Dark Patterns in Digital Contracts: When “Choice” Is Designed to Fail

Even though the underlying user interface is carefully designed to prevent individuals from contemplating it, digital contract law nonetheless treats a single click on “I agree” as an expression of free will and a student findings conducted by prominent journals indicates that dark patterns interface conceptions that deliberately take advantage of cognitive biases increase opt-in rates for questionable applications by three to four times, implies that the “consent” provided in numerous digital contracts is statistically unrelated from coerced acceptance, Hence, the primary question is not whether dark patterns are undesirable, but whether contract and consumer law continues to consider this kind of fraudulent choice as legally valid without rendered its own rhetoric about autonomy meaningless.1 

Dark Patterns as Structural Vitiation of Consent: Q1 research on dark patterns pertains to a straightforward nevertheless shocking conclusion: while companies utilize A/B testing to improve user experiences, they often find and use concepts that lead consumers to consequences which are more beneficial for the company but less favorable for the consumer, however, Luguri and Strahilevitz’s Journal of Legal Analysis experiments indicate that “violent” dark patterns might have individuals sign up for an aid that doesn’t match worth much, even though they are free instead of saying not to participate.2 In theoretical terms, both of these types of actions violate the basic criteria for substantial endorsement, independent will, understanding, and the ability to modify one’s mind where a privacy law assessment demonstrates that deceptive design erodes “ongoing consent” by rendering cancellation virtually impractical or excessively burdensome in terms of effort and duration, however, Brenncke’s exploitation thesis in the Journal of Consumer Policy posits that digital default settings and pre-ticked boxes should be perceived as systematic exploitation of strictly rational customers rather than as neutral “options”.3 Consent requires an explicit affirmative action, while dark patterns create momentum through silence, inaction, or clicks that go in the wrong direction, all of which are collected as a legally binding “agreement”.4 At that point, the word “choice” in digital contracts works less as a description and more as a way to make extraction seem legal.5 

Fragmented but Converging Regulatory Baselines: The US Federal Trade Commission Act § 5 states that “unfair or deceptive acts or practices in or affecting commerce” are not allowed, giving the FTC the power to go after user interface manipulation as unfair or deceptive. The requirement has not always been followed, though, and dark patterns have been allowed to be seen as a business model rather than a design likely to be illegal.6 Article 4(11) and Article 7 of the GDPR in the EU portrait that consent must be “freely given, specific, informed, and unambiguous,” which means that there must be an explicit affirmative action and The Unfair Commercial tactics Directive 2005/29/EC forbids business tactics that change the way most people spend their money in a big way at the same time, where as, Article 25 of the Digital Services Act now clearly makes it illegal to utilize web interface designs that trick or manipulate consumers or make it hard for them to make free and informed choices, are almost a direct copy of the dark patterns critique.7 India has put in place an ambitious framework, but it doesn’t seem to be being implemented very well, section 2(47) of the Consumer Protection Act 2019 asserts that “unfair trade practice” includes deceptive tactics and misleading claims, section 2(46) defines “unfair contract”, Sections 49(2) and 59(2) provide consumer forums with the right to declare unfair terms null and void and The Central Consumer Protection Authority’s Guidelines for Prevention and Regulation of Dark Patterns 2023, developed under section 18 of the CPA, bans 13 patterns across all digital platforms, including basket sneaking, subscription traps, and confirm shaming, Consequently, on paper, the law indicates that dark patterns don’t work, but in fact, it still accepts the contracts they make. The clearest example of this doctrinal contradiction is in case law and its enforcement.8 

