“We’re Not That Gullible!” Revealing Dark Pattern Mental Models of 11-12-Year-Old Scottish Children
Abstract
1 Introduction
2 Related Research
2.1 Legal Approaches to Children’s Online Protection
2.2 Nudge
2.3 Misuse of Nudging to Deceive
Name | Description and Consequences | Scenario Image |
---|---|---|
Scenario 1: Privacy Zuckering In terms of Mathur et al.’s [50] taxonomy, this one is: Asymmetric, exploiting the Framing Effect. | Description: The children are given the option to scan their eyes for free gems in the game. With this scenario, you can be tricked into publicly sharing more information about yourself than you really intended to. Consequences: Eye iris captured and possibly leaked to other third parties. Possible cybersecurity consequences if the eye biometric is used for authentication. | |
Scenario 2: Bait and Switch: In terms of Mathur et al.’s [50] taxonomy, this one is: Covert exploiting the Scarcity Effect. | Description: The children are offered free Robux but should expect to be redirected to a fake website. So, you set out to do one thing, but a different, undesirable thing happens instead. Consequences: Drive-by download or loss of credentials if the fake website is convincing enough to elicit these. Potentially severe cybersecurity consequences. | |
Scenario 3: Confirm Shaming: In terms of Mathur et al.’s [50] taxonomy, this one is: Asymmetric exploiting the Bandwagon Effect. | Description: The children are shown a YouTube video with a message daring them to skip the ad. The option to decline is worded in such a way as to shame the user into acting to benefit the dark pattern deployer. Consequences: In this scenario, the children might see an advert and be persuaded to buy something. No cybersecurity consequences. | |
Scenario 4: Genuine Browser Warning No dark pattern | Description: A genuine browser warning to test for false positives. Consequences: If the warning is ignored, the risk is continuing to a fake website that the warning is related to. Potentially severe cybersecurity consequences. |
2.3.1 Experiments with Dark Patterns.
2.3.2 Children and Dark Patterns.
2.4 Mental Models
2.4.1 Cyber-Related Mental Model Research.
2.4.2 Eliciting Mental Models.
2.4.3 Using Drawings to Elicit Children’s Mental Models.
3 Study
3.1 Scenarios
3.2 School Recruitment
WS1 | WS2 | WS3 | WS4 | WS5 | WS6 | WS7 |
---|---|---|---|---|---|---|
14 | 8 | 32 | 28 | 30 | 16 | 24 |
3.3 Procedure
3.4 Analysis
3.4.1 Drawing Analysis Method.
Category 1 | Mirroring the depicted scenario directly in the drawing |
Category 2 | Imagining potential next steps and bad actor actions, more than the presented scenario suggests |
Category 3 | Identifying potential account compromise (loss of credentials) |
Category 4 | Identifying sensitive and personal identifying information leakage |
3.4.2 Transcript Analysis Method.
4 Results
4.1 Drawing Analysis
4.1.1 Scenario 1—Privacy Zuckering.
n | Workshop | Mirroring Category 1 | Next Steps Category 2 | Potential Compromise Category 3 | Info Leakage Category 4 |
---|---|---|---|---|---|
11 | WS2 | 6 | 2 | 2 | 1 |
53 | WS3 | 14 | 16 | 4 | 19 |
35 | WS4 | 8 | 14 | 11 | 2 |
37 | WS5 | 8 | 12 | 4 | 13 |
22 | WS6 | 9 | 6 | 3 | 4 |
30 | WS7 | 11 | 9 | 2 | 8 |
188 | Total | 56 | 59 | 26 | 47 |
4.1.2 Scenario 2—Bait and Switch.
n | Workshop | Mirroring Category 1 | Next Steps Category 2 | Potential Compromise Category 3 | Info Leakage Category 4 |
---|---|---|---|---|---|
11 | WS2 | 6 | 2 | 2 | 1 |
52 | WS3 | 8 | 20 | 10 | 14 |
30 | WS4 | 1 | 16 | 5 | 8 |
40 | WS5 | 2 | 7 | 15 | 16 |
17 | WS6 | 3 | 9 | 2 | 3 |
34 | WS7 | 1 | 18 | 13 | 2 |
184 | Total | 21 | 72 | 47 | 44 |
4.1.3 Scenario 3—Confirm Shaming.
n | Workshop | Mirroring Category 1 | Next Steps Category 2 | Potential Compromise Category 3 | Info Leakage Category 4 |
