The Central Consumer Protection Authority (CCPA) has imposed penalties on PhysicsWallah Limited and McAfee Software India Private Limited for deploying dark patterns on their digital platforms that allegedly misled consumers and influenced their decision-making.
According to the Ministry of Consumer Affairs, PhysicsWallah has been fined ₹5 lakh, while McAfee has been penalised ₹1 lakh. Both companies have also been directed to discontinue such practices and ensure that consumers are able to make informed choices without pressure or manipulation.
The action has been taken under the Consumer Protection Act, 2019, the Consumer Protection (E-Commerce) Rules, 2020, and the Guidelines for Prevention and Regulation of Dark Patterns, 2023.
In the case of PhysicsWallah, the CCPA found that a ₹10 donation to the PW Foundation was automatically selected and added to the payable amount during checkout without explicit consumer consent. The authority also observed that users were shown emotional messages related to children’s education, healthcare and marriages that encouraged them to retain the donation option.
The regulator further noted that courses advertised as “free” required users to provide personal information such as mobile numbers and email addresses before access was granted. According to the authority, the content remained identical across user accounts, indicating that mandatory data collection was not necessary for accessing the courses.
The CCPA identified these practices as instances of “basket sneaking”, “confirm shaming” and “forced action” under the Dark Patterns Guidelines. It held that consumer consent cannot be presumed through pre-selected options and must be obtained through a clear and affirmative action.
The authority also expressed concern that a large section of the platform’s users are students, including minors, making such practices particularly problematic from a consumer protection perspective.
In a separate order, the CCPA found McAfee’s subscription renewal interface to be misleading. The company reportedly displayed options such as “Renew Now” and “Accept Risk”, which the regulator said could create fear among consumers by suggesting that non-renewal would expose them to cybersecurity threats.
The authority observed that the interface gave greater prominence to the renewal option and did not provide a neutral alternative, thereby influencing consumer decisions. It classified the practice under multiple dark pattern categories, including confirm shaming, interface interference, trick questions and forced action.
The CCPA stated that consumers should be able to make subscription decisions freely and without fear-based messaging or manipulative design elements.
The authority directed McAfee to remove such practices from its website, application and other digital interfaces and ensure compliance with consumer protection norms.
The action forms part of CCPA’s broader efforts to curb dark patterns in the digital marketplace. The Guidelines for Prevention and Regulation of Dark Patterns, notified in November 2023, identify 13 manipulative online practices that are considered unfair trade practices.
The regulator noted that it had earlier issued an advisory to e-commerce companies and digital platforms, asking them to conduct self-audits and eliminate dark patterns from their interfaces.
The latest orders, the authority said, reaffirm its commitment to ensuring that consumer consent remains explicit, informed and free from deceptive or manipulative practices.
