Unmaking Dark Patterns: Navigating the CCPA’S New Guidelines


The concept of “Dark patterns” is a recent growing concern in the e-commerce marketplace, which is known to be associated with the unfair trade practices adopted by businesses. To elucidate, dark pattern is a blanket terminology for various deceptive practices which manipulate online users to make certain choices that wouldn’t have been opted for otherwise, as the same does not lie in their best interest. This false influence hampers consumers’ autonomy, constituting misleading advertisements and contravening consumer rights[1]. How often does a consumer come across false quotations like: “Hurry- Limited stock available!”; “Yes, or yes?” … “Flash deal for 10 minutes only!” and so on. Evidently, very frequently, but the same turns out to be false almost every time. Such tactics are covered under the umbrella of dark patterns. In order to tackle this prevailing cause, the Central Consumer Protection Authority (hereinafter referred to as “CCPA”) notified the Guidelines for Prevention and Regulation of Dark Patterns, 2023, which came into force on 30th November 2023[2]. The said guidelines put forth the provision for prohibitions of such patterns in designing User Interface (“UI”) and User Experience (“UX”), which deceives users. Moreover, it intends to encourage entities to enhance their sales and retain users by adopting ethical approaches that emphasise consumer interests[3].

Applicability of the Guidelines

As per Section 3 of the Guidelines for Prevention and Regulation of Dark Patterns, 2023 (“Guidelines for Dark Patterns, 2023”), the application shall extend to sellers, advertisers, and all such platforms that systematically conduct business in India. If any entity is already governed under some distinct law, then this guideline shall be read in corroboration with the same and not in derogation of the other laws. Subsequently, it will also have an application in the extra-territorial domain, wherein the foreign entities and e-platforms that offer goods or services in India shall also be covered, thus having a broad spectrum of coverage[1].

Nexus with Other Regulations

The Dark Patterns Guidelines interplay with the Digital Personal Data Protection Act, 2023 (“DPDP Act”), thus, requiring all e-platforms to obtain a willful and free consent from the individuals. This nexus ensures that the users are not compelled to share their personal data by obtaining consent deceitfully. As a result, it shall maintain an equilibrium between accessing users’ data for a personalised experience and their privacy. For illustration, the Guidelines prohibit the usage of design tactics that make it obligatory for the user to furnish their personal data, which is irrelevant to the purchase they intend to make. Further, the Consumer Protection (E-Commerce) Rules, 2020 applies to the goods and services sold or bought over the e-platform, under which such platforms are prohibited from adopting unfair trade practices. The contravention of these rules leads to similar consequences as laid down in the CPA. On the other hand, the Advertising Standards Council of India created awareness about dark patterns in 2022[1]. Owing to this issue, the regulatory body released guidelines against Online Deceptive Design Patterns in Advertising[2]. Along with these regulatory measures, the Department of Consumer Affairs has also issued “Additional Influencer Guidelines for Health and Wellness Celebrities, Influencers, and Virtual Influencers”, which elaborates on certain responsibilities for influencers seeking caution in claims made with respect to healthcare and medicine.[3] Given the existing rules and measures, the recently issued guidelines by the CCPA act as a commitment on the government’s part to safeguard the privacy of the consumers and protect their autonomy along with decision-making by emphasising the user interface design.

Specified Dark Patterns Incorporated in the Guidelines

The Guidelines specify 13 practices [Annexure 1 of the Dark Patterns Guidelines, 2023] and provide illustrations to offer guidance on what type of practices would constitute dark patterns. The same have been listed hereunder – 1-False Urgency– Elaborates on those misleading strategies which create an urgency, imposing pressure on consumers to take a particular immediate decision/action. It includes showing false popularity, stating false quantities, etc. Example: “Hurry- only 2 rooms left!” 2-Basket Sneaking – This refers to the automatic inclusion of extra items, mainly at checkout, irrespective of the consumer adding the same. Examples include the automatic addition of travel insurance while booking flight tickets or adding an extra amount in the name of charity or donation. 3-Confirm Shaming – It implicates phrases intended to institute fear, shame, or guilt in the user’s mind to nudge them towards a specific direction, predominantly to obtain commercial gains. Example: Using phrases like “I will stay unsecured” when a user opts out of travel insurance while booking flight tickets. 4-Forced Action – It means to force a user into taking a particular decision which would require them to buy additional goods, or sign up for a service or disclose personal data which is irrelevant to the intended purchase. Example: Compelling a user to make a subscription to a newsletter for purchasing a product. 5-Subscription Trap – This refers to such a practice, which makes it difficult for users to unsubscribe once they have signed up for a subscription. Example: Hidden opt-out services require additional lengthy steps to reach the cancellation option. 6-Interface Interference – An element of design that manipulates UI, thus making it difficult for the user to take the specific actions they want to. Example: When selected, the icon ‘X’ appearing on the top-right corner of a pop-up diverts to another advertisement rather than closing it entirely. 7-Bait and Switch – It refers to luring consumers with the advertisement of products of a particular outcome but deceptively providing another alternate outcome of cheap/lower quality. Example: A product is shown as available to lure consumers but is actually unavailable. 8-Drip Pricing: It is an act of revealing the price post-confirmation of the purchase, charging an extra amount than what was disclosed, or preventing the availability of a service for which the user has already paid. Example: A user downloaded a game of chess which earlier was showcased as “play chess for free”, but after 7 days of using the app, it asks for a payment to continue playing the game in the particular app. 9-Disguised Advertisement: It refers to masking advertisements as other content to blend with the rest. For example, when the seller posts content, the onus lies on them to disclose that the said content is an advertisement. 19-Nagging: It refers to the act wherein the user’s experience is disrupted by repeated interactions, in the form of constant requests made for earning commercial gains, until the time the users specifically authorise it. Example: the constant asking by a website to download its app. 11-Trick Question: The act that causes deliberate confusion by posing questions with vague language or confusing wordings, misguiding the users to opt for a specific response only. Example: For opting out, the usage of phrases like “Yes. I would like to receive updates” and “Not Now” rather than the option of “Yes”. 12-Saas Billing: It implicates the generation of continuous payments from the consumers in a software-as-a-service model. It stands for gaining money from users as sneakily as possible. For example, charging amounts for such features and services, the consumers do not even avail. 13-Rogue Malware: It refers to using ransomware, which misleads the consumers into believing that their device consists of a virus and further convinces them to pay for installing a fake virus removal tool. Example: when a pirating app promises the user to offer free content but instead embeds malware into the user’s system.

