The Central Consumer Protection Authority (CCPA) has imposed INR 5 lakh fine on edtech giant PhysicsWallah and INR 1 lakh on computer security software company McAfee Software India for using ‘dark pattern’ practices on their digital platforms. The order says both companies must remove the practices and ensure consumer consent is explicit and informed.
The Guidelines for Prevention and Regulation of Dark Patterns, 2023, were notified by CCPA in November, 2023. The guidelines identify 13 dark patterns that are considered unfair trade practices. CCPA also issued an advisory in June 2025 asking e-commerce companies and digital platforms to conduct self-audits and remove dark patterns from their interfaces.
The dark patterns identified on the PhysicsWallah platform included basket sneaking, confirm shaming, and forced action. On McAfee’s platform, the dark patterns identified by CCPA included confirm shaming, interface interference, trick question, and forced action.
CCPA took suo motu cognizance of certain practices on the PhysicsWallah platform and found that consumers were being influenced through interface designs that affected their ability to make free and informed choices.
CCPA found that on PhysicsWallah Platform, a donation of INR 10 to the PW Foundation was automatically selected during checkout and added to the total payable amount without the consumer’s explicit consent.
The consumer watchdog found that consumers were shown emotional messages related to children’s education, healthcare and marriages, encouraging them to keep the donation selected. CCPA also found that courses advertised as “free” could only be accessed after users shared personal information such as their mobile number and email address.
CCPA’s examination found that the content offered remained the same across user accounts, indicating that mandatory data collection was not essential for accessing the courses.
“CCPA notes that the practices under examination were deployed through a large-scale digital educational platform catering substantially to students, including minors and young consumers who constitute a particularly vulnerable class in digital environments. Manipulative interface practices deployed within educational services possess heightened potential to impair informed decision-making, particularly where consumers may lack the maturity, experience or bargaining capacity necessary to identify and resist such digital manipulations,” noted CCPA.
McAfee’s subscription-renewal screen was found to present “Renew Now” and “Accept Risk” as the main choices, which CCPA said made non-renewal look unsafe and pressured consumers into renewing.
CCPA found that the renewal interface used deceptive practices that could influence consumer decisions and amount to unfair trade practices.
“CCPA observes that there is no material on record or guarantee from the opposite party that failure to renew its subscription service would necessarily result in compromise of the consumer’s device or exposure to cyber threats,” said CCPA.
“Equally, the opposite party cannot guarantee that usage of its antivirus software would completely eliminate all risks relating to viruses, malware or other cybersecurity vulnerabilities. The impugned expression therefore created an exaggerated and misleading impression regarding the usefulness and need of the opposite party’s services by portraying non-renewal itself as acceptance of danger or insecurity,” CCPA noted further.
The action has been taken under the Consumer Protection Act, 2019, the Consumer Protection (E-Commerce) Rules, 2020, and the Guidelines for Prevention and Regulation of Dark Patterns, 2023.
