← Back to All Patterns
● MEDIUM#DW-016Sneaking

Preselection

Pre-checking radio buttons, toggles, or checkboxes that favor the company's interests, exploiting default bias.

What Is Preselection?

Preselection exploits a well-documented cognitive bias: default effect. Research consistently shows that 70-90% of users accept default options, even when alternatives are available. By pre-selecting options that benefit the company — marketing opt-ins, premium tiers, add-on services — designers leverage this bias to drive revenue at the user's expense.

The power of defaults is enormous. When European countries switched organ donation from opt-in to opt-out (preselected), participation rates jumped from ~15% to ~99%. The same psychological principle drives commercial preselection.

Common Implementations

  • Marketing opt-in checkboxes — Pre-ticked "Send me promotional emails" boxes during account creation. Studies show that switching from pre-checked to unchecked reduces opt-in rates by 25-60%.
  • Higher-tier defaults — Pricing pages that pre-select the "Professional" or "Enterprise" tier instead of the basic plan. Subscription pages that highlight the annual plan (more expensive upfront) as default.
  • Travel extras — Airlines pre-selecting seat upgrades, priority boarding, and travel insurance. Budget carriers historically generated up to 40% of revenue from pre-selected ancillary services.
  • Privacy settings — Setting all privacy options to "Share" or "Public" by default, requiring users to actively change each setting to restrict their data.
  • App permissions — Mobile OS settings that default to granting broad permissions (location "Always" instead of "While Using") or enabling data sharing with third parties.

Severity Assessment

6.0

Medium — Preselection's harm scales with the consequence of the default. Marketing emails are annoying; pre-selected privacy sharing can expose sensitive personal data. The EU Consumer Rights Directive explicitly bans pre-ticked boxes for additional charges, signaling regulatory recognition of the harm.

Legal Status

🇪🇺 Consumer Rights Directive

Article 22: "The trader shall not use pre-ticked boxes or other default options to infer consent for additional payments." Pre-selected add-ons requiring payment are explicitly illegal.

🇪🇺 GDPR

Recital 32: "Silence, pre-ticked boxes or inactivity should not constitute consent." Pre-selected data sharing or marketing is not valid GDPR consent.

🇺🇸 State Laws

California's CCPA requires opt-in consent for data sales. Pre-selected privacy defaults that share data violate the spirit (and potentially letter) of the law.

Remediation

  1. User-aligned defaults — Defaults should reflect best interest of the user, not the company.
  2. Blank slate — For consequential choices, don't pre-select any option. Force active choice.
  3. Lowest-cost default — For pricing, default to the lowest-cost option.
  4. Privacy-first defaults — All privacy and data sharing should default to OFF.

Default settings audit? Book a UX audit →