The Central Consumer Protection Authority (CCPA) has taken action against PhysicsWallah Limited and McAfee Software India Private Limited for using dark pattern practices that influenced consumer choices on their digital platforms. PhysicsWallah has been fined Rs 5 lakh, while McAfee has been fined Rs 1 lakh.
The authority has also directed both companies to remove such practices and ensure that consumers can make informed decisions without pressure or manipulation.
The action was taken under the Consumer Protection Act, 2019, the Consumer Protection (E-Commerce) Rules, 2020, and the Guidelines for Prevention and Regulation of Dark Patterns, 2023.
The CCPA said the practices used by the companies affected consumers’ ability to make free and informed choices.
The authority took suo motu cognisance of certain practices on the PhysicsWallah platform and examined how users interacted with its services.
During the investigation, it found that a donation of Rs 10 to the PW Foundation was automatically selected during the checkout process and added to the final payment amount without the consumer’s explicit consent.
Users were also shown emotional messages related to children’s education, healthcare and marriages that encouraged them to keep the donation selected.
The CCPA further found that courses advertised as “free” could only be accessed after users provided personal information such as their mobile number and email address.
According to the authority’s examination, the content offered remained the same across different user accounts, indicating that collecting personal data was not necessary for access to the courses.
The CCPA said these practices amounted to several dark patterns identified under the 2023 guidelines.
The automatic addition of the donation during checkout was categorised as Basket Sneaking. The emotional messages encouraging users not to remove the donation were identified as Confirm Shaming. Requiring users to share personal information before accessing courses advertised as free was classified as Forced Action.
The authority observed that consumer consent cannot be presumed through pre-selected options and must be obtained through a clear and affirmative action.
It also noted that advertising courses as free without clearly informing users about mandatory registration and data-sharing requirements was misleading.
The CCPA said these practices amounted to unfair trade practices and interfered with consumers’ ability to make informed decisions. It added that since a large number of users on the platform are students, including minors, the matter raised serious consumer protection concerns.
McAfee Software India Private Limited has been directed to ensure that no dark patterns are used on its platform, website, application or any other digital interface.
The company has also been asked to pay a penalty of Rs 1 lakh.
The Guidelines for Prevention and Regulation of Dark Patterns, 2023, were notified by the CCPA on November 30, 2023 following consultations with stakeholders.
The guidelines identify 13 dark patterns that are considered unfair trade practices, including Basket Sneaking, Confirm Shaming, Forced Action, Interface Interference and Trick Questions.
To strengthen compliance, the CCPA issued an advisory on June 5, 2025 asking e-commerce companies and digital platforms to conduct self-audits and remove dark patterns from their interfaces.
The latest orders highlight the authority’s continued focus on creating a fair, transparent and consumer-friendly digital marketplace. The CCPA has reiterated that consumer consent must always be explicit, informed and free from manipulative design practices.