How “Choice” Fails in Practice: FTC vs. Amazon.com, Inc. (Signing up for and cancelling Prime) The FTC’s 2023 lawsuit against Amazon alleges that the company used “manipulative, coercive, or deceptive” dark patterns in the Prime sign-up process to trick people into automatically renewing their subscriptions, company also buried the cancellation process behind multi-step “Iliad” flows meant to wear people out, Even though the law prohibits deceptive practices, the fact that millions of people signed up and were charged for years before decisive action was taken shows that US law allows long-term contractual extraction as long as each user clicked a nominal “agree” somewhere in a complex interface.9 FTC vs. Epic Games, Inc. (microtransactions in Fortnite) The Epic Games settlement, which included more than $245 million in refunds and a COPPA penalty, found that Fortnite’s interface used dark patterns like single-button purchase triggers in non-purchase contexts, a confusing layout, and blocked cancellation to trick people, including kids, into making purchases they didn’t mean to, Again, contract law’s silence speaks volumes: purchases made through fraudulent methods were considered binding until public law enforcement changed its minds and called them “unwanted charges.”10 CJEU, Planet49 GmbH (C-673/17) The CJEU ruled in Planet49 that pre-ticked checkboxes for cookie consent are not legitimate consent under EU data protection law, and it further made it clear that only active behaviour qualifies as an “unambiguous indication” of wants, and from a digital contract standpoint, any agreement formulated via default opt-ins should be considered presumptively void; yet, the majority of click-wrap contracts continue to utilise structurally analogous pre-selection and bundling techniques for supplementary services.11 CJEU, Meta Platforms Inc. v. Bundeskartellamt (C-252/21), where the Court ruled in 2023 that Meta can’t require people to agree to substantial cross-site tracking to use key social networking services and also pointed out that “take-it-or-leave-it” data-processing packages are not compatible with genuine free consent, and therefore the decision shows how consent-or-pay and consent-or-quit models in digital contracts leverage dependency and network effects to make people feel they must say “yes” even when they are not inclined to.12 German Courts Decide About Cookie Walls. German courts have thrown out cookie banners that use misleading design, such as large “accept all” buttons, hidden “reject” options, and designs that push users into constant surveillance, instances show that judges typically find the stated “choice” to be an illusion when they examine interface design rather than abstract consent terms, However, this kind of analysis is still rare.13 Central Inland Water Transport Corp. v. Brojo Nath Ganguly where The Indian Supreme Court noted that unfair, one-sided employment arrangements are invalid because they violate Article 14 and the principle of fundamental justice and the court also said that contracts imposed on weaker parties without real bargaining power cannot be enforced, If that reasoning were used consistently, many digital standard-form contracts that customers accept through deceptive flows without any other actual options would also fail as unfair contracts under the CPA 2019, However, this kind of reasoning is not often used in modern courts for online interfaces.14 Uber Chandigarh in India: Case of Overcharging (DCDRC) The Chandigarh District Consumer Commission found Uber guilty of unfair trade practices after a customer was charged far more than the agreed-upon fee for an 8.83-kilometre ride, which was based on the fact that the price was not honoured at the time of booking where the order doesn’t use the exact words “dark patterns”, still, the platform’s fluctuating, ambiguous pricing and last-minute fare rises all point to the same fundamental problem: interfaces that make it appear like the terms of the contract are set in stone yet let the platform change them whenever it wants through algorithms.15 CCPA Enforcement Against E-commerce Sites Like IndiGo and BookMyShow The CCPA’s 2025 advisory telling all e-commerce platforms to self-audit and get rid of dark patterns, as well as its specific actions against platforms like IndiGo and BookMyShow, show that manipulating interfaces like false urgency, basket sneaking, and drip pricing is now seen as an unfair trade practice, however these steps mainly depend on people voluntarily saying that there are “zero dark patterns,” which is a form of compliance theatre that doesn’t change the basic rules of contracts.16 There is a pattern that runs through these ten examples: regulators and courts sometimes condemn certain types of dark patterns, but contract law still makes the resulting digital agreements binding. This means that consent given through dark patterns is not void ab initio, but can be fixed with ex post remedies. 

