Sara Susnjar Discusses “Dark Patterns” in Noyb Privacy Complaint Against BeReal with Lexology

Winston & Strawn partner Sara Susnjar was quoted in a recent Lexology article discussing the complaint filed by privacy group Noyb claiming social networking app BeReal violated users’ consent through misuse of cookie banners. Noyb has asked CNIL, the French regulatory body that ensures data privacy laws are applied to the collection, storage, and use of personal data, to fine BeReal and order its compliance following five alleged breaches of the GDPR over the consent banners used by the company since July 2024.

BeReal notifies its users every day to post photos using the front and back camera within two minutes for other users to view. Noyb claims that BeReal’s consent banners are pestering users by repeatedly coming up when users attempt to post, “annoying people into consent.”

“Whether a notification is ‘annoying’ is not in itself a legal standard under GDPR on whether consent is valid and freely given. Lots of things in our digital world can be annoying and compliant,” Sara said. “That being said, what makes the complaint interesting is that the main feature is a daily notification that encourages users to show who they really are via sharing photos with friends and their day-to-day life. In that respect, would it seem unfathomable to receive a daily reminder to obtain consent?”

The consent banner asks the user every day for two separate consents: to access information on their device, and to carry out personalized advertising. The complainant eventually agreed to both. When the complainant later withdrew her consent for personalized advertising, Noyb alleges that BeReal still stored and accessed information on the complainant’s device and prompted her with a daily consent banner. The privacy group alleges that a user’s choice is only saved if they consent to both device storage and personalized advertising as part of a “deceptive ‘overload’ model to induce consent”.

The privacy group relied on European Data Protection Board guidelines on dark patterns, which said “users are likely to end up giving in as they are wearied from having to refuse the request each time they use the platform.”

Read the full article (subscription required).