A. BACKGROUND & OBJECTIVE
The Central Consumer Protection Authority (“CCPA”) in exercise of the powers conferred by Section 18 of the Consumer Protection Act, 2019 (“CPA”), has notified the Guidelines for Prevention and Regulation of Dark Patterns, 2023 (“Guidelines”) on November 30, 2023. The Guidelines were preceded by the Draft Guidelines for Prevention and Regulation of Dark Patterns, 2023, which were released by the CCPA on September 07, 2023, for public consultation.
The Guidelines have been framed after detailed deliberations between the Department of Consumer Affairs (“DoCA”) and all stakeholders involved, such as e-commerce platforms. The DoCA had also issued a letter to major online platforms on June 30, 2023, urging such platforms to refrain from incorporating any design or patterns in their online interface that may deceive or manipulate consumer choice and fall in the category of dark patterns, as that would be construed to be an unfair trade practice.
The Guidelines have been enacted with an objective to identify and regulate practices, which tend to prejudicially influence or alter consumer choices, by using deceptive or misleading techniques or manipulated user interfaces/ web designs.
B. SCOPE OF THE GUIDELINES
- Concept of Dark Patterns
The term ‘dark patterns’ has been defined in the Guidelines to mean “any practices or deceptive design pattern using user interface or user experience interactions on any platform that is designed to mislead or trick users to do something they originally did not intend or want to do, by subverting or impairing the consumer autonomy, decision making or choice, amounting to misleading advertisement or unfair trade practice or violation of consumer rights.”
As the definition suggests, dark patterns involve practices, and online user interfaces, that are devised to manipulate, and lead consumers to make, unintended choices, that are detrimental to their interest.
The Guidelines are applicable to:
- all platforms, systematically offering goods or services in India;
- advertisers; and
The Guidelines prohibit any person, including any platform, from engaging in ‘dark pattern practices’ as defined under these Guidelines. It is important to note that the definition of dark pattern is not an exhaustive one.
The Guidelines further provide that in the event any person (including a platform) engages in any of the ‘Specified Dark Patterns’ that have been provided in Annexure I to the Guidelines, such person will be considered as engaging in a dark pattern practice. Presently, there are 13 dark pattern practices that have been identified under the Guidelines. CCPA has the discretion to include additional dark patterns under Annexure I, from time to time.
C. SPECIFIC DARK PATTERNS IDENTIFIED IN GUIDELINES
While certain specified dark patterns have been expressly provided under Annexure 1, it is clarified that the practices and illustrations specified therein, are for guidance only and will not be considered as a binding opinion or decision as different facts or conditions may entail different interpretations. In other words, these are mere illustrations for providing clarity, and are not exhaustive in nature.
- False Urgency:
This refers to the practice of deceptively creating a sense of urgency or scarcity to pressurize a user to take an action or make a purchase in haste, by either, showing false popularity of a product or service, or by portraying that there is limited availability of stock in contrast to its actual availability.
The intent of this provision is to ensure that users are not induced/ mislead into making an instant buying decision based on inaccurate facts, and their ability to make such a decision voluntarily (with the exercise of free choice and discretion), based on truthful information, is not taken away.
- Basket sneaking:
This refers to practices where platforms, without the user’s consent, include additional products, services, payments to charity or donation, etc., into a user’s cart at the time of checkout, such that the total amount payable by the user, is more than the amount payable for the product or service originally selected by the user. While the Guidelines do not elaborate on the meaning of ‘consent’, the illustrations categorize automatic inclusion of a product via a pre-ticked box in a user’s cart as an instance of basket sneaking, thereby implying express consent should be obtained for such activities.
The Guidelines exclude addition of free samples/ complimentary services or inclusion of necessary fees disclosed to a user at the time of purchase (such as, delivery charges, gift wrapping, additional taxes charged by the Government or other charges explicitly disclosed to the consumer at the time of purchase that are necessary to fulfill the completion of the order), from basket sneaking.
- Confirm shaming:
Confirm shaming refers to usage of a phrase, video, audio, etc., for inducing sense of fear or shame or ridicule or guilt in the mind of the user to push the user to purchase a product or service from the platform or to continue a subscription of a service, primarily for commercial gains, by subverting consumer choice.
The intent of this provision is to stop manipulation of consumer behavior caused by shame, guilt, or ridicule. Statements to nudge users to take certain actions (such as for adding travel insurance while booking tickets or for donating to a particular cause) will have to be cautiously curated to ensure that the users are not compelled to take such actions out of fear, shame, guilt, or ridicule.
- Forced action:
Forced action refers to an interface that pushes a user to buy additional goods, or unrelated services or share personal information in addition to what was originally intended.
Basis illustrations provided in the Guidelines it appears that activities such as compelling users to share personal information linked with their Aadhar or credit card, even when such details are not necessary or forcing a user to download unrelated apps while availing a service, will be categorized as dark pattern practices.
- Subscription trap:
Subscription trap, as the name suggests, involves the process of intentionally making cancellation of a paid subscription impossible, complex, lengthy, and ambiguous (such as, hiding the cancellation option for a subscription or making the instructions related to cancellation confusing, or cumbersome).
Hence, for the purpose of subscriptions, it needs be ensured that the process of cancellation of a subscription is transparent, clear, and simple. Further, with regard to ‘free subscriptions’, unnecessary details or actions such as request for payments details or to enable auto debit instructions, should not be required.