Critical Assessment, Why Current Law Normalises Designed Failure: First, contemporary regimes subscribe to a formalist interpretation of consent that is inherently detached from empirical data, constantly changing the interface, which changes decisions, but not the preferences that led to those choices. Doctrines don’t often use these results to determine whether someone acted voluntarily or misrepresented. Institutionalised epistemic blindness transpires when a click, induced by optimised friction, visual salience, and misleading defaults, is regarded as tantamount to deliberative consent.17 Second, regulation is broken up into different parts. There is no single “law of manipulative choice architecture” that covers all digital contracts. Data protection, consumer protection, and competition authorities each address parts of the issue, such as compelled consent, unfair business practices, and exploitative dominance. This fragmentation helps platforms capitalise on the distinctions between regimes. For example, they utilise compliance with formal GDPR authorisation requirements to avoid scrutiny under consumer law, and they use individual consumer law cases to avoid dealing with systemic surveillance.18 Third, enforcement is both flexible and personalised for each person. Years after the contentious practices became prevalent, Amazon and Epic negotiated high-profile settlements. Billions of transactions were processed during that time through interfaces that are now considered misleading. Usually, remedies primarily include reimbursements and forward-looking interface adjustments. Still, they virtually never involve going back to examine the basic assumption that these were contracts in the first place, rather than artefacts of manipulation.19 Fourth, the present textiles do not adequately theorise exploitation. Brenncke, Yi, and others say that dark patterns aren’t just “information poverty.” Instead, they are planned ways to find drug users who are weak or don’t have much time by using restricted rationality, dependence, and social pressure. But courts generally fail to use terms such as “unconscionability,” “undue influence,” or “abuse of rights” in digital settings. Instead, they use the safer term “lack of translucency,” which preserves the core principles of contract law.20 Lastly, Indian regulatory changes are ambitious in their aims but also very basic. The Dark Pattern Guidelines and later warnings state that no platform “shall engage in any dark pattern,” but leave it to platforms to identify and fix these problems themselves, with only occasional enforcement, asks the same people who made dark patterns to assert they’ve gotten rid of them, with little chance of independent verification.21 

Towards a Non-Manipulative Law of Digital Contracting: Hypotheses of incorrectness for patterns that are high-risk. If a user interface includes known dark patterns, such as pre-ticked opt-ins, mismatched buttons, hard-to-find cancellation, or countdown timers, there should be a rebuttable presumption that the consent is not genuine and that any resulting contractual obligations may not be enforceable.22 -epic-games-used-digital-dark-patterns-charge> accessed 2 February 2026. 

Putting the focus back on the ideas of unfair contracts and unconscionability. The Indian rules on unfair contracts and the Supreme Court’s decisions on unconscionability provide a clear example: conditions that are unfair because they result from one-sided bargaining should be struck down, even if the opposing party agreed, it is possible to interpret EU consumer law and the UCPD similarly, treating manipulative choice architecture as intrinsically “contrary to professional diligence” and as substantially influencing behaviour.23 Changing the burden of proof to the platforms. Since they are the only ones who may run A/B tests and collect interface telemetry, platforms should have to prove that their contracting procedures allow people to refuse conditions that are just as important and require just as much effort as accepting them. Not revealing such facts should lead to an assumption of manipulative design.24 Putting dark-pattern audits into the validity of contracts. Instead of treating dark-pattern audits as just a way to follow the rules under competition or consumer law, lawmakers may make standard-form digital contracts enforceable only if there are no forbidden patterns, as in consumer credit legislation. Recognising injury that affects a group, not just one person. Dark patterns can hurt each user a little, but they can adversely impact the whole market significantly and change it in a substantial way. Because of this, contract law should render collective remedies and representative actions the default reaction.25 

Conclusion: Dark patterns in digital contracts are not minor issues; instead, they are how many parts of the platform economy operate. Legal institutions continue to treat clicks generated by dark patterns as “consent,” which is a lie that takes away people’s freedom while allowing big companies to take advantage of them in the name of choice.26 The new rules in the EU, US, and India DSA Article 25, FTC enforcement, and the Indian Dark Pattern Guidelines are essential, but they remain the same; the basic structure of contract law. Instead, they treat manipulation as an exception rather than as a typical result of trying to make the most money.27 Fortunately, in digital contracting, to maintain normative validity, “choice” must not be synonymous with any pathway to “I agree” that an interface can technically document. A valid legal framework for digital contracts must recognise deliberately planned denial as a failure of consent. In doctrinally effective language, it must admit that many modern standard-form digital agreements were never actual contracts.28 

