Why in news?
In June 2026 the Central Consumer Protection Authority (CCPA) fined the online education platform PhysicsWallah ₹5 lakh and the cybersecurity company McAfee Software India ₹1 lakh for using dark patterns—deceptive user interface designs that manipulate consumers. The penalties were issued under the Consumer Protection Act, 2019 and the Guidelines for Prevention and Regulation of Dark Patterns, 2023.
Background
Dark patterns refer to design features on websites or apps that trick users into making choices they might not otherwise make, such as adding unwanted items to a cart or handing over personal data. Recognising their growing use, India’s consumer affairs department released guidelines in November 2023 to identify and prohibit 13 specific dark patterns. The guidelines were framed after consultations with e‑commerce platforms, industry bodies and civil society groups.
Examples of prohibited dark patterns
- Basket sneaking: Automatically adding charity donations or extra products to a user’s shopping cart without clear consent.
- Confirm shaming: Using guilt‑inducing messages to discourage users from opting out, such as “I don’t care about children’s education” or “I will stay unsecured.”
- Forced action: Requiring users to share personal data or make additional purchases in order to access a nominally free service.
- Interface interference: Highlighting one option (e.g., “Renew now”) while obscuring a neutral choice, making it hard to decline.
- Trick questions: Using confusing wording or layout to nudge users toward a specific answer, such as labeling the cancel button “Accept Risk.”
- False urgency and drip pricing: Creating fake countdowns or hiding fees until the final payment screen.
Recent enforcement and guidance
- PhysicsWallah case: The CCPA found that the platform pre‑selected a ₹10 donation during checkout, displayed emotional messages to discourage users from removing it and required users to provide personal data to access courses advertised as free.
- McAfee case: The company’s subscription renewal page prominently displayed “Renew Now” while the alternative button read “Accept Risk,” implying danger if users did not renew. The design was deemed manipulative and unfair.
- Advisory to businesses: In June 2025 the CCPA issued an advisory asking all e‑commerce platforms and digital services to conduct self‑audits and remove dark patterns. The authority has promised more enforcement actions to ensure that consumer consent is explicit, informed and free of manipulation.
- Relation to data protection: India’s Digital Personal Data Protection Act, 2023 requires unambiguous consent for data processing and prohibits forced actions, reinforcing the ban on dark patterns that coerce users into sharing personal information.
Conclusion
The crackdown on dark patterns signals the government’s commitment to protect digital consumers. By defining and prohibiting manipulative design practices, regulators aim to build trust in online platforms and empower users to make informed choices. Businesses should adopt transparent, user‑friendly interfaces and respect the autonomy of consumers to avoid penalties and enhance their reputations.