- Interface interference:
Design elements that highlight certain specific information and obscure other relevant information to misdirect and manipulate a user from taking an action as desired is referred to as interface interference.
The intent of this provision is to tackle interface or design elements that misdirect users into taking actions by highlighting only certain aspects/ information that are favorable to the platform/ person providing the interface.
Platforms, sellers, and advertisers should ensure that the meaning of key symbols is not changed to mean the opposite (for instance if a user clicks on symbol ‘X’ on the top right corner of a website to close a page on a website, it should not result in opening of another page on the website instead of closing it).
- Bait and Switch:
The concept of bait and switch refers to the practice of advertising a particular outcome based on the user’s action but deceptively serving an alternate outcome. This occurs when an advertisement presents one option to entice consumers, but later it is replaced with a different one that may be more costly for the user. An example would be when a user selects a product at a particular price, but at the time of checkout that product is no longer available, and a substitute product is offered at a higher price.
This condition of the Guidelines, thus, imposes an obligation to ensure that the exact product (including specific model, price, or other specifications) that was shown in the advertisement is also made available to consumers.
- Drip pricing:
To ensure transparent pricing for users, the Guidelines prohibit ‘drip pricing’, which is a practice of concealing certain elements of prices and not revealing them upfront or revealing them surreptitiously during the course of the user’s experience. This also includes practices where the final price of a product or service is only disclosed at the end of the transaction process or post-confirmation of purchase. Such incomplete price representations amount to deceptive design patterns which mislead users.
The intent of the provision is to: (a) tackle practices that materially mislead the public on the price at which the relevant goods/ services are depicted to be sold; and (b) ensure that all charges are transparent and there are no hidden costs associated with the purchase to be made by the consumer. This is to tackle practices of platforms which inflate prices at the time of check-out, by including certain hidden charges such as delivery, handling, convenience fees, etc.
Platforms, sellers, and advertisers should ensure that all charges, common for all or most users (including all non-optional taxes, duties, fees, and charges), should be included in the price displayed on the advertisement/ online interface of a website for a product or service.
It is pertinent to note that the Guidelines provide that a marketplace e-commerce entity is not liable for price fluctuations that can be attributed to either third party sellers or factors beyond their control.
- Disguised Advertisement:
As the name suggests, disguised advertisements are those advertisements that are designed to look like other types of content, such as news articles or user generated content. The Guidelines stipulate that in relation to content posted by a seller or an advertiser on a platform, the responsibility of making the disclosure that such content is an advertisement shall be on such seller or advertiser.
The intent of this provision is to prohibit advertisements that are reflected as genuine content in the garb of a paid for promotion/ advertisement. Lack of disclosure in such advertisements make them seem like genuine organic content vis-à-vis advertisements for which there is some commercial gain, which results in manipulation of users.
The explanation to the definition of ‘disguised advertisement’, provides that the expression ‘disguised advertisement’ also includes misleading advertisement as defined in Clause 2(28) of the Consumer Protection Act, 2019 and the ‘Guidelines for Prevention of Misleading Advertisements and Endorsements for Misleading Advertisements, 2022’ are also applicable to it.
Disrupting or annoying users with unauthorized, repeated, and persistent interactions, in the form of requests, information, options, or interruptions, to effectuate a transaction and make some commercial gain is classified as ‘nagging’ under these Guidelines.
The intent of this provision is to ensure that platforms do not send repeated requests to users to undertake a particular action (such as downloading an app) without their express consent, or constantly request users for additional personal information for obscure purposes. It will have to be ensured that users have the ability to either accept or turn off such notifications/ communications.
- Trick Question:
Deliberate use of confusing or vague language like double negatives, or similar tricks to misguide or misdirect a user from taking a desired action or leading a user to take a particular action over another, will be classified as a trick question.
Platforms, sellers, and advertisers should ensure that clear opt-in and opt-out mechanisms are in place. For instance, while giving a choice to a user to opt in or out of a service, the options should be clear such as ‘yes’ or ‘no’ and not a vague option like ‘not now’.
- Saas billing:
This is the process of generating and collecting payments from users on a recurring basis in a software as a service (SaaS) business model by exploiting positive acquisition loops in recurring subscriptions to get money from users in a surreptitious manner.
Some of the examples of Saas billing which should be avoided include, conversion of a free trial into a paid one without notifying the user, silent recuring transactions in which the users account is debited without being notified or charging users for features and services they are not using.
- Rogue Malwares:
This refers to using ransomware or scareware to mislead or trick users into believing that there is a virus on their computer with an aim to convince them to pay for a fake malware removal tool that installs malware on their computer.
D. WAY FORWARD
As these Guidelines are already in effect, all platforms, sellers, and advertisers will have to promptly implement mechanisms to ensure dark pattern practices are not prevalent in their user interface and adopt safeguards to take appropriate action in the event any such dark patterns come to light.
Given that the Guidelines categorize these dark patterns as either misleading advertisements or unfair trade practices, in the event of non-compliance, penalties under the CPA can be imposed, depending on the nature of violation.
Other than the CCPA, the Advertising Standards Council of India (“ASCI”) has also been quite proactive in this space. The ASCI had, back in June 2023, issued the Guidelines for Online Deceptive Design Patterns in Advertising, to regulate dark patterns in advertising (“ASCI Guidelines”).
While these Guidelines and the ASCI Guidelines are a step in the right direction to protect consumer interest especially in the increasingly expanding and penetrative digital space, their enforcement will play a critical role in determining their impact.