Bibliography: 

1. Legislation 

• Constitution of India (adopted 26 November 1949, entered into force 26 January 1950). and avoid them’ (n 22). 
• Consumer Protection Act 2019 (India). 
• Federal Trade Commission Act 1914, 15 USC §§ 41–58 (UnitedStates). •Directive 2005/29/EC of the European Parliament and of the Council of 11 May 2005 concerning unfair business-to-consumer commercial practices in the internal market (Unfair Commercial Practices Directive). 
• Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data (General Data Protection Regulation). 
• Regulation (EU) 2022/2065 of the European Parliament and of the Council of 19 October 2022 on a Single Market for Digital Services (Digital Services Act). 

2. Cases and administrative decisions 

• Amazon.com, Inc (ROSCA), FTC v (Federal Trade Commission administrative complaint No 2123050, 2023). 
• Central Inland Water Transport Corporation Ltd v Brojo Nath Ganguly (1986) 3 SCC 156 (AIR 1986 SC 1571) (India). 
• Uber India Systems Pvt Ltd v Mohit Bansal First Appeal No 743 of 2022 (State Consumer Disputes Redressal Commission, Punjab, 4 June 2024). 

3. Official guidelines, policy documents and reports 

• Board of Governors of the Federal Reserve System, Federal Trade Commission Act, Section 5 (Supervision and Regulation Manual, June 2008). 
• Central Consumer Protection Authority, Guidelines for Prevention and Regulation of Dark Patterns (2023). 
• European Data Protection Board, Guidelines 05/2020 on consent under Regulation 2016/679 (Version 1.1, 4 May 2020). 
• European Data Protection Board, Guidelines 03/2022 on deceptive design patterns in social media platform interfaces (Version 2.0, 14 February 2023). 
• Busch C and Fletcher A, Harmful Online Choice Architecture (CERRE Final Report, May 2024).
• Digital Regulation Cooperation Forum, Harmful Design in Digital Markets: How Online Choice Architecture Practices Can Undermine Consumer Choice and Control over Personal Information (Joint Position Paper, 2022). 
• Organisation for Economic Co-operation and Development, Dark Commercial Patterns (OECD Digital Economy Papers No 336, 2022). 

4. Journal articles and working papers 

• Brenncke M, ‘A Theory of Exploitation for Consumer Law: Online Choice Architectures, Dark Patterns, and Autonomy Violations’ (2024) 47 Journal of Consumer Policy 127. 
• Luguri J and Strahilevitz LJ, ‘Shining a Light on Dark Patterns’ (2021) 13(1) Journal of Legal Analysis 43. 
• Paul N, ‘Smokescreens of Digital Markets—Choice Manipulation and the Illusion of Consent’ (2025) 16(3) Journal of European Competition Law & Practice 208. •Santos C, Bielova N, Ahuja S, Utz C, Gray C and Mertens G, ‘Which Online Platforms and Dark Patterns Should Be Regulated under Article 25 of the DSA?’ (2024) SSRN working paper. 
• Tsesis A, ‘The Right to Erasure: Privacy, Data Brokers, and the Indefinite Retention of Data’ (2014) 49 Wake Forest Law Review 433. 
• Wiener J, ‘Deceptive Design and Ongoing Consent in Privacy Law’ (2021) 53(1) Ottawa Law Review 133. 
• Yi W and Li Z, ‘Mapping the Scholarship of Dark Pattern Regulation: A Systematic Review of Concepts, Regulatory Paradigms, and Solutions from Law and HCI Perspectives’ (2025) 59 Computer Law & Security Review 106225. 