---|---|---|---|---|---|
9 | WS2 | 1 | 5 | 2 | 1 |
48 | WS3 | 21 | 8 | 11 | 8 |
32 | WS4 | 9 | 12 | 11 | 0 |
31 | WS5 | 2 | 18 | 2 | 9 |
17 | WS6 | 3 | 9 | 2 | 3 |
27 | WS7 | 11 | 8 | 7 | 1 |
164 | Total | 47 | 60 | 35 | 22 |
4.1.4 Scenario 4—Browser Warning.
n | Workshop | Mirroring | Next Steps | Potential Compromise | Info Leakage |
---|---|---|---|---|---|
6 | WS2 | 0 | 4 | 0 | 2 |
45 | WS3 | 13 | 10 | 11 | 11 |
23 | WS4 | 4 | 7 | 10 | 2 |
20 | WS5 | 2 | 13 | 3 | 2 |
18 | WS6 | 1 | 3 | 8 | 6 |
28 | WS7 | 7 | 7 | 13 | 1 |
140 | Total | 27 | 44 | 45 | 24 |
4.1.5 Cross-Scenario Comparison.
Number per Scenario | |||||
---|---|---|---|---|---|
n | Consequence | Mirroring Scenario 1 | Next Steps Scenario 2 | Potential Compromise Scenario 3 | Info Leakage Scenario 4 |
Non-specific | |||||
100 | Hacked | 17 | 34 | 20 | 29 |
33 | Scam | 8 | 12 | 8 | 5 |
1 | Spam | 1 | |||
1 | Warning message | 1 | |||
Specific loss (info/financial) | |||||
4 | Info deleted | 3 | 1 | ||
21 | ID theft | 14 | 1 | 3 | 3 |
51 | Account/credit card theft | 12 | 21 | 11 | 7 |
16 | Account compromised | 10 (Robux account) | 6 | ||
Device compromised | |||||
34 | Virus/malware | 9 | 9 | 11 | 5 |
12 | Device shut down/blank screen | 6 | 6 | ||
2 | Glitch/error | 2 | |||
Privacy loss | |||||
12 | Track location | 9 | 1 | 2 | |
7 | Taking extra camera images | 6 | 1 | ||
2 | Friends contacted | 2 | |||
3 | Info shared online | 2 | 1 | ||
Personal safety compromised | |||||
3 | Burglary | 3 | |||
5 | Physical attack | 1 | 4 | ||
Other | |||||
2 | Illegible | 1 | 1 | ||
Total | |||||
309 | 85 | 88 | 60 | 76 |
# Drawings naming at least one consequence | |||||
---|---|---|---|---|---|
n | n Workshop | Mirroring Scenario 1 | Next Steps Scenario 2 | Potential Compromise Scenario 3 | Info Leakage Scenario 4 |
10 | WS2 | 2 | 3 | 3 | 2 |
87 | WS3 | 24 | 21 | 19 | 23 |
50 | WS4 | 13 | 13 | 11 | 13 |
78 | WS5 | 28 | 18 | 15 | 17 |
25 | WS6 | 6 | 5 | 5 | 9 |
46 | WS7 | 12 | 16 | 7 | 11 |
296 | Total | 85 | 76 | 60 | 75 |
4.2 Transcript Analysis
Workshop | Interviewed Child Participant Labels | Total Labels per Workshop | |||
---|---|---|---|---|---|
WS1 | WS1S1C1-C3 | WS1S2C1-C5 | WS1S3C1-C5 | WS1S4C1 | 14 |
WS2 | WS2S1C1-C3 | WS2S2C1-C6 | WS2S3C1-C3 | WS2S4C1-C5 | 17 |
WS3 | WS3S1C1-C3 | WS3S2C1-C6 | WS3S3C1-C3 | WS3S4C1-C2 | 14 |
WS4 | WS4S1C1-C4 | WS4S2C1-C5 | WS4S3C1-C4 | WS4S4C1-C3 | 16 |
WS5 | WS5S1C1-C2 | WS5S2C1-C2 | WS5S3C1-C5 | WS5S4C1-C2 | 11 |
WS6 | WS6S1C1-C5 | WS6S2C1-C3 | WS6S3C1-C3 | WS6S4C1-C3 | 14 |
WS7 | WS7S1C1-C2 | WS7S2C1-C2 | WS7S3C1-C4 | WS7S4C1-C4 | 12 |
Total | 98 |
Theme | Sub-Theme | Codes | Examples from Transcripts |
---|---|---|---|
Dark pattern perceptions | Leaked data via user interaction or snooping | Web account; personal details; phone number; credit card | ‘So when you click the button for free Roblox, it says email address, required, password required and bank details required. So you can’t claim the free Robux without doing anything’ (WS4S2C2) |
Nefarious actor | Scammer; guy behind the computer; hacker capabilities | ‘Probably like someone who a scammer and tries to sell things and like take money off people’ (WS5S2C2) ‘but the guy behind the computer that got the information would be ha ha ha’ (WS6S1C3) ‘I think they might be smart and find a way to kind of get it without you having to enter it like without having to enter in your details’ (WS6S4C1) | |
Action | Identified correct scenario; things work as normal | ‘So he clicks on the open your camera and then he ends up going to put in your details and then he sends a message saying get hacked LOL’ (WS4S1C1) ‘You’re going to get hacked because if you read the website name. The website is instagram.con’ (WS3S4C2) (about back to safety button) I think that would probably take you back to your website or close your app. (WS4S4C1) | |
Consequences | Nothing bad; offline harm; leaked data shared with others; or used to scam/spam the victim/friends/others; bank account hacked and financial loss; web account(s)/device hacked or infected with a virus | ‘The back to safety button would also give you a virus. Either way you are going to get a virus’ (WS4S4C4) ‘See my face and then will come to my house. The camera can see your school uniform. Then they will see my badge and then they can come to school’ (WS6S1C2) ‘I think it gets your details and streamed online’ (WS3S4C2) ‘It takes money from your bank account and you get scammed’ (WS1S3C2) | |
