[cm2187]

What I don't understand is why they went this convoluted route of trying to assess what's legitimate or not, what's a user interaction or not. Does anyone know why they didn't go the route of other permissions like notifications or location, with a discrete popup that says the page is attempting to play some audio (or video), do you want to allow? If it is legitimate, the user clicks allow once and the site works forever.

[Klathmon]

How often do you see the "want to allow X to display notifications?" or "want to allow X to access your location?"

It's a shitty UX for everyone involved.

It's shitty for the user because they get asked it on SO MANY sites. I see friends/family browsing the web and they will go to a news site, click "no" to notifications, need to click away the fullscreen "want to subscribe to our newsletter" modal, then scroll down to the content. Adding a "want to allow this to display video" is just another step you need before being able to use the site.

And it sucks for site owners because those that legitimately need the ability to display video will have a pretty large percentage of their users react-click "no" on the dialog, meaning the site is broken until that user goes into settings and changes that one manually (and unsurprisingly, just about 0 do that).

Now I don't necessarily agree with the choice they've made here, but I do agree that a permissions dialog isn't the right UX.

[Al-Khwarizmi]

To be honest I'm not bothered by that UX at all. The browser remembers my choice for each site, how many new, different sites do most users visit per day (that would need audio)?

If a user doesn't want to be bothered by the prompt, they can always configure the browser to always accept or always reject. Or use a whitelist/blacklist.

This is very different from the EU "this website has cookies" prompt, which does annoy me a lot. First of all, you are not really choosing anything meaningful, but you still need to click. Secondly, being a website feature (not in the browser) means you don't get a uniform UI (and sometimes it's a nightmare on mobile). Third, it's just pointless as practically all websites have cookies so the amount of information in those messages is close to zero.

[Klathmon]

>The browser remembers my choice for each site, how many new, different sites do most users visit per day (that would need audio)?

How many sites need notifications? And why do I need to decline that permission at least once a day if not more often?

And the issue is that putting this behind a notification removes the downsides of asking for it. Currently if you play audio un-prompted you piss off (a percentage of) your users. If that was behind a notification, you would only inconvenience those users, so there's less of a downside of trying it assuming that only people that want it would click "yes".

My "perfect solution" would be for the major browser developers to get together, and come up with a web standard for where these notifications/prompts will live in the browser chrome, and roughly what they will look like, so that everyone can standardize on a similar UI. Then move from a prompt to a "badge" of sorts, and give websites the power to instruct users how to discover and switch that permission on/off when needed.

I believe on desktop chrome most permission prompts live in the upper-right corner of the address bar, if we could all standardize on somethign like that (at least on desktop, then figure something out for mobile) website owners could then instruct users "to see notifications, click the (standard-notification-icon) up there and select 'yes'".

For "rare" things like notifications, camera access, gps location, and others that seems like a good tradeoff to me, but for "more common" things like audio/video, I don't think it fits.

[cm2187]

That's the thing. I don't think audio and video should be that common on websites. Outside of youtube and netflix, 99% of the time I do not want audio or video content to play automatically.

[cm2187]

Well it creates a disincentive for websites to use unnecessary audio. I don't think any user will be surprised or annoyed by seeing youtube or pluralsight asking them permission to play audio/video. For some random website where audio is unsolicited, it creates an incentive to not even ask. Like you don't want to necessary access the location of your users if you don't want to piss them off. I am actually happy when I can press no on some random website trying to access my location.

I think it probably is the right UX.

[Klathmon]

It's not about being surprised, it's about not reading the dialogue at all.

I make a barcode scanning app in the browser. Our users know that the app scans barcodes using the camera, they receive training on the app before using it, and yet about ~15%~ (Edit: it's closer to 8% now) of our users click "no" when asked to allow camera permissions to scan barcodes. It was causing so many support calls that we ended up doing a 2-stage permissions prompt. First we display a javascript dialog telling the user that they need to click "yes" for the app to work, then we show the native permissions request after they have clicked yes, because if the user selects "no" the first time, we can't ask again, and 99% of users don't know how to go into the settings and re-enable it (hell, even I don't know where it is from memory, and would need to hunt around to find where it is)

And it doesn't create an incentive not to ask at all. At worst the website is where they would be if they didn't ask, at best they are able to display notifications, play audio, play video, get location, etc...