5. Online doctrinal and practice commentary 

• Fair L, ‘$245 Million FTC Settlement Alleges Fortnite Owner Epic Games Used Digital Dark Patterns to Charge Players for Unwanted In-Game Purchases’ (FTC Business Blog, 19 December 2022). 
• Moore L, ‘Dark Patterns: Not a New Concept but Will Now Be Heavily Regulated’(William Fry Insights, February 2024). 
• Neeti Niyaman (Kaushiki and Astha Sehgal), ‘Dark Patterns in Digital Platforms: A Regulatory and Consumer Protection Perspective’ (Neeti Niyaman Blog). •Privacy World (Squire Patton Boggs), ‘The Planet49 Decision – Key Takeaways’ (Privacy World Blog). 
• Taxmann, ‘Consumer Protection Act 2019 – Overview, Provisions and Legal Framework’ (Taxmann Blog). 
• DLA Piper, ‘CJEU’s Landmark Decision in Meta vs Bundeskartellamt’ (DLA Piper Publications, 2023). 
• Syrenis, ‘German Cookie Consent and GTM: What You Need to Know’ (Syrenis Blog). 

6. Official and explanatory web resources 

• European Commission, General Data Protection Regulation (EU) 2016/679 – Consolidated Text and Materials. 
• European Commission / dedicated information portal, Digital Services Act – Article 25: Online Interface Design and Organisation. 
• Digital Fairness Act Project, ‘Unfair Commercial Practices Directive (UCPD) – Overview and Analysis’. 
• GDPR.eu, ‘What Are the GDPR Consent Requirements?’. 
• GDPR-info.eu, ‘Article 4 GDPR – Definitions’. 
• Federal Trade Commission, Federal Trade Commission Act (statutory overview page). 

7. News and media 

• Economic Times, ‘Big Relief for Consumers Suffering Loss Due to Dark Patterns; Government Asks E-commerce Sites to Eliminate Dark Patterns’ (The Economic Times, 11 June 2025). 
• Times of India, ‘CCPA Directs E-commerce Platforms for Self-audit Within 3 Months to Detect Dark Patterns’ (Times of India, 11 June 2025).
• Times of India Tech Desk, ‘Man Charged Rs 1,334 for 8.8 km Uber Ride, Goes to Consumer Court and Gets Rs 10,000 as Compensation’ (Times of India, 23 March 2024). 
• Reuters (D Shepardson), ‘US Judge Admonishes Amazon over Disclosures in FTC Lawsuit over Prime Service’ (Reuters, 10 July 2025). 
• Kelly M, ‘FTC Sues Amazon for Tricking Customers into Signing Up for Prime’ (The Verge, 21 June 2023). 
• Peters J, ‘Amazon Will Pay $2.5 Billion to Settle Deceptive Prime Signup Case’ (The Verge, 2025). 

8. Indian consumer and competition enforcement commentary •SCC Online Editorial, ‘Charging Extra Cab Fare over Actual Contracted Fare: Uber India’s Unfair Trade Practice’ (SCC Online Blog, 22 March 2024). •LiveLaw, ‘Chandigarh District Commission Holds Uber Liable for Charging Excess Fare beyond Contracted Amount’ (LiveLaw, 16 April 2024).

1 Jamie Luguri and Lior Jacob Strahilevitz, ‘Shining a light on dark patterns’ (2021) 13(1) Journal of Legal Analysis 43 <https://academic.oup.com/jla/article/13/1/43/6180579> accessed 2 February 2026; Naimy Paul, ‘Smokescreens of digital markets—choice manipulation and the illusion of consent’ (2025) 16(3) Journal of European Competition Law & Practice 208 <https://academic.oup.com/jeclap/article/16/3/208/8219139> accessed2 February 2026; Weiwei Yi and Zihao Li, ‘Mapping the scholarship of the regulation of dark patterns: A systematic review of concepts, regulatory paradigms, and solutions from law and HCI perspectives’ (2025) 59 Computer Law & Security Review 106225 <https://www.sciencedirect.com/science/article/pii/S2212473X25000975> accessed 2 February 2026.