Online behaviours | Cautious practices | Leave game; do not input details; close/refresh/delete app; report incident or ‘dodgy’ site; use fake e-mail | ‘I would just leave the game’ (WS6S1C1) ‘I wouldn’t put my details’ (WS5S2C2) ‘And the best way to prevent this by reporting in the person or contacting Roblox’ (WS3S2C4) |
Risky practices | Skip ToS; ignore age notice; brand bias; | ‘One of these games, if you really wanna play. But then the only reason get in is if you accept all terms of service. I can’t be bothered. Click the accept button and then yeah, just click not now’ (WS6S1C4) | |
Security knowledge | Parental influence | Ask mom; mom’s experience | ‘And I always ask my mom if I can get games’ (WS6S1C5) ‘Mum was hacked once on email’ (WS7S1C1) |
Schools and teachers | School teaches online safety; school blocks harmful content; ask teacher | ‘We have restrictions on our iPads. So then we can’t get into every website comes up, some of them blocked’ (WS6S4C3) ‘Don’t trust things like that. My teachers always said that as well’ (WS7S2C1) | |
Familiarity with terminology | No knowledge; knows bad links, browser lock, remote PC; malware/virus/trojans/dark web; own/peer experience | ‘He could not click robux because it would download malware on your computer’ (WS3S2C4) ‘That when you click the link and you go to a page and then the page says enter your bank details. And they are all required like security code and sort code and they will [say] We won’t use your card for any payments. The link is called Twitter.com dot scam dot Mexico’ (WS4S2C3) |
Basic Reading | Basic Reading Definition |
---|---|
(1) Input-only data access | Mirrors our scenario back to us; user input (either keyboard or camera); not intrusive; user gives access, e.g., tit-for-tat device access or access with consent, e.g., e-mail address check (without password) or biometrics authentication. |
(2) Deception-based data device access and forced downloads | Starts to imagine more than what is presented; information is being tracked or collected via other invasive means without user input, and beyond necessary info, e.g., access to location services that contributes to tracking; camera access for the full photo of the user; forced video viewing; access to an application store and/or request for or installation of (unnecessary applications); or downloads of software that may induce further tracking or installation of malware. |
(3) Leaked account credentials | Begins to identify what is being lost in terms of security/privacy. Full account details (non-biometric) e.g., the collection of account login credentials (i.e., username/e-mail and password) to the correct account for the website being visited or to other accounts such as YouTube, Google account. |
(4) Leaked sensitive PII | Privacy and security danger; hacking of other sensitive/personally identifiable data; collection of sensitive or PII, e.g., bank details and PII such as an address, postcode, date of birth, age, or phone number. |
5 Discussion
5.1 Future Work
5.2 Limitations
6 Conclusion and Reflection
Footnotes
Ethics
Acknowledgements
Author Statement
References
Index Terms
- “We’re Not That Gullible!” Revealing Dark Pattern Mental Models of 11-12-Year-Old Scottish Children
Recommendations
Speech Features of 13–15 Year-Old Children with Autism Spectrum Disorders
Speech and ComputerAbstractThe goal of the study is to determine the effect of the child’s age and the severity of autistic disorders on the speech features of children with autism spectrum disorders (ASD) aged 13–15 years and the impact of these factors in recognition by ...
Programming an educational robot with 5-6 year-old children
WiPSCE '20: Proceedings of the 15th Workshop on Primary and Secondary Computing EducationComputational Thinking is currently being introduced into formal education in many European countries. This has stimulated research on how to introduce computational thinking and programming in primary school and in early childhood education. This study ...
Comments
Information & Contributors
Information
Published In
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Check for updates
Author Tags
Qualifiers
- Research-article
Funding Sources
- SPRITE
- REPHRAIN
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 749Total Downloads
- Downloads (Last 12 months)749
- Downloads (Last 6 weeks)457
Other Metrics
Citations
View Options
Get Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in