The Central Consumer Protection Authority (CCPA) has imposed fines on PhysicsWallah and McAfee for deploying dark patterns on their digital platforms. PhysicsWallah was fined Rs 5 lakh, while McAfee Software India was penalized Rs 1 lakh for practices that hindered consumers' ability to make free and informed choices. The action was taken under the Consumer Protection Act, 2019, the Consumer Protection (E-Commerce) Rules, 2020, and the Guidelines for Prevention and Regulation of Dark Patterns, 2023. The CCPA, led by Chief Commissioner Smt. Nidhi Khare and Commissioner Shri Anupam Mishra, identified multiple violations in both cases.
PhysicsWallah Violations
In the case of PhysicsWallah, the CCPA took suo motu cognizance and found three specific violations. First, a Rs 10 donation to the PW Foundation was automatically pre-selected during checkout without obtaining explicit consent from users. This practice was categorized as 'Basket Sneaking.' Second, emotional messages related to children's education, healthcare, and marriages were used to discourage users from removing the donation, a tactic identified as 'Confirm Shaming.' Third, courses advertised as 'free' could only be accessed after users shared personal details such as mobile numbers and email addresses. However, the CCPA found that the content remained identical across all accounts, making the mandatory data collection unnecessary. This was classified as 'Forced Action.'
The CCPA observed that consumer consent cannot be assumed through pre-selected options and must always be obtained through clear and affirmative action. It also noted that advertising courses as 'free' without disclosing mandatory registration requirements was misleading. Given that a large number of PhysicsWallah users are students, including minors, the Authority flagged serious consumer protection concerns. PhysicsWallah was found to have violated Section 2(9), 2(28), and 2(47) of the Consumer Protection Act, along with relevant e-commerce rules and the Dark Patterns Guidelines.
McAfee Violations
McAfee Software India was penalized for its subscription renewal interface. Users were presented with two prominent options: 'Renew Now' and 'Accept Risk.' The latter suggested potential cybersecurity threats if the user chose not to renew. The CCPA stated that this design created undue pressure on consumers to continue their subscriptions, employing tactics such as 'Confirm Shaming,' 'Interface Interference,' 'Trick Question,' and 'Forced Action.' The Authority emphasized that consumers should be able to decide freely without fear-based messaging. McAfee was found to have violated provisions related to misleading advertisements and unfair trade practices under the Act and e-commerce rules.
CCPA Guidelines and Advisory
The CCPA reiterated that its Guidelines, notified on November 30, 2023, identify 13 dark patterns as unfair trade practices. Additionally, an advisory was issued on June 5, 2025, urging e-commerce platforms to conduct self-audits and remove such manipulative designs. The Authority stressed that consumer consent must always be explicit, informed, and free from any manipulative practices. These actions underscore the CCPA's commitment to protecting consumer rights in the digital space.