2 M Brenncke, ‘A Theory of Exploitation for Consumer Law: Online Choice Architectures, Dark Patterns, and Autonomy Violations’ (2024) 47 Journal of Consumer Policy 127 <https://link.springer.com/article/10.1007/s10603-023-09554-7> accessed 2 February 2026; Jamie Luguri and Lior Jacob Strahilevitz, ‘Shining a Light on Dark Patterns’ (2021) 13 Journal of Legal Analysis 43 (n 1); Naimy Paul, ‘Smokescreens of Digital Markets—Choice Manipulation and the Illusion of Consent’ (2025) 16(3) Journal of European Competition Law & Practice 208 (n 1); Weiwei Yi and Zihao Li, ‘Mapping the Scholarship of the Regulation of Dark Patterns: A Systematic Review of Concepts, Regulatory Paradigms, and Solutions from Law and HCI Perspectives’ (2025) 59 Computer Law & Security Review 106225 (n 1). 

3 Jenna R Wiener, ‘Deceptive design and ongoing consent in privacy law’ (2021) SSRN Scholarly Paper, Social Science Research Network <https://papers.ssrn.com/sol3/papers.cfm?abstract_id=4006416> accessed 2 February 2026; European Data Protection Board, Guidelines 05/2020 on consent under Regulation 2016/679 (Version 1.1, 4 May 2020) <https://www.edpb.europa.eu/sites/default/files/files/file1/edpb_guidelines_202005_consent_en.pdf> accessed 2 February 2026; Martin Brenncke, ‘A Theory of Exploitation for Consumer Law: Online Choice Architectures, Dark Patterns, and Autonomy Violations’ (2024) 47 Journal of Consumer Policy 127 (n 2); Naimy Paul, ‘Smokescreens of digital markets—choice manipulation and the illusion of consent’ (2025) 16(3) Journal of European Competition Law & Practice 208 (n 1).

4 Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation) [2016] OJ L119/1, art 4, as consolidated in ‘Art. 4 GDPR – Definitions’ (GDPR-info.eu) <https://gdpr-info.eu/art-4-gdpr/> accessed 2 February 2026; European Data Protection Board, ‘Guidelines 05/2020 on consent under Regulation 2016/679’ (Version 1.1, 4 May 2020) (n 3); Squire Patton Boggs, ‘The Planet49 Decision: Key Takeaways’ (Privacy World, 1 October 2019) <https://www.privacyworld.blog/2019/10/the-planet49-decision-key-takeaways/> accessed 2 February 2026. 

5 Weiwei Yi and Zihao Li, ‘Mapping the scholarship of the regulation of dark patterns’ (n 1). 

6 Federal Trade Commission Act (15 USC §§ 41–58) § 5 (unfair methodsof competition and unfair or deceptive acts or practices), as codified in 15 USC § 45 <https://www.law.cornell.edu/uscode/text/15/45> accessed 2 February 2026; Board of Governors of the Federal Reserve System, ‘Section 5 of the Federal Trade Commission Act’ (Compliance Activities Manual, June 2008) <https://www.federalreserve.gov/boarddocs/supmanual/cch/200806/ftca.pdf> accessed 2 February 2026; Federal Trade Commission, ‘Federal Trade Commission Act’ <https://www.ftc.gov/legal-library/browse/statutes/federal-trade-commission-act> accessed 2 February 2026.

