India’s consumer watchdog has imposed penalties on edtech platform PhysicsWallah and cybersecurity firm McAfee Software India for using manipulative digital design practices, known as ‘dark patterns’, that allegedly nudged users into making decisions they may not have intended.
The Central Consumer Protection Authority (CCPA) fined PhysicsWallah ₹5 lakh and McAfee Software India ₹1 lakh, while directing both companies to immediately discontinue such practices on their platforms.
Dark patterns are interface designs that steer consumers towards actions such as making purchases, signing up for subscriptions, or sharing personal information without fully informed consent.
The CCPA introduced guidelines in November 2023 to curb such practices, identifying 13 categories of dark patterns and classifying them as unfair trade practices.
The regulator initiated action against PhysicsWallah on its own after examining practices on the edtech platform.
According to the CCPA, the company automatically added a ₹10 donation to the PW Foundation during the checkout process without obtaining explicit consent from users. Consumers who attempted to remove the donation were reportedly shown emotionally persuasive messages related to children's education, healthcare and marriage expenses.
The authority also objected to courses being promoted as "free" while requiring users to provide their mobile numbers and email addresses before accessing them. Its investigation found that the course content remained the same across accounts, indicating that mandatory data collection was not essential for delivering the service.
The regulator noted that many of PhysicsWallah's users are students, including minors, making the issue particularly sensitive from a consumer protection perspective.
In McAfee's case, the CCPA examined the company's subscription renewal interface and found that users were presented with only two choices: "Renew Now" or "Accept Risk".
The authority said the design effectively portrayed non-renewal as a risky decision that could compromise users' digital security. It also observed that the renewal option was given greater visual prominence, encouraging users to continue their subscriptions.
According to the regulator, the company could not substantiate the implication that choosing not to renew would necessarily expose users to security threats.
The orders were issued under the Consumer Protection Act, 2019, the Consumer Protection (E-Commerce) Rules, 2020, and the Guidelines for Prevention and Regulation of Dark Patterns, 2023.
The CCPA has recently intensified scrutiny of digital platforms. Earlier this month, it advised e-commerce companies to conduct self-audits and eliminate dark patterns from their websites and applications.
The authority reiterated that consumer consent should be explicit, informed and free from manipulative design practices.