It's a no-lose situation in 99% of cases for the website owner, unless they actually really need that permission to function, then they have a LOT to lose. It's a situation where the incentives are misaligned terribly.

And don't get me wrong, i'm also very VERY happy that I can prevent notifications or location access, but I also think that more could be done to prevent spamming of the permissions prompt itself.

[ameister14]

Yeah, clearly they read the dialogue if by adding more dialogue you change their action.

The problem may have been that simply asking for permission to use the camera in general and not stating when and how you would use that permission, people thought about the fact that they didn't really want to give the app blanket permission to use their camera.

The solution to that problem is to point out what you are using it for and tell them it is necessary, which is what you did.

[Klathmon]

>Yeah, clearly they read the dialogue if by adding more dialogue you change their action.

No, because with our first-stage dialog we can just keep showing it until they click yes, but with the native dialog we only get one chance, and if they click "no" we might not even get a callback that they clicked anything at all on some browsers (which I honestly kind of like from a privacy standpoint).

But to be clear, i'm not happy with the 2-stage dialog. It feels condescending to ask for permission to ask, and for non-business applications it just slows down the "thing" that you are asking for permission for even more. But thus far it's the only thing that has consistently worked for us.

>The problem may have been that simply asking for permission to use the camera in general and not stating when and how you would use that permission

Our app is a business-oriented application that is running on dedicated company-owned phones in most cases. Users are trained on how to use it, how to set it up, how to create accounts and more.

About 8% of our new users still click no on average 2-3 times spending less than a second on the dialog according to some analytics I have on it. It dropped from 15% with the change from 1-step to 2-step permissions, but that's still a LOT of users that instinctively click "no".

[ameister14]

So are you saying that you don't allow them to say no to the first-stage, and have it pop up immediately after, or that you pop it up every time they open the app?

I don't think it's innately condescending to ask someone for permission and outline exactly what you need the permission for, but I don't know the copy you are using.

I know that in context it makes sense, but people read things and don't think about them in larger context all the time. They think about them individually - do I want to give this thing permission to use my camera? No. Do I want to give it permission to use my camera so that it can do this thing I want it to do? Yes.

That's why outlining the purpose as in the second case makes it more likely for people to say yes.

Have you tried putting the reasoning on the second dialogue or is this a native one that is uneditable? You might be right if they are spending less than a second, but I've found with websites that a surprising number of people read everything. It'd be an interesting test if it's possible.

[userbinator]

I see friends/family browsing the web and they will go to a news site, click "no" to notifications, need to click away the fullscreen "want to subscribe to our newsletter" modal, then scroll down to the content. Adding a "want to allow this to display video" is just another step you need before being able to use the site.

NoScript / JS off by default will get rid of 99% of those annoyances and give you the article content immediately. (I am aware of the sites which hide the content behind JS, which are truly "shitty UX", but if more people used this config, perhaps they wouldn't proliferate as much. Fortunately most news sites aren't like that, in my experience.)

[mrighele]

If a website asks me to show notifications, to get my location or access my microphone before I even start to read what it is about, it fully deserves a permanent NO to any kind of permission.

Offer me notifications after you notice that I came back a couple of times to your website, ask me to autoplay the video the moment I play the video by hand. Remind me to grant permission to use the microphone the moment I try to start a video call.

Websites (and web developers) should learn to be _polite_.

[SquareWheel]

They probably wanted to avoid "breaking" major sites like Youtube, Spotify, and Soundcloud, and tried to create a smarter whitelist system.

[krisdol]

Because they sell ads, some of them video ads.