Design Tips

Giving Good Options

For a while now I’ve been noticing a trend in user interaction design that seems to slip under the radar: coercing user actions by limiting their options. This is a form of passive-aggressive user shaming, and we should stop it.

To be clear, this is not full blown cyberbullying. Nobody’s calling nasty names or doxing their users. Instead, developers are doing the subtle equivalent by dropping little passive-aggressive hints and limiting actual functionality to steer users.

I like to talk in specifics, so here are a couple examples I’ve encountered:

Example 1: WPForms Plugin Feedback Solicitation

The other day I was doing some routine work on a WordPress site that used the WPForms plugin, a popular, free plugin for basic site forms. It’s a pretty common pattern for plugins to hijack the header space of the WordPress admin panel to communicate brief messages from time to time (which I have other opinions about). This time, the message was asking for a review:

The Problem

If you’re like me, you’ve already noticed what’s wrong here. First, the language is a little bit leading. Giving a review for a product should not be considered a “BIG favor”, it should be something a user is happy to do to help inform other plugin shoppers. Second, the options seem, well, wrong:

“Ok, you deserve it” implies that if I’m going to give a rating I’ll give it 5 stars. Granted, that’s what the developer is asking for, but it’s an assumption just the same.

“Nope, maybe later” almost feels ok. It allows me as a user to say no, but then it subtly forces me to accept the idea that I might give a review later. Implicitly, I can assume this means the plugin will just set a scheduled notification to bug me later. So if I read between the lines it starts looking like a bad option.

“I already did” feels a little strange. As an option, this isn’t explicitly spelling out an action. Sure, I can assume that if I already did leave a review they might leave me alone, but what if instead they’re gathering data to push me along to the next part of their engagement communications track? What if clicking this link signs me up for their email list where they ask me more detailed questions? As the last glimmer of hope for getting this notification to stop popping up this option still might be taking a chance. The option doesn’t spell out the action, so it makes me guess.

There is an × in the notification’s top right corner, but as a user I have no assurance that clicking the × will permanently dismiss the alert. Also, this isn’t listed with the suggested options, so it almost feels hidden.

The part that really gets my goat in this interaction is that while each option seems a bit wrong, collectively they just don’t allow me to do what I want (in case you hadn’t guessed, it’s to stop being bugged). Limiting the options is low-grade trickery. It’s like offering a toddler broccoli or onions when what they really want is to go play.

This sort of trickery is passive-aggressive, and it will slowly but surely degrade users’ trust.

Some solutions

Before you read on, pause for a second to think what the options should be.

Done pausing? Good. Here’s what I came up with:

  • Review WPForms
  • Don’t review WPForms
  • Get a review reminder later

These options amount to: yes, no, later. As for how they were worded, I went with the most no-nonsense, descriptive label I could think of. The options simply say what you’ll do if you choose them.

As for the order, assuming that users read top to bottom, their decision process probably looks like this: read an option > decide if it’s what they want to do > click option or move on. Because of this, it only makes sense to present options in an order of most- to least-likely picked. Now, you might notice that I didn’t actually do that. Even though I know that most interactions with this alert won’t lead to a review, that’s still at the top! I decided to order the options this way primarily because of the context.

This alert’s sole purpose is to offer users the option to write a review, so presenting the most self-serving option first seems fitting. Next, I chose to put the option that is the most likely alternative action to the first one. When you think about it, the third option is really just offered out of common decency, and is not even necessary. Maybe the user wants to review the plugin, but doesn’t have time just now. Or maybe they haven’t used it enough to write a confident review yet. These are edge cases, so adding an option for them is — well — optional.

Example 2: GDPR Cookie Banners

For my second example I thought about calling out a single website, but I see this so commonly that I figured I’d just mock up a generic example. Since GDPR happened in 2016, we’ve seen a huge influx of site popup banners in what feels like a trip back to 1994. The majority of them take on a form similar to this:

Often, this sort of popup covers a small portion on the bottom of the screen, and is primarily an annoyance. In the case of mobile, it often covers 15–30% of the screen, and can be extremely annoying if not dismissed.

The Problem

As much as I hate annoyances in general, I understand that laws are good and help us in the end. So, an annoyance for a good cause is something I can (begrudgingly) get behind. But the problem here is actually a user interaction problem. When I see this sort of notification, what options do I have?

  • Click/tap accept and move on with my life
  • Decide I don’t want to use a site that has cookies and leave the site
  • Browse the site with an annoying banner on it, knowing that I never clicked accept, so I shouldn’t have any cookies to worry about.

See the problem yet? Clearly, there’s no problem if I’m ok with accepting the cookies and policy — except of course the small annoyance. We all know that abandoning a site because they have a GDPR banner is very unlikely, so that leaves us with one other option: browse without dismissing. This option is the sneakily implicit one that really pops my cork. Clearly, I can browse the site without clicking/tapping accept — so what’s the functionality of a banner that lets me accept cookies?

Some Solutions

There are two main cases here. Let’s address the easy one first: if your site functions fine without cookies, then stop bugging users with popups and just remove the unnecessary cookies. Simple.

If your site doesn’t do what you want it to without cookies, then you actually might need to create a more functional banner. This, of course, is easier said than done. You’d need to start by researching the actual requirements of the EU ePrivacy Directive and the GDPR. TL;DR, it’s a lot of work.

If you paired this with some more transparent communication about what your cookies do, it might end up looking something more like this:

Of course, you don’t see this happen in the wild, because what user would opt in to being tracked, and worse, who wants to tailor exactly how they’re tracked?

What to Do about it

As users, we often think we have little to no power on issues like this. After all, we’re not the ones making the websites, right? In many cases that’s true, and web publishers simply won’t listen to their users. It’s a little bleak to think like this, because companies really should have their users’ best interests in mind, but it’s just a reality. Fixing these problems costs money, and sometimes users don’t come first.

The first thing we can do is simply this: recognize the problem. If we don’t first recognize that web publishers are bullying us around online, we’ll never be able to have a healthy conversation around fixing the issues.

Next, if we get so lucky as to grab the ear of the publishers, we can be part of the solution. In many cases publishers create these sorts of problems simply by neglecting to think carefully about their work. They might think they’re being cutesy (with issues like confirmshaming) or just more personable by providing subtext to their messages. Taking the time to provide feedback and let publishers know of their mistake might be all it takes to inspire action.

Finally, if we find we’re just not heard, we do have another option: calling it out. This article calls out WPForms (who I’ve also contacted about the issue), but if you run into a company with bad practices who won’t budge, then consider calling them out in a form that they will find harder to ignore.

Edit: In the day since WPForms was contacted they pushed an update that ignored the issue (though that would be a very fast turnaround), and I instead received this response:

I’m sorry you have such a bad feeling from that simple dismissable review text.
Could you please let me know if you would like any features to be added?

Anybody else infuriated by this like I am? Do “simple” and “dismissable” not just try to downplay the importance of my attempt to help? I’m leaving the door open for WPForms to clear their name, but we’ll see…


Companies and user interaction designers have taken a free pass for too long on the many small, subtle ways they coerce users in to the actions they want, instead of respecting user decisions. As users, we have a responsibility to recognize the issues and help companies fix these problems — perhaps even by calling them out in a big way.