A dark pattern is a somewhat jazzed up name for manipulative marketing. Founder Shield, a US broker start-up in commercial risk management, explained it in this way…
“Dark patterns are website elements that manipulate users into making decisions they aren’t aware of or didn’t want to make. Dark patterns also prevent users from doing what they set out to do. In short, they’re a sneaky way for websites to operate, tricking and confusing users into giving up personal information, not to mention agreeing to legal terms and buying unwanted products or services.”
Dark patterns are built around insights into how we behave and react in certain situations. So for example, one we often see now on websites is ‘12 people are looking at this right now’, triggering a ‘fear of missing out’ urgency. They can also be as simple as using very small letters, less visible colours and placing information within long terms and conditions. EIOPA gives several useful examples of dark patterns that they’ve found on the websites of some European insurers.
Yet these examples are just the tip of the iceberg, representing in large part the design of the distribution platform. Much more significant, and controversial, is manufactured vulnerability, which I explored in this 2015 article. That uses aspects of character that insurers learn from trawling through their data lochs and ties them to dynamic and situational pricing. It may be justified as delivering a personalised price at just the right time, but it can often be much ‘darker’ than that.
Actions to Take Now
Before exploring this in more detail, it’s worth emphasising that dark patterns are not just unethical, but often illegal. It’s not just ‘someone being too clever by far’ – it is deceptive and potentially fraudulent. So as an insurer’s plans for marketing in 2023 take shape, ‘dark patterns’ need to be addressed. Here are some examples:
- marketing people should have a clear set of acceptable practices for how quotes and renewals are communicated and processed. This should be the template for work done inhouse or through external agencies or platforms.
- business relationship managers should ensure that these practices are baked into the contracts for distribution partners, with checks in place to pick up signals of poor practice.
- product governance people should be looking at how their product is being packaged and delivered, by both their own firm and its distribution partners. Key examples here are in relation to embedded insurance and to appointed representatives.
- compliance people should be running tests in high volume schemes to ensure that consumer outcomes are being delivered within agreed parameters. In other words, checking that practices are keeping within promises.
- data governance people should be working to an agreed protocol for ensuring the risk of manufactured vulnerability is properly managed.
- senior management should be reinforcing this through the firm’s ethical culture, by communicating regularly on manufacturer responsibility and how this is underpinned by ethical values like honesty and integrity.
Reasons to Take Action
Some of you may be thinking that this is just how the world is going now, that it is not worth making too much of a fuss about. The world is more nuanced than that however. In the UK, there have been rules brought in to increase transparency and engagement for GI renewals. Initiatives like ‘Smarter Consumer Communications’ have been introduced. These create the foundations for how the regulator should use its supervisory technologies to detect and close down poor practices in high volume, low premium lines of business.
In the US, a privacy bill will become law next year in California that deems any information obtained through the use of dark patterns to be without consent. And a few months ago, the Federal Trade Commission published a report on dark patterns, seeing them as nothing more than a sophisticated version of unfair or deceptive trade practices. It’s already taking cases to court and winning.
What EIOPA is Missing
It is possible that EIOPA’s look at dark patterns was scoped around website design, rather than, in a sense, going inside the quotation engine that sits behind it. That’s fine, but I would suggest they move on and look at the much bigger issue of manufactured vulnerability. Here’s how I summarised it back in 2015:
“Firms using the full range of today’s digital marketing tactics will not only know what makes each consumer feel most vulnerable to persuasion, and not only know the context that most often triggers those feelings of vulnerability, but also know how to purposefully manufacture that context in ways that tend to guarantee that moment of most profitable vulnerability.”
The key aspect here is the manufacturing of that vulnerability. Let’s look at it with an example from insurance. Embedded insurance is a big trend at the moment, especially for travel policies. Let’s say you’re travelling to the airport. You’re a bit of a nervous flyer. That’s why you spent some time the previous evening scrolling through stories about flying mishaps and disasters. You’ve got through airport security and are in a café looking at your news feed. While drinking your coffee, some adverts appear for travel insurance, worded to remind you that the next couple of hours is going to be an uncomfortable experience for you. You click the offer and relax a bit, feeling that you’re done at least something to assuage your anxiety. This is not marketing ; this is manufactured vulnerability. It is unethical and could well be illegal as well.
The Ethics of Behaviour
There are a lot of good people working in behavioural insight teams, both in and out of insurance. And they’re realising that their work does has ethical implications. One team at Swiss Re put together this report in 2021 to “…inspire more industry professionals to ethically use BE (behavioural economics) to inform the design of insurance offerings”.
There are a lot of good things in the Swiss Re report, as well as a few things that I feel need improving. It’s built around the principle that “we seek to treat customers fairly at all points in the consumer lifecycle.” This is a worthwhile principle of course, but it is also, as many UK insurers will recognise, already a regulatory obligation on all insurers here. So this is not something more to deal with ; it is an aspect of what insurers should be doing already.
What I would like to see is the UK regulator building upon such sector work to set out its position on all aspects of the behavioural work happening in and around insurance at the moment. And by around, I mean to include appointed representatives and platforms as well as the manufacturers. There needs to be case studies and worked through examples of what constitutes good practice and bad practice. Insurers need to understand what is expected of their behavioural teams.
Looking forward
Embedded insurance is the big trend in retail insurance at the moment. It also looks capable of repeating the mistakes of add-on insurance, the example par excellence being PPI. While the problems of add-on insurance emerged in a largely analogue setting, those of embedded insurance will emerge in a very digital setting. That difference means that while the impact of both is about the same, the scale of the impact of embedded insurance could be much bigger.
Given the obvious issues associated with dark patterns (fairness, honesty and transparency, to name but three), it would make sense for insurers pursuing an embedded insurance strategy to understand, amid all the excitement, the behavioural risks that are also associated with it. There are plenty of indicators of what insurers should and should not do in relation to dark patterns. I expect similar indicators to emerge around manufactured vulnerability, and while these will take longer to emerge, they will however be much more painful for the insurers involved when realised.
Some insurers prefer to adopt a ‘wait and see’ approach. I would advise against that, for the simple reason that regulators are increasingly prepared to take draconian action to shut down systemic problems (more here). If insurers want reasons to address dark patterns and manufactured vulnerability now, I would suggest they keep an eye on what the Federal Trade Commission in the US does over the next 12 to 24 months. It could well be eye opening.