Have you ever experienced the frustration of being charged for purchases you never intended to make while browsing online? If so, you're not alone. US regulators are zeroing in on these deceptive tactics, known as dark patterns, and cracking down on companies that employ them. The term “dark pattern,” coined in 2010 by user design specialist Harry Brignull, describes design practices of online platforms that trick or manipulate users into making choices they would not otherwise have made. 

In recent years, the Federal Trade Commission (FTC) has intensified its enforcement efforts against dark patterns. The FTC considers dark patterns "unfair or deceptive" business practices under Section 5 of the Federal Trade Commission (FTC) Act. In 2022, the FTC published a detailed report named “Bringing Dark Patterns to Light,” confirming that dark patterns are “squarely on the FTC’s radar.” The report examines the ways user interfaces can obscure or hinder consumer autonomy in decision-making. The report highlights four main categories of dark patterns: 

  1. Design features that create false beliefs, like countdown timers falsely implying limited-time offers. 
  2. Design elements that conceal important information, such as burying crucial product limitations within lengthy Terms of Service documents. 
  3. Design features leading to unauthorized charges, such as children's gaming apps disguising in-app purchases as gameplay, resulting in substantial charges without parental consent. 
  4. Design elements that obscure or manipulate privacy choices, such as not providing clear options to reject data collection and emphasizing choices that lead to more information gathering while downplaying those that limit such practices. 

In addition to attention from the FTC, several states have implemented their own measures to curb the use of dark patterns. Currently, three of five US state privacy laws explicitly call out dark patterns. The California Privacy Rights Act (CPRA), the Colorado Privacy Act (CPA), and the Connecticut Data Privacy Act, all exclude agreements obtained through dark patterns from the definition of valid consent. Failure to comply with these regulations carries severe penalties. These penalties, which can amount to up to $7,500 per violation in California, $5,000 in Connecticut, and $20,000 per violation in Colorado, highlight the severe consequences that businesses face for disregarding consumer protection laws. 

However, despite regulatory efforts, enforcement cases continue to highlight the pervasive nature of dark patterns on online platforms. For example, in a 2023 settlement related to the use of dark patterns, the FTC ordered Epic Games, the maker of the popular video game Fortnite, to refund $245 million to customers. According to the FTC, the design layout of Fortnite - characterized by counterintuitive, inconsistent, and confusing button placements - facilitated inadvertent charges with a single button press. On the other hand, Epic strategically relocated and minimized the "cancel purchase" button, and intentionally designed a lengthy process for consumers to navigate when requesting refunds through the Fortnite app. Additionally, the company facilitated easy purchase processes for under-aged players, bypassing the need for parental approval. The $245 million refund payment imposed on Epic underscores the regulatory consequences for companies found guilty of employing dark patterns.

Looking ahead, businesses can expect heightened regulatory focus on dark patterns. For businesses operating in the digital sphere, understanding the regulatory landscape surrounding dark patterns is paramount. To safeguard both themselves and their customers, businesses can consider prioritizing the following strategies: presenting information transparently and ethically to customers, ensuring important terms are easily accessible and prominently displayed upfront rather than buried in lengthy agreements, obtaining clear and explicit consent from users when necessary, and always obtaining express permission from the account holder before initiating any charges.