CCPA fines PhysicsWallah, McAfee for using dark patterns

MUMBAI: Some online buttons are designed to guide you. Others, it seems, are designed to give you a gentle shove. India’s consumer watchdog has pulled up edtech platform PhysicsWallah and cybersecurity firm McAfee Software India for using so-called “dark patterns” interface designs that can subtly steer users towards choices they may not have intended to make.

The Central Consumer Protection Authority (CCPA) has imposed a penalty of Rs 5 lakh on PhysicsWallah and Rs 1 lakh on McAfee, while directing both companies to discontinue the identified practices. The action has been taken under the Consumer Protection Act, 2019, the Consumer Protection (E-Commerce) Rules, 2020, and the Guidelines for Prevention and Regulation of Dark Patterns, 2023.

PhysicsWallah accounted for the larger share of the penalty after the regulator identified three violations on its platform. Among them was a Rs 10 contribution to the PW Foundation that was automatically added during checkout without explicit consumer consent.

The CCPA noted that users attempting to remove the contribution were shown emotionally persuasive messages linked to children’s education, healthcare and marriages, potentially influencing their decision. The regulator also examined courses advertised as “free” and found that users were required to share their mobile number and email address before gaining access.

According to the authority, the course material remained unchanged across different user accounts, suggesting that collecting personal information was not necessary to deliver the service. The watchdog also highlighted that many of PhysicsWallah’s users are students, including minors, making transparency and informed consent particularly important.

McAfee’s case centred on its subscription renewal process. The regulator found that consumers were presented with only two choices: “Renew Now” and “Accept Risk”.

According to the CCPA, the wording framed non-renewal as a potentially unsafe decision tied to security concerns, despite the company being unable to substantiate or guarantee such outcomes. It further observed that the renewal option was visually more prominent than the alternative, increasing the likelihood of influencing consumer behaviour.

The regulator described dark patterns as deceptive design techniques that push consumers towards purchases, subscriptions or data-sharing decisions they may not have otherwise taken. India formally introduced guidelines against such practices in November 2023, identifying 13 categories of dark patterns as unfair trade practices.

The latest action comes as the CCPA intensifies scrutiny of digital platforms and e-commerce services. The authority, led by chief commissioner Nidhi Khare and Commissioner Anupam Mishra, has recently urged companies to conduct self-audits and eliminate manipulative design features from their platforms.

The message from the regulator is becoming increasingly clear, consumer consent should be informed and voluntary, not something hidden behind clever design tricks and persuasive prompts.