This publication has been published by the International Comparative Legal Guide (ICLG) at Regulatory Crackdown on Dark Patterns: CCPA’s Enforcement Actions and Emerging Compliance Landscape in Indian E-Commerce | ICLG.com Briefings

India is emerging as a global leader in the fight against manipulative digital practices, setting standards through clear regulations and robust enforcement around ‘dark patterns’. The ongoing efforts by regulatory bodies such as the Central Consumer Protection Authority (“CCPA”) and recent compliance actions by prominent, market‑leading e‑commerce entities signal a new era of consumer protection in the country.

Understanding ‘Dark Patterns’

A dark pattern is a user interface design which is intentionally designed to mislead or trick users into making decisions that they may not otherwise make, by subverting or impairing consumer autonomy ^[1]. Under the Consumer Protection Act, 2019 (“Act”), such practices can constitute “unfair trade practices” as defined under Section 2(47)^[ii] of the Act.

With the increasing use of online e-commerce platforms and a growing digital economy, the CCPA notified Guidelines for Prevention and Regulation of Dark Patterns (“Guidelines”) in exercise of the powers conferred under Section 18^[iii] of the Act. The Guidelines recognise the cascading effect and the threat of dark patterns on consumer rights and seek to protect consumers from deceptive online practices by identifying 13 specified ‘dark patterns’ in the e-commerce sector. These dark patterns include practices such as false urgency, basket sneaking, confirm shaming, forced action, subscription traps, interface interference, bait and switch, drip pricing, disguised advertisements, nagging, trick questions, SaaS billing, and rogue malware.

CCPA’s role in this framework

The CCPA is a regulatory body established under Section 10^[iv]  of the Act by the Government of India. Its primary mandate is to protect, promote, and enforce the rights of consumers as a class. The CCPA is empowered to investigate matters relating to violations of consumer rights, unfair trade practices, and false or misleading advertisements that are prejudicial to the interests of the public and consumers. It is interesting to note that the CCPA is empowered to take suo motu action against any entity and investigate in the event of any indication of unfair trade practices, prejudicial to consumer welfare. It has the authority to initiate inquiries, order recall of unsafe goods and services, direct discontinuation of unfair practices, and impose penalties on violators.

Enforcement of the Guidelines

The Guidelines are applicable and enforceable by the CCPA and consumers against all platforms that systematically offer goods or services in India, which include: (i) e-commerce entities; (ii) advertisers; (iii) product sellers; and (iv) service providers. The CCPA is responsible for interpreting and enforcing the Guidelines.

CCPA documented actions against consumer e-commerce platforms

i) Action against IndiGo

The CCPA, in furtherance to the Guidelines, has suo-moto taken cognisance and issued a notice to IndiGo for the use of dark patterns such as:

• Opaque Seat Assignment Processes: IndiGo obscured the ability for users to skip the paid seat selection option, forcing users to opt for the preferential seating option (which was payable upfront).
• Confirm Shaming: Users opting out of add-on services (such as baggage insurance) were shown messages such as “No I will take risk”, which sought to manipulate users into making choices.

Upon consideration of IndiGo’s responses, the CCPA passed directions vide order dated June 19, 2024, directing IndiGo to inter alia examine the feasibility of introducing a feature in their web check-in process, whereby consumers are informed in a distinct, clear, and unambiguous manner that consumers can complete their web check-in process without choosing a preferred seat.

In compliance with the CCPA’s order dated June 19, 2024, IndiGo updated its user interface, eliminating the use of such patterns and by providing appropriate disclaimers such as “You can skip preferred seat selection and complete your booking. IndiGo will auto-assign a seat prior to your travel”.

ii) Action against BookMyShow

The CCPA had also issued notices to BookMyShow, based on allegations that BookMyShow had allegedly imposed an extra charge on customers, whereby after a user had selected their tickets for booking, INR 1 per ticket was automatically added as a contribution towards ‘BookASmile’ in the form of a pre-tick, which was done without the consent of the user. This amounted to ‘Basket Sneaking’, which is prohibited under the Guidelines.

