AT&T  ·  Case Study

Privacy Controls
and Dark
Patterns

Senior Product Designer
Web App Payment & Profile Experience
Dark Pattern Risk Mitigation
50+
State Privacy Laws Addressed
3
Privacy Programs Consolidated
1
Unified Control Center

Overview

The Law Changed.
The Interface Hadn’t.

AT&T’s privacy controls had accumulated across multiple pages with no single place to manage them. Programs were disconnected, consent states were unclear, and customers had no reliable way to understand what they’d agreed to or how their choices connected.

New State Privacy Laws

Raising the bar on transparency, sensitive data use, and consumer consent. Regulators were actively scrutinizing dark patterns.

A Fragmented Interface

Disconnected controls meant customers couldn’t meaningfully exercise their rights. It was becoming a legal liability, not just a UX problem.

Approach

A Change in Laws
A Change in Patterns

Privacy consent design looks simple until you’re inside the actual content: multiple programs, legal descriptions, layered consent states, compliance relationships, and a requirement that none of it feel coercive.

I evaluated three layout patterns against those constraints:

01
Traditional Tables

Could not handle the volume of legal content required across programs.

02
Row-Based Layouts

Lost the program relationships critical to compliance communication.

03
Stacked Columns

Collapsed under consent state complexity at scale.

None of them worked independently. The content needed a hybrid: rows and columns combined into a single framework that could hold programs, explanations, and consent states simultaneously without sacrificing readability.

AT&T Approach Sketch

Solution

One System,
Every Screen

The hybrid table structure did two different jobs depending on the device.

Desktop

Programs sit side by side. Customers scan across and compare options. Consent states are immediately visible without expanding anything.

Mobile

The table shifts into stacked modules. Each program becomes a contained section that expands to reveal detail. Same information, different spatial logic — readable at every screen size without a separate mobile design.

AT&T Solution

Outcomes

Built to Absorb
What’s Coming

The regulatory environment isn’t settled. New state laws keep passing. New consent programs will need to be added. The framework was designed with that in mind.

AT&T Privacy Framework

Consolidated Controls

All privacy controls in one navigable experience.

Hybrid Table Framework

Holds program relationships, legal content, and consent states in one structure without losing readability.

Responsive by Compliance

Desktop comparison view shifts to mobile stacked modules. Same information, different spatial logic.

Pattern-Compliant Design

Neutral interface that presents choices without steering them. Built to avoid the dark patterns regulators were scrutinizing.

Scalable Architecture

New consent programs slot into the existing structure as legislation evolves. No redesign required.

Reduced Regulatory Risk

A consent system built to absorb new state privacy laws without starting over.