Regulating Dark Patterns in E-Commerce: Consumer Protection Act Framework, 2025 Rules, and Judicial Oversight

ABSTRACT 

The ever-growing digital economy has shifted the market from the real world of physical storefronts to complex user interfaces. With this increased growth, the phenomenon of “Dark Patterns” misleading UI/UX designs to circumvent consumer autonomy has also evolved. This paper discusses the legal framework created through the Consumer Protection Act of 2019 and “Guidelines for Prevention and Regulation of Dark Patterns, 2023,” as expanded through the June 2025 CCPA Advisory. It touches upon the 13 “illegal practices in Dark Patterns, from False Urgency to SaaS Billing, and deciphers the 2025 directive on e-commerce self-analysis. It also underscores the efforts of the Central Consumer Protection Authority (CCPA) to apply these guidelines through “Digital Justice.” The eventual argument of this paper underscores the effectiveness of this legal infrastructure in promoting ethical UI/UX to make way for the “right to informed choice” of the contemporary consumer.

Keywords: Dark Patterns, CCPA 2025 Advisory, Consumer Protection Act 2019, E-commerce Scams, Digital Justice, UI/UX Ethics.

INTRODUCTION

The new consumer reality is not one where the quality of the product defines it, but where it is increasingly defined by integrity in digital markets that precede it. As India’s e-commerce market experiences unprecedented levels of growth, it seems that it is not just the “user interface” (UI) that has emerged as the interface between seller and consumer, but that this interface is often deceived through ‘Dark Patterns’ that utilize human cognitive biases to deceive or manipulate users into making decisions they never meant to make.

As a reaction to these mounting digital scams, the Central Consumer Protection Authority (CCPA) issued the Guidelines for Prevention and Regulation of Dark Patterns, 2023, using the authority vested by Section 18 of the Consumer Protection Act, 2019. As of 2025, it can be said that this legal environment has developed to a great extent. As of June 5, 2025, a historic advisory was given by the CCPA to strengthen such legal environments, making it mandatory for all e-commerce websites to perform a “self-audit” to remove these dark patterns. This heralds a new era from a reactive legal system to a proactive “Privacy by Design” cum “Ethics by Design” regulatory system.

THE STATUTORY FRAMEWORK AND THE 2025 MANDATE

The principal protection provided against cyber manipulation is the Consumer Protection Act, 2019 (“CPA”). Under Section 2(47), an act of deception that affects a consumer’s decision is defined as an “Unfair Trade Practice.” The 2023 Guidelines offered the first naming convention for unfair practices, and the CCPA Advisory of June 2025 supplied much-needed bite to enforce this convention.

The 2025 Self-Audit Requirement: In line with the directive issued in June 2025, a three-month deadline was provided to all online platforms, including marketplace e-commerce businesses, sellers, and advertisers, expiring September 2025, to:

1. Conduct internal audits of their UI/UX journeys.
2. Identify any elements that mislead users or subvert autonomy.
3. Submit voluntary self-declarations of compliance with the Ministry of Consumer Affairs.

However, the above mandate bars the platforms from feigning ignorance about the deceptive character of their algorithms or interface designs.

CLASSIFICATION OF PROHIBITED DARK PATTER

The CCPA has formalized 13 different dark patterns that are illegal on Indian online platforms. These categories are used as a ‘Twin Test’ to ensure that a pattern is legal; that is, if the pattern undermines autonomy and results in an unintended commercial act.

1. False Urgency – Creating a false impression of urgency, such as “Only 2 rooms left!”
2. Basket Sneaking: The action of automatically adding products, for example, the insurance or “BookASmile” donations, to the basket without the consumer’s clear consent.
3. Confirm Shaming: Employing guilt-trip phrases such as ‘No, I will stay unsecured’ or ‘I hate saving money’ to encourage customers to pay for services.
4. Forced Action: Forcing a user to register for another, irrelevant service or willingly share personal information to complete a straightforward transaction.
5. Subscription Trap: This involves intentionally making it hard to cancel the subscription or even concealing the “cancel subscription” button.
6. Interface Interference: Designing an interface that deceives the user, like designing “Decline” with less visual prominence than “Accept”.
7. Bait and Switch: Offering a low-cost product but substituting a different product, possibly higher in cost, after the consumer activates the purchase.
8. Drip Pricing: This is where the final price is hidden through the addition of hidden or mandatory costs such as handling or convenience fees, which are added towards the end of the payment process.
9. Disguised Advertisement: Hiding advertisements behind the appearance of user-submitted content or published news articles.
10. Nagging: This type of marketing through the internet involves the pop-ups that are often seen on the webpage and are irrelevant. This type of marketing can have detrimental effects on businesses.
11. Trick Question: Using puzzling or double-negative wordage to deceive the test taker into answering a question in a certain way.
12. SaaS Billing: Leveraging the features available in SaaS billing, such as upgrading a customer from the trial period directly to pay without notifying him/her.
13. Rogue Malware: Deceptively tricking individuals into installing malicious programs that claim to be viral removal tools.

“DIGITAL JUSTICE” AND THE ENFORCEMENT

It has been noticed that the CCPA is ready to impose severe penalties for non-compliance. By late 2025, more than 450 class action notices have been issued, with penalties above ₹2.13 crores.

A few of the examples include 

1. IndiGo & BookMyShow (2024-2025): These apps were alleged of “Basket Sneaking” (automatic contributions) and “Interface Interference” (“Skip” button to book paid seats).
2. “John Doe” Approach to Online Scams: This approach to orders is traditionally recognized in IP law, but it is gaining popularity as it relates to anonymous URLs for scams as identified by the Joint Working Group on Dark Patterns.
3. The theme of National Consumer Day, 2025, “Efficient and Speedy Disposal through Digital Justice,” signifies the growing reliance of the government on “the e-Jagriti portal and Jagriti Dashboard for handling real-time complaints.”

CONSUMER RIGHTS AND REDRESSAL FORUMS 

Under this, consumers are not passive victims. Your rights include: Right to Consent: All subscription or data collection has to be explicitly positive and unequivocal. Pre-ticked boxes are no longer legal. Real-Time Reporting: The ‘Jago Grahak Jago’ and ‘Jagriti’ apps allow users to report deceptive URLs or designs to the CCPA directly. Privacy Intersection: Tricking a consumer into ‘consent’ by way of a “dark pattern” under the provisions of the Digital Personal Data Protection Act, 2023, will be held not only an offense under consumer law but also constitute a breach of data that could result in fines that go up to ₹50 crore. 

CONCLUSION 

This rule signifies an important development of Indian consumer law that operates beyond the caveat emptor (buyer beware) doctrine to embody “platform accountability” norms. With its 13 unfair practices and self-assessment provisions, CCPA has ensured that the online world operates within a just, ethical, and consumer-friendly domain that is fair and just to all alike. As new technologies such as “Generative AI” continue to progress and develop, all laws must continue to grow and develop to recognize that the virtual interface is not just an instrument of trade but where “the right to informed consent” is an absolute right that is never compromised.

“PRIME LEGAL is a full-service law firm that has won a National Award and has more than 20 years of experience in an array of sectors and practice areas. Prime legal falls into the category of best law firm, best lawyer, best family lawyer, best divorce lawyer, best divorce law firm, best criminal lawyer, best criminal law firm, best consumer lawyer, best civil lawyer.”

WRITTEN BY: SHARANYA M