Impact and Challenges

While the guidelines stand in a firm position to eradicate such usage of unfair trade practices, the challenge herein might be related to “enforcement”. The ambit of dark patterns is so wide that it might be an issue to prove whether a certain practice constitutes a dark pattern. Let’s say the case wherein an app shows, “Hurry, only 2 rooms available!” is it genuinely portraying the correct data, or is it a tactic to mislead the users? Such questions still persist. Further, the ambit of disguised advertisements might need more clarification; on the other hand, specific dark patterns would be easy to regulate like that in e-retail sites, which automatically add items to the cart of the users without them choosing the same. Moreover, the guidelines must completely tackle the plethora of privacy issues related to dark patterns, with a special emphasis on the threat posed by the unauthorized acquisition of disproportionately large and needless amounts of personal data lacking the informed agreement of users[1]. However, the shortcomings and the solutions for it would be addressed when the same is implemented efficiently in the time being.


As businesses frequently employ intricate web designs to optimize revenue from each user contact, users are becoming more and more susceptible to dark patterns as e-commerce and online advertising continue to grow. There is a fine distinction which separates misleading the users into doing something against their will and intention from legitimately influencing or convincing them to do so. In this line, these guidelines seek to safeguard consumers against online interactions that might deceive, trap, or manipulate them, as well as to empower them to make choices that are more informed.
[1] Centre to stop sites from weaving ‘dark patterns’ to misled buyers, The hindu Bureau (September 7, 2023), https://www.thehindu.com/news/national/centre-invites-public-comments-on-guidelines-to-regulate-dark-patterns/article67280233.ece.
[1] Aarushi Jain and Krishnangi Bhatt, Dark Patterns: An (un)fair trade practice?, Cyril Amarchand Mangaldas Blog (August, 2023), https://corporate.cyrilamarchandblogs.com/2023/08/dark-patterns-an-un-fair-trade-practice/. [2] Guidelines for Online Deceptive Design Patterns in Advertising, ASCI (June, 2023), https://www.ascionline.in/wp-content/uploads/2023/05/Guidelines-for-Online-Deceptive-Design-Patterns-in-Advertising.pdf. [3] Bhuvnesh Kumar and Sharad Panwar, Navigating Deception: Dissecting the Implications of India’s Guidelines on ‘Dark Patterns’, The Wire (December, 2023), https://thewire.in/rights/india-guidelines-dark-patterns-implications.
[1] Sec. 3 Guidelines for Prevention and Regulation of Dark Patterns, 2023, Central Consumer Protection Authority, 2023, https://consumeraffairs.nic.in/sites/default/files/The%20Guidelines%20for%20Prevention%20and%20Regulation%20of%20Dark%20Patterns%2C%202023.pdf.
[1] Sec. 2(e) Guidelines for Prevention and Regulation of Dark Patterns, 2023, Central Consumer Protection Authority, 2023, https://consumeraffairs.nic.in/sites/default/files/The%20Guidelines%20for%20Prevention%20and%20Regulation%20of%20Dark%20Patterns%2C%202023.pdf. [2] Kriti, CCPA notifies Guidelines for Prevention and Regulation of Dark Patterns, 2023 to prevent unfair trade practice, SCCOnline Blog (2023), https://www.scconline.com/blog/post/2023/12/04/ccpa-notifies-guidelines-for-prevention-and-regulation-of-dark-patterns-2023-legal-news/. [3] Sajai Singh and Himanshu Kumar, CCPA issues Guidelines for Prevention and Regulation of Dark Patterns, 2023, JSA (December, 2023), https://www.jsalaw.com/newsletters-and-updates/ccpa-issues-guidelines-for-prevention-and-regulation-of-dark-patterns-2023/.
Aumirah Insights

See More insights

Contact us

Partner with Us for Comprehensive Legal Solutions

We’re happy to answer any questions you may have and help you determine which of our services best fit your needs.

Your benefits:
What happens next?

We Schedule a call at your convenience 


We do a discovery and consulting meting 


We prepare a proposal 

Schedule a Free Consultation