India: Regulating Dark Patterns: A New Step Towards Transparency In Commerce

Background

The Central Consumer Protection Authority has notified the Guidelines for Prevention and Regulation of Dark Patterns, 2023 (Guidelines) to prevent and regulate 'dark patterns' deployed by online platforms, advertisers and sellers. The Guidelines are issued under the Consumer Protection Act, 2019 (Act) and build on the Guidelines for Prevention of Misleading Advertisements and Endorsements for Misleading Advertisements, 2022 (Misleading Advertisements Guidelines), which were also issued under the Act and notified in June 2022.

The Misleading Advertisements Guidelines, among other things, had prescribed: (a) conditions for an advertisement to be considered to be valid and not misleading; (b) conditions for an advertisement to adhere to, such that it is not considered as bait advertisement; (c) prohibition on surrogate advertising; (d) guidelines to be followed when an advertisement provides that something is free or without charge; (e) guidelines for advertisements where children are targeted or children are used in advertisements; and (f) duties of manufacturer, service provider, advertiser and advertising agency.

Prior to notification of the Guidelines, the Department of Consumer Affairs has been in discussions with various stakeholders to regulate dark patterns and had released draft guidelines to address dark patterns in September 2023. The Guidelines however identify and regulate more dark patterns than those that were provided for under the draft guidelines. The three new dark patterns are (a) Trick question; (b) Software as a Service (SaaS) billing; and (c) Rogue malwares.

Applicability

The Guidelines are applicable to (a) all platforms which systematically offer their goods or services in India; (b) advertisers; and (c) sellers.

The Guidelines have come into effect from 30 November 2023.

What are Dark Patterns

Dark patterns have been defined broadly in the Guidelines to mean any practices or deceptive design pattern using user interface or user experience interactions on any platform that is designed to mislead or trick users to do something they originally did not intend or want to do.

The practice or deceptive design should have (a) resulted in subverting or impairing consumer autonomy, decision-making or choice; and (b) amounted to a misleading advertisement or an unfair trade practice, or a violation of consumer rights.

Specified Dark Patterns

Dark patterns are already regulated under the Act. The Guidelines are in addition to the general regulations and seek to provide an illustrative list of practices which will be considered as a dark pattern practice. The operation of dark patterns must be tested based on facts and the regulations under the Act.

The dark patterns which are specified in the Guidelines are specifically prohibited. We have set forth below an extract of these dark patterns from the Guidelines.

• False urgency: This involves the act of dishonestly suggesting a state of urgency or scarcity to deceive a user into making an immediate purchase or taking prompt actions that result in a purchase.
• Basket sneaking: This is the practice of adding extra items like products, services, or charitable donations during the checkout process on a platform after a purchase, without obtaining the user's consent. It's important to note that this excludes essential fees required for order completion and taxes, which are clearly disclosed to the user at the time of purchase.
• Confirm shaming: This involves employing language, videos, audio, or similar methods to instil feelings of fear, shame, ridicule, or guilt in the user, with the intention of influencing them to buy a product or service from a platform. An example would be using ridicule or shame to encourage a user to contribute to charity.
• Forced action: This refers to the act of compelling a user to purchase an extra product, subscribe, or register for an unrelated service, or to share personal information.
• Subscription trap: This involves implementing tactics that render the cancellation of a paid subscription either extremely difficult or complicated. Such practices include hiding the cancellation option for a subscription, forcing users to furnish payment details or authorize automatic debits to access a free subscription.
• Interface interference: This involves implementing a design element to manipulate the user interface, emphasizing particular information while concealing other pertinent details.
• Bait and switch: This involves promoting a specific result tied to the user's actions but misleadingly presenting a different outcome. For example, a vendor advertises a high-quality product at an affordable price, but when the user is ready to make a purchase, the vendor marks the advertised product as unavailable and suggests a similar but more expensive alternative.
• Drip pricing: This is a practice whereby prices are either not disclosed upfront or are subtly revealed during the user experience, such as charging a higher amount than the initially displayed price at the checkout.
• Disguised advertisement: This refers to the strategy of disguising advertisements to appear as different types of content such as user-generated content, news articles, or deceptive ads. These ads are crafted to seamlessly blend into the overall interface, aiming to deceive users into clicking on them. The responsibility for clearly labeling such content as advertisements rests with the seller or advertiser.
• Nagging: This practice entails repeatedly and persistently bothering and inconveniencing a user with various interactions, including requests, information, options, or interruptions, in order to facilitate a transaction and achieve commercial benefits, unless explicitly authorized by the user.
• Trick question: This involves intentionally employing unclear or ambiguous language, such as confusing wording, double negatives, or similar tactics, to mislead or divert a user.
• SaaS billing: This type of deceptive tactic involves exploiting positive acquisition loops within recurring subscriptions in a SaaS business model to discreetly generate and collect payments from consumers on a recurring basis. For example, the user is not notified when the free trial is converted into a paid subscription.
• Rogue malwares: This involves employing ransomware or scareware to deceive users into thinking their computer has a virus, with the goal of persuading them to purchase a fraudulent malware removal tool. For example, a pirated website may offer free content but actually introduces embedded malware when the user clicks the link.

Next steps

Dark patterns have always been regulated by the Act. However, with the introduction of Guidelines specifically calling out certain dark patterns, focus is brought back on certain practices, and educating consumers of their rights.

The impact of these Guidelines will be substantial and will be felt more acutely for market participants in social commerce and larger e-commerce framework participants, fintech, SaaS, and subscription-based service providers.

It would be trite for the market participants to quickly put in place processes to ensure that they are not caught wrong-footed. While there is no general formula to set the table in order and each industry and business has different considerations, some key practices which can be considered across all market participants are set forth below:

• Review Existing Practices: Market participants should review their existing user interface, user experience interactions, and consumer facing practices to ensure that none of them could be construed as a dark pattern. These should be reviewed on a periodic basis.
• Training: Market participants should train staff and other ecosystem participants on the need to adhere to good practices and stay away from any practice which can be construed as a dark pattern.
• Consumer Focused Flows: Going forward, market participants should ensure best practices in educating consumers of their rights, making proper disclosures, and making offers and accepting consents fairly.
• Grievance Redressal: Consumers should be provided with the ability to reach out to market participants to communicate grievances. Once grievances are received, market participants should act promptly and keep consumers informed of the resolution process.
• Other Considerations: Terms and conditions and other consumer facing agreements should be reviewed to build safeguards for instances where third-party acts affect the service or products provided by platforms.

The regulatory framework introduced by the Guidelines is expected to reinforce an increased sense of accountability among market participants, specifically sellers and advertisers, thereby reshaping the landscape of consumer commerce, specifically in the digital space.

The content of this document do not necessarily reflect the views/position of Khaitan & Co but remain solely those of the author(s). For any further queries or follow up please contact Khaitan & Co at legalalerts@khaitanco.com