Have you have ever accidentally clicked on the more expensive option while booking plane tickets because of a misleading color scheme? Have you bought a t-shirt impulsively because the website told you there is only one more item left? Have you had to give your email address and create an account to access a news article? Then you might be the victim of a dark pattern.
Dark patterns are a UI/UX design choice whereby customers are often ‘nudged’ into making a commercial decision they may not have ordinarily made, typically for the benefit of the seller. In today’s world, these are common friends. So common, in fact, that the Central Consumer Protection Authority (“CCPA“) issued the Guidelines for Prevention and Regulation of Dark Patterns, 2023 (the “Guidelines“), banning 13 identified dark patterns in 2023, discussed in a previous article. These banned dark patterns include bait-and-switch, false urgency and forced action, as illustrated above, which, according to a PIB press release, are unfair trade practices as defined by the Consumer Protection Act, 2019[1].
Yet, even though the Guidelines were enacted nearly three years ago, effective enforcement has remained a challenge. In June 2025, the CCPA issued an advisory titled, Advisory in terms of Consumer Protection Act, 2019 on Self-Audit by E-Commerce Platforms for detecting the Dark Patterns on their platforms to create a fair, ethical and consumer centric digital ecosystem (the “Advisory“). The Advisory advised all e-commerce platforms to conduct a self-audit to verify whether any dark patterns are being used by that platform and to ensure that no such practices are deployed within three months from the date of the Advisory. Based on this audit, platforms were also encouraged to give a self-declaration certifying that no dark patterns are used by that platform. Following this Advisory, 26 major platforms declared themselves dark pattern free, including MakeMyTrip (which declared that it requires explicit consumer consent, and has no pre-ticked boxes), Zomato (which declared that its internal assessment aligns its platform with the Advisory) and Ajio (which declared no dark patterns and ongoing platform checks)[2].
Earlier this month, in a significant move, the CCPA fined both PhysicsWallah Limited and McAfee Software India Private Limited for using dark patterns on their respective platforms. Taking suo moto cognizance against PhysicsWallah Limited, the CCPA noted that its platform and mobile app suffered from extensive usage of dark patterns, including basket sneaking an additional Rs. 10 as a donation to the PW foundation without user consent, confirm shaming by sharing information to guilt or nudge users into retaining the pre-selected donation amount, and forced action and user interface by requiring the disclosure of personal information to access free courses[3]. Noting that the platform catered primarily to students, a young and vulnerable class of consumers, the CCPA found that such practices within educational services has the potential to impair free and informed decision-making. Examining the class of users and the revenue collected through use of the pre-selected donation mechanism, the CCPA directed PhysicsWallah Limited to pay a penalty of Rs. 5,00,000/- and to ensure that no dark patterns are employed on its platform or mobile application.
The CCPA also took action against McAfee Software India Private Limited after receiving a complaint from a user regarding its subscription renewal mechanism, alleging the use of confirm shaming where the options for renewal were to either ‘accept risk’ or ‘renew now.’ It also examined the platform’s design choice of creating the close option marked in an X but in a subdued and muted grey, vis-à-vis the other buttons, and noted that this sort of visual presentation could impair a consumer’s ability to make a neutral decision. In its findings, the CCPA found that the use of fear-based terminology, the implied and express representation regarding the impact of non-renewal of the subscription, and the visual prominence of certain elements over others, constituted confirm shaming, interface interference, trick questions, and forced action, all of which are unfair trade practices[4]. It fined McAfee Software India Private Limited Rs. 1,00,000/- and also directed it to ensure that no dark patterns are employed on any of its platforms or applications.
These cases illustrate the decisive direction the CCPA is taking towards safeguarding consumer interests from predatory online behavior by corporations and platforms. Since the Guidelines were issued in 2023, and the ASCI guidelines issued prior to that in 2022 (which were also discussed in a pervious article), there have been several positive developments against the use of these mechanisms. So the next time you are being nudged to part with your personal information in order to access public or free information, know that you have recourse against this action.
[1] https://www.pib.gov.in/PressReleasePage.aspx?PRID=2146813®=48&lang=2
[2] https://www.pib.gov.in/PressReleasePage.aspx?PRID=2191948®=48&lang=2
[3] Use of dark patterns resulting in unfair trade practice, misleading advertisement, and violation of consumer right by PhysicsWallah Limited, Case No: CCPA-2/94/2025-CCPA. https://jagograhakjago.gov.in/CCPA_Orders/Physics_Wallah_Limited_Order_01June2026.pdf
[4] Use of dark patterns resulting in unfair trade practice, misleading advertisement, and violation of consumer right by McAfee Software India Private Limited, Case No. YY-2/4/2025-CCPA, https://jagograhakjago.gov.in/CCPA_Orders/McAfee_Oder_20May2026.pdf
English
Chinese (Simplified)
Japanese