Abstract Privacy strategies and privacy patterns are fundamental concepts of the privacy-by-design engineering approach. While they support a privacy-aware development process for IT systems, the concepts used by malicious, privacy-threatening parties are generally less understood and known. We argue that understanding the “dark side”, namely how personal data is abused, is of equal importance. In this paper, we introduce the concept of privacy dark strategies and privacy dark patterns and present a framework that collects, documents, and analyzes such malicious concepts. In addition, we investigate from a psychological perspective why privacy dark strategies are effective. The resulting framework allows for a better understanding of these dark concepts, fosters awareness, and supports the development of countermeasures. We aim to contribute to an easier detection and successive removal of such approaches from the Internet to the benefit of its users.
‹ All reading
Tales from the Dark Side: Privacy Dark Strategies and Privacy Dark Patterns
Understanding how personal data is abused is as important as understanding privacy-by-design. This research introduces “privacy dark strategies” and “privacy dark patterns,” providing a framework to collect, document, and analyze these malicious concepts. By investigating the psychological reasons for their effectiveness, the framework aims to foster awareness, support countermeasures, and contribute to the detection and removal of such approaches from the internet.