7 Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation) (GDPR) [2016] OJ L119/1 (n 4) arts 4(11), 7; European Data Protection Board, ‘Guidelines 05/2020 on consent under Regulation 2016/679’ (Version 1.1, 4 May 2020) (n 3); ‘What are the GDPR consent requirements?’ (GDPR.eu) <https://gdpr.eu/gdpr-consent-requirements/> accessed 2 February 2026; Directive 2005/29/EC of the European Parliament and of the Council of 11 May 2005 concerning unfair business-to-consumer commercial practices in the internal market [2005] OJ L149/22 <https://eur-lex.europa.eu/eli/dir/2005/29/oj/eng> accessed 2 February 2026; ‘Unfair Commercial Practices Directive (UCPD)’ (Digital Fairness Act) <https://digitalfairnessact.com/unfair-commercial-practices-directive-ucpd> accessed 2 February 2026; ‘Article 25, Online interface design and organisation – the Digital Services Act (DSA)’ (EU Digital Services Act) <https://www.eu-digital-services-act.com/Digital_Services_Act_Article_25.html> accessed 2 February 2026; Leo Moore, ‘Dark patterns: not a new concept but will now be heavily regulated’ (William Fry, 9 February 2024) <https://www.williamfry.com/knowledge/dark-patterns-not-a-new-concept-but-will-now-be-heavily-re gulated/> accessed 2 February 2026. 

8 Consumer Protection Act 2019 (India) ss 2(46), 2(47), 18, 49(2), 59(2); Central Consumer Protection Authority, ‘Guidelines for Prevention and Regulation of Dark Patterns, 2023’ <https://www.nls.ac.in/wp-content/uploads/2021/04/Dark-Patterns.pdf> accessed 2 February 2026.

9 Federal Trade Commission, ‘FTC takes action against Amazon for enrolling consumers in Amazon Prime without consent and sabotaging their attempts to cancel’ (Press Release, 21 June 2023) <https://www.ftc.gov/news-events/news/press-releases/2023/06/ftc-takes-action-against-amazon-enrolli ng-consumers-amazon-prime-without-consent-sabotaging-their> accessed 2 February 2026; Federal Trade Commission, ‘Amazon.com, Inc. (ROSCA), FTC v.’ (Case No 2123050) <https://www.ftc.gov/legal-library/browse/cases-proceedings/2123050-amazoncom-inc-rosca-ftc-v> accessed 2 February 2026. 

10 Federal Trade Commission, ‘FTC sends $126 million in refunds to Fortnite players who were charged for unwanted items, reopens claims process for some consumers’ (Press Release, 3 June 2025) <https://www.ftc.gov/news-events/news/press-releases/2025/06/ftc-sends-126-million-refunds-fortnite-p layers-who-were-charged-unwanted-items-reopens-claims> accessed 2 February 2026. 11 Squire Patton Boggs, ‘The Planet49 Decision: Key Takeaways’ (Privacy World, 1 October 2019) (n 4).

12 DLA Piper, ‘CJEU’s landmark decision in Meta vs Bundeskartellamt’ (DLA Piper Insights, 5 July 2023) <https://www.dlapiper.com/en/insights/publications/2023/07/cjeus-landmark-decision-in-meta-vs-bunde skartellamt> accessed 2 February 2026. 

13 Syrenis, ‘German cookie consent and GTM’ (Syrenis Blog, 28 September 2021) <https://syrenis.com/resources/blog/german-cookie-consent-and-gtm/> accessed 2 February 2026. 14 Constitution of India 1950, art 14; Consumer Protection Act 2019 (India) (n 8); Central Inland Water Transport Corporation Ltd v Brojo Nath Ganguly (1986) 3 SCC 156 (AIR 1986 SC 1571).

15 ‘Charging extra cab fare than actual contracted fare: Uber India’s unfair trade practice, holds DCDRC Chandigarh’ (SCC Online Blog, 22 March 2024) <https://www.scconline.com/blog/post/2024/03/22/charging-extra-cab-fare-actual-contracted-fare-uber-i ndia-unfair-trade-practice-dcdrc-legal-news/> accessed 2 February 2026; Uber India Systems Pvt Ltd v Mohit Bansal First Appeal No 743 of 2022, State Consumer Disputes Redressal Commission, Punjab (4 June 2024) <https://indiankanoon.org/doc/67885142/> accessed 2 February 2026. 

