Noticing deliberate UI friction being introduced... in all the wrong places!

In the podcasts the guys have spoken a lot about how things like infinite scroll, and slowing down scrolling speeds could introduce enough friction to encourage people to turn off an app like Instagram. Which is a superb idea.

I’ve started to notice this feature (“anti-feature”?) appearing on mobile websites, but in the wrong places.

I’m in the UK, where GDPR requires websites to make us agree to cookies. A lot of these websites just have a button for opting in, but quite a few let you go into the settings to turn them off; either reject all but essential cookies, or turn them off individually.

It’s here that I’m noticing that they’re deliberately adding friction to the UX in an effort to make disabling cookies an unpleasant experience. For example, the buttons feel unresponsive when you opt to tun cookies off (or to “Reject All”). It takes several seconds for toggles to work, or there’s no visible feedback that the “Reject All” button has done anything. And the buttons will often be placed at the bottom of a lengthy page where momentum-based scrolling has been deactivated; it’s an incredibly jarring, punitive experience and you genuinely wonder if you can be bothered tackling it for the sake of a few cookies. Which means this kind of anti-experience design really works!

There are other things, like ambiguous button and link labels (“Leave” instead of “Save” after rejecting, which is alongside an “Accept” button that resets all your options to accepting cookies before immediately taking you back to the page you were accessing before you realised you’ve agreed).

It’s a superb example that shows how this kind of design friction really works. If Facebook or Instagram worked like the GDPR cookie selection pages did, you’d turn them off after a minute! Just a shame that it’s being employed in exactly the wrong places!

Just wanted to share this observation, and wondered if anyone else had noticed these great, humane-tech ideas being put to dark, nefarious use anywhere else?


Hi Spanner, thanks for posting and welcome!

I share in your experience with EU GDPR notices. You may be shocked to know, most of them are fake. If you disagree, often nothing happens anyway. Especially if you’ve spent a long time navigating the banner.

The main effect of GDPR has been to strengthen the ad monopolies and revenues of the huge US tech companies Google and Facebook (which both have dictator-like powers to force people into consent), while at the same time greatly reducing the revenues of small and midsize EU publishers.

Bloomberg: Facebook and Google Aren’t Hurt by GDPR but Smaller Firms Are

This is backed up by solid data.

The end effect of GDPR is to cause tech business to flee the EU or never set up there in the first place. This causes a loss in jobs and a reduction in tax revenues used to fund things like social services. So the overall effect of GDPR is very negative. I would argue that the GDPR is anti-humane legislation as it indirectly reduces government funding across the EU.


I have done my own research today and created a GDPR compliant opt-in cookie banner which gives people a real choice, and showed it to 1700 people in the EU over the course of about 4 hours. I tried to make the banner persuasive to get people to agree to ads that use cookies. I asked a simple “Yes” or “No” as is required by law. I did none of the normal “opt-out” nonsense you currently see which in actuality is just trickery and has nothing to do with what is clearly required by GDPR. Note that all current cookie banners are actually illegal. The results: only 24% of people agreed to ads that use cookies when given a real choice as required by GDPR.

This in effect means that GDPR is a sham law that is either unenforceable or is economic suicide. It is simply unreasonable for the industry to lose up to 76% of ad revenue (there is currently almost no alternative to ads with cookies) if they were to actually comply with the law. Which is why absolutely nobody actually complies with GDPR except for a few nonprofits. If people were to comply with the law EU economies would go into recession, which would have indirect repercussions like people dying. I would argue that the economic damage done by GDPR is actually probably already severe enough to have caused a few people to die in the EU who wouldn’t have otherwise died. My conclusion again is that GDPR is anti-humane due to unintended consequences heavily outweighing the benefits.