gather more data from the user

Is it?

This seems like something you can’t know without corporate espionage.

It really could be as simple as wanting to focus support on one platform.

I agree that data gathering and surveillance capitalism is pretty much evil.

However to just assume that’s all every decision is about makes us incapable of understanding the complexity of what is going on.

When the "app" in question is essentially a less accessible web page, then I think it's safe to assume something shady is going on.

To be clear, I'm mostly talking about apps that are just a collection of views for a remote API. The only valid reason I can think of for these kinds of apps is because you're an ios/android developer and you're not good at making webpages. In that case, the best tool is the one you know.

(comment deleted)
This logic doesn’t follow.

iOS apps that use system controls generally have far better accessibility than web pages do, indeed accessibility is a primary reason for creating a native app.

I only have some anecdotal data on this one, and maybe I'm comparing to apps that are not using system controls.

My mother struggles with any ios App because of how the zoom is implemented in the different apps. She can get by with the built in magnifier tool, but only when she already knows the app well.

Personally, I recently had nerve damage in my hands, and it was very difficult for me to enter text. There were many times in native apps where it would have been much better for me to copy/paste random text on the screen, but I was not able to. I know that some web developers like to try to block that too, but I would also consider that a dark pattern.

Yeah - I’m sure that would have been useful for you, but it doesn’t really compare to the wide array of accessibility options that exist across the system.

Also copying a pasting working across all text is often an anti-feature for accessibility too depending on what condition you are working with. For people who have trouble with fine motor control, it’s much easier to have only the content text selectable and not the controls.

There is no one-size fits all accessibility solution.

This seems to be a good argument for an accessibility option to make all text selectable, and nothing to do with dark patterns.

Slack uses Electron, doesn't it?
It can be used via the web, but it hides those features from you. If you're on a system where the desktop app cannot be installed, it reveals those features again. It's not that the features don't exist at all in the web version, they do but are hidden if you're capable of installing the app.
If that’s true, then I agree this is a dark pattern.
Discord does this as well. If they detect a mobile user agent they disable the button to hide the member list which makes group chats unusable. If you just change your user agent the button re-appears and you don't even need the app unless your browser doesn't handle voice and you need that.
For reference:

https://i.judge.sh/hot/Flare/chrome_eC7WqUYKPX.png

https://i.judge.sh/mealy/Sparkle/chrome_5RItK5j3Yl.png

Edit: Doing some digging, on the iOS user agent, the `toolbar` portion is null, while with the Chrome windows user agent it's set to include the entire element:

https://i.judge.sh/flickering/Twilight/chrome_q978GUiwQ8.png

https://i.judge.sh/pleasant/Coco/chrome_cNh0eBIHQL.png

This looks to be the function that determines it:

https://i.judge.sh/qualified/Velvet/chrome_CxUBug0q1P.png

So it's just a 'if mobile' check - maybe it breaks on some mobile screens (on a iphone 5/SE you end up being unable to view the channel name, not that it's an enjoyable experience anyways https://i.judge.sh/brave/Flare/chrome_nW26bTRXDe.png) or maybe it's a motive to get you to use the mobile app. This is just the desktop UI with some `if mobile` checks probably thrown in by a small number developers that want to support mobile browser support but aren't getting paid to do it.

Reddit does that too for the mobile website. So the job of some programmers is to literally provide a worse experience for their users. Sad life.
Reddit wants you in the app, so it’s harder to block ads. Slack doesn’t make money from ads like Reddit. So while Slack might prefer you use the app and make the web version less appealing, I’m not sure this qualifies as a “dark pattern.” Certainly not one that should be regulated.
I was shopping on Eddie Bauer about 15 minutes ago. They have a great deal on t-shirts and shorts, which they plastered all over the page. It works like this - the more items you buy, you get a bigger discount.

Great - that makes sense. But there’s a catch. If I shop in a store, I simply go to the counter, get the discount upon checkout, pay, and I’m on my way.

On their website, I have to use a promo code. So I have to remember what the promo code was and enter it at checkout. Okay — that seems kind of like a dark pattern.

Here’s where they lost my trust. By the time I got to the checkout page, they asked for all my shipping and billing details and then gave me the final purchase button. I just happened to then realize that wait — I was supposed to enter in a promo code! So then I had to back out to find the promo code again, and on checkout, I have to scroll down a full screens worth of real estate BELOW the purchase button to enter the promo code.

So they advertise the discount up front but then use shady tactics hoping I either forget to use the promo code or even if I want to, I give up trying to find it and just pay full price.

Needless to say I decided not to purchase from them. It’s dishonest and not worthy of my business.

Hah. Literally an hour ago I fat-fingered the “Sign up to Amazon Music!” button in the Amazon Music App on my phone whilst putting the phone in my pocket.

To be fair to Amazon though, they do let you cancel the subscription online with no bullshit & you still get to keep the 90 day free trial -- presumably they hope you’ll like the service enough to decide to pay for it anyway.

(The worst example I know of this “single button press sign-up” pattern was Nassim Taleb accidentally signing up to pay for a software upgrade to his Tesla in the Tesla App that cost $1000s & having no way to undo it except shouting loudly at Tesla / Elon Musk on Twitter.)

Let's not give Amazon a free ride, cancelling the Prime trial was some real bullshit last time I tried.

The option was hidden behind several pages of "Here's what you'll miss out on" and "You still have x days remaining, why not check out these shows" and "confirm" buttons with slightly different position/text/color.

The dark pattern I've been seeing a lot lately is billing services trying to make you go paperless. I've seen all sorts of dark patterns around it, from subtle things such as it being the second of three options where you need to check options 1 and 3 every month, to it literally being checked by default and buried in the middle of a "we are just checking up on you to make sure you have all your options set correctly" splash screen.
Yup, I've been fooled into going paperless on my utility bills a number of times. No idea how I did it, AND they often get "confused" when you want to restore paper service. I've had to call PG&E a number of times recently and they still are failing to send paper bills.
Genuine question: why'd you want bills to be shipped on paper? Is there some legal requirement to keep paper records in the USA and you don't want to have to own a printer or something?

Every time I get a paper bill I'm annoyed, like, just send me an email, then I drag it into the right folder and it's done. Speedy, sortable, searchable. (Of course you will want to have back-ups, but one generally wants backups for one's files anyway.) The weirdest instance of this is my electricity company that has a fairly high price but also invests in renewable energy and they send me paper bills. Like, they of all companies should get that I don't want someone to drive to my house to deliver information that, usually, I already knew about anyway. Dutch tax office also takes their time to send me letters from abroad... two weeks after I already received it digitally and opened it. They can see I read it on their website, but they still post a physical letter more than a week later. And it always contains "you owe us nothing & we owe you nothing" because I don't live/work there anymore. So stupid, I hate letters, so I'm really curious why you'd want this!

For me personally, my wife is an immigrant so a paper trail is important. Before that though, I think there was a time where companies didn't email out the records, so they'd keep the records for a year or two and then you would lose access to them, but the IRS wants several years if you get audited. Nowadays though, if it wasn't for my personal situation then I probably would have switched to saving off a digital record.
I wonder of loot boxes in mobile and other video games would count? Seems like it ought to.
Clubhouse scraping all your phone numbers to find someone on the app is dark.
twitter randomly deciding that the account you created 5 minutes ago is suspicious and they will block it until you provide your phone number.

also all of medium and linkedin