EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

Trends in privacy dialog design after the GDPR: the impact of industry and government actions

Logan Warberg (), Vincent Lefrere (), Cristobal Cheyre () and Alessandro Acquisti ()
Additional contact information
Logan Warberg: CMU - Carnegie Mellon University [Pittsburgh]
Vincent Lefrere: IMT-BS - DEFI - Département Droit, Économie et Finances - TEM - Télécom Ecole de Management - IMT-BS - Institut Mines-Télécom Business School - IMT - Institut Mines-Télécom [Paris], LITEM - Laboratoire en Innovation, Technologies, Economie et Management (EA 7363) - UEVE - Université d'Évry-Val-d'Essonne - Université Paris-Saclay - IMT-BS - Institut Mines-Télécom Business School - IMT - Institut Mines-Télécom [Paris]
Cristobal Cheyre: Cornell University [New York]
Alessandro Acquisti: CMU - Carnegie Mellon University [Pittsburgh]

Post-Print from HAL

Abstract: Prior research found that a significant portion of EU-based websites responded to the GDPR by implementing privacy dialogs that contained inadequate consent options or dark patterns nudging visitors towards accepting tracking. Less attention, so far, has been devoted to capturing the evolution of those privacy dialogs over time. We study the evolution of privacy dialogs for a period of 18 months after the GDPR became effective using screenshots from the homepages of 911 US and EU news and media websites. We assess the impact of government and third-party actions that provided additional guidance and tools for compliance on privacy dialogs' choice architecture. Over time, we observe an increase in the use of privacy dialogs providing the option to accept or reject tracking, and a reduction of nudges that encourage users to accept tracking. While the debate over the extent to which various stakeholders' responses to the GDPR meaningfully improved EU residents' privacy remains open, our results suggest that exogenous shocks (such as government interventions) may prompt websites to enact changes that bring on-the-ground implementation of the GDPR at least nominally closer to its intended goals (such as making rejecting tracking easier for visitors).

Keywords: Dark Patterns; Nudging; Longitudinal Study; GDPR (search for similar items in EconPapers)
Date: 2023-11-26
References: Add references at CitEc
Citations:

Published in WPES '23: Proceedings of the 22nd Workshop on Privacy in the Electronic Society, Association for Computing Machinery (ACM), Nov 2023, Copenhagen, Denmark. pp.107-121, ⟨10.1145/3603216.3624963⟩

There are no downloads for this item, see the EconPapers FAQ for hints about obtaining it.

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:hal:journl:hal-05484796

DOI: 10.1145/3603216.3624963

Access Statistics for this paper

More papers in Post-Print from HAL
Bibliographic data for series maintained by CCSD ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2026-02-03
Handle: RePEc:hal:journl:hal-05484796