After the CCPA’s intervention, BookMyShow addressed the issue of ‘Basket Sneaking’ by giving its users an option to choose whether or not they wish to contribute towards ‘BookASmile’.

iii) Show-Cause Notices to 11 Companies

The CCPA has also issued show-cause notices to eleven companies, including: (i) quick commerce platforms; and (ii) online transport aggregation platforms, pursuant to consumer complaints on deployment of prohibited dark patterns such as false urgency, drip pricing, subscription traps, and nagging. These companies have been called upon to provide explanations and propose remedial measures. In the event of unsatisfactory responses, the CCPA may initiate proceedings under the Act, including but not limited to directing the discontinuation of such practices, imposing penalties, and mandating corrective disclosures.

June 05, 2025, Advisory

Pursuant to a high-level stakeholder meeting on eliminating deceptive online practices, which was organised by the Ministry of Consumer Affairs, Government of India on May 28, 2025, the CCPA issued an advisory on June 05, 2025 (“Advisory”) calling upon e-commerce platforms to conduct self-audits to identify and ensure that their platforms do not contain dark patterns, within three months from the date of issuance of the Advisory.

The CCPA, through the Advisory and Press Notes issued by the Ministry of Consumer Affairs dated June 07, 2025 and July 22, 2025 (“Press Notes”) advised that e-commerce platforms conduct self-audits to identify and eliminate dark patterns, within three months from the date of issuance of the Advisory. The Advisory and Press Notes also encourage e-commerce platforms to make self-declarations that their platforms do not indulge in the use of any such dark patterns.

As of this date, it appears that only one major e- commerce company has publicly announced completion of a comprehensive, independent self-audit across its entire portfolio, and submitted a declaration of compliance to the Ministry of Consumer Affairs.

Additionally, the Ministry of Consumer Affairs has launched two mobile applications – ‘Jago Grahak Jago’ and ‘Jagriti’, which alert users if any URL is unsafe and requires caution. These applications allow users to report URLs where they suspect one or more dark patterns. Further, on the ‘Jagriti Dashboard’, which is accessible through the website of the Ministry of Consumer Affairs, consumers can submit real-time reports against websites that employ dark patterns on their platforms.

Global Regulatory Trends and Convergence

India is the first country to issue dedicated Guidelines to tackle dark patterns on online platforms. In the European Union, the Digital Services Act explicitly bans manipulative interfaces, the General Data Protection Regulation targets deceptive consent techniques and strengthens transparency and consumer rights, and the Unfair Commercial Practices Directive broadly addresses misleading conduct, though calls remain for clearer, harmonised prohibitions across member states.

In the United States, the Federal Trade Commission uses its authority against unfair and deceptive practices to pursue subscription traps, misleading opt-ins, and privacy violations; state laws like the California Consumer Privacy Act restrict manipulative data-collection designs, and the federal “Click-to-Cancel” rule eases subscription cancellation. Australia lacks specific dark-patterns legislation but relies on the Consumer Law’s prohibitions on unfair and deceptive conduct, with the Competition and Consumer Commission investigating and penalising platforms. Across these jurisdictions, regulators converge on stronger consent, transparency, and enforcement against dark patterns.

Implications on E-Commerce Entities

The Central Government and the CCPA, through their recent Advisory and Press Notes, have reaffirmed their seriousness in acting against the use and deployment of dark patterns on online platforms.

The Advisory and Guidelines have placed dark patterns squarely in the regulatory spotlight in India as E-commerce platforms, both domestic and multinational, now face increased scrutiny, with the risk of enforcement actions, public censure, and reputational damage if found non-compliant. The CCPA has already demonstrated its willingness to take suo motu action, as seen in the cases against IndiGo and BookMyShow, signalling that platforms cannot afford to ignore these requirements.

For multinational e-commerce companies operating in India, the regulatory landscape presents unique challenges. Many global platforms use standardised user interface templates and design systems across markets. However, India’s explicit requirements, such as the prohibition of pre-ticked boxes, mandatory explicit consent, and the need for clear opt-outs, may differ from or exceed those in other jurisdictions. This necessitates India-specific deviations in UX design, consent flows, and disclosures to ensure compliance.

As regulatory momentum against dark patterns builds globally, multinational platforms operating in India must treat the CCPA’s advisory as a baseline, not a ceiling. Proactive compliance, transparent self-declaration, and ongoing governance will be critical, not only to avoid enforcement risk but also to build consumer trust and sustain long-term growth in the Indian digital marketplace.

Endnotes: