On December 9, 2022, the European Commissioner for Justice and Consumer Protection, Didier Reynders, announced that the European Commission will focus its next 2023 mandate on regulating dark patterns, alongside transparency in the online advertising market and cookie fatigue. As part of this mandate, the EU’s Consumer Protection Cooperation (“CPC”) Network, conducted a sweep of 399 retail websites and apps for dark patterns, and found that nearly 40% of online shopping websites rely on manipulative practices to exploit consumers’ vulnerabilities or trick them.

In order to enforce these issues, the EU does not have a single legislation that regulates dark patterns, but there are multiple regulations that discuss dark patterns and that may be used as a tool to protect consumers from dark patterns. This includes the General Data Protection Regulation (“GDPR”), the Digital Services Act (“DSA”), the Digital Markets Act (“DMA”), and the Unfair Commercial Practices Directive (“UCPD”), as well as proposed regulations such as the AI Act and Data Act.

As a result, there are several regulations and guidelines that organizations must consider when assessing whether their practices may be deemed as a dark pattern. In this blog post, we will provide a snapshot of the current EU legislation that regulates dark patterns as well as upcoming legislative updates that will regulate dark patterns alongside the current legal framework.

Continue Reading The EU Stance on Dark Patterns

Last Wednesday, Senators John D. Rockefeller IV (D-WV) and Ed Markey (D-MA) introduced the Data Broker Accountability and Transparency Act, which primarily would require greater transparency from data brokers about consumer information they collect and sell.  At a Senate Commerce Committee hearing held on the data broker industry in December, Rockefeller expressed concern that data brokers operate “behind a veil of secrecy” and with “very little scrutiny and oversight” in a multibillion-dollar industry that handles large quantities of personal information.  A majority staff report released in advance of the hearing found, for example, that some data brokers sell information to other companies that identifies financially vulnerable consumers or individuals with serious health disabilities.  In most cases, however, there is no mechanism for consumers to control or correct this information.  In its March 2012 report, the Federal Trade Commission called on Congress and businesses alike to increase the transparency of and control over the practices of data brokers, specifically recommending targeted access-rights legislation and industry self-regulation by data brokers and their first-party buyers.

The Act represents not only a response to the FTC, but also the culmination of Sen. Rockefeller’s efforts of the last two years to create accountability and access to what he calls a “booming shadow industry.”  The bill defines “data broker” as any “commercial entity that collects, assembles, or maintains personal information concerning an individual . . . in order to sell the information or provide third party access to the information” and imposes the following requirements.

Continue Reading Data Broker Accountability and Transparency Act Introduced By Senate Democrats

Earlier today, two entities — the Direct Marketing Association (“DMA”) and a Coalition of Mobile Engagement Providers (“Coalition”) — filed petitions at the FCC asking the agency to stay and forbear from enforcing, or clarify, certain aspects of the “prior express written consent” requirement that went into effect yesterday for prerecorded calls to residential numbers and autodialed