The recent implementation of the EU’s GDPR has some online businesses scrambling to comply with its stringent requirements for user privacy.

And then there’s Facebook.

A legal complaint filed against Facebook alleges that the company is creating fake notifications for users, and using language that might lead some consumers to believe that accepting the new terms of service (which largely amounts to ‘let us keep gobbling up your personal data’) is required to see those terms of service.

Users logging onto the site before the May 25th deadline were greeted by two red notification dots in Facebook’s menu bar (alerting them to new messages and notifications). That’s where some users found a notification that they needed to consent to the terms of service  in order to view them.

“The only option for a user was…to accept the new terms and privacy policy, or to delete the account. There was no option to disagree, opt-out or say no in any other way, shape or form,” alleges the lawsuit.

Facebook’s connect-the-fake-dots approach to not-privacy isn’t the only interface trick to garner consent for their data mining activities. Many European users found their accounts blocked altogether if they didn’t agree to their terms of service, and the ability to delete accounts got buried in small text below a larger call to action to–you guessed it–provide consent to their new terms.

Read more about it here.