16 Dipak K Dash, ‘CCPA protection directs E-Commerce platforms for self-audit within 3 months to detect Dark Patterns’ (The Times of India, 7 June 2025) <https://timesofindia.indiatimes.com/india/ccpa-protection-directs-e-commerce-platforms-for-self-audit -within-3-months-to-detect-dark-patterns/articleshow/121689980.cms> accessed 2 February 2026; Neelanjit Das, ‘Big relief for consumers suffering loss due to dark patterns; Govt asks all e-commerce sites to take steps to eliminate dark patterns’ (The Economic Times, 11 June 2025) <https://m.economictimes.com/wealth/save/big-relief-for-consumers-suffering-loss-due-to-dark-pattern s-govt-asks-all-e-commerce-sites-to-take-steps-to-eliminate-all-dark-patterns/articleshow/121692649.cm s> accessed 2 February 2026.

17 Jamie Luguri and Lior Jacob Strahilevitz, ‘Shining a light on dark patterns’ (n 1). 

18 Weiwei Yi and Zihao Li, ‘Mapping the scholarship of the regulation of dark patterns’ (n 1); Alexandre de Streel and others, ‘Harmful online choice architecture’ (CERRE Final Report, May 2024) <https://cerre.eu/wp-content/uploads/2024/05/CERRE-Final-Report_Harmful-Online-Choice-Architect ure.pdf> accessed 2 February 2026; Frederik J Zuiderveen Borgesius, ‘Regulating dark patterns in the European Union’ (2024) SSRN Scholarly Paper, Social Science Research Network <https://papers.ssrn.com/sol3/papers.cfm?abstract_id=4899559> accessed 2 February 2026. 19 Mike Scarcella, ‘US judge admonishes Amazon over disclosures in FTC lawsuit over Prime service’ (Reuters, 10 July 2025) <https://www.reuters.com/legal/government/us-judge-admonishes-amazon-over-disclosures-ftc-lawsuit -over-prime-service-2025-07-10/> accessed 2 February 2026; Emma Roth, ‘Amazon will pay $2.5 billion to settle the FTC’s Prime lawsuit’ (The Verge, 25 September 2025) <https://www.theverge.com/news/785744/amazon-ftc-prime-subscription-settlment> accessed 2 February 2026; Lesley Fair, ‘$245 million FTC settlement alleges Fortnite owner Epic Games used digital dark patterns to charge players for unwanted in-game purchases’ (FTC Business Blog, 19 December 2022) <https://www.ftc.gov/business-guidance/blog/2022/12/245-million-ftc-settlement-alleges-fortnite-owner

20 Martin Brenncke, ‘A Theory of Exploitation for Consumer Law: Online Choice Architectures, Dark Patterns, and Autonomy Violations’ (n 2); Jamie Luguri and Lior Jacob Strahilevitz, ‘Shining a light on dark patterns’ (n 1); Naimy Paul, ‘Smokescreens of digital markets—choice manipulation and the illusion of consent’ (n 1); Weiwei Yi and Zihao Li, ‘Mapping the scholarship of the regulation of dark patterns’ (n 1). 

21 Central Consumer Protection Authority, ‘Guidelines for Prevention and Regulation of Dark Patterns, 2023’ (n 8); Kaushiki and Astha Sehgal, ‘Dark Patterns in Digital Platforms: A Regulatory and Consumer Protection Perspective’ (Neeti Niyaman, 2025) <https://neetiniyaman.com/dark-patterns-digital-platforms/> accessed 2 February 2026; Neelanjit Das, ‘Big relief for consumers suffering loss due to dark patterns; Govt asks all e-commerce sites to take steps to eliminate dark patterns’ (The Economic Times, 11 June 2025) (n 16). 

22 ‘Article 25, Online interface design and organisation – the Digital Services Act (DSA)’ (EU Digital Services Act) (n 7); Digital Regulation Cooperation Forum, Harmful design in digital markets: How online choice architecture practices can undermine consumer choice and control over personal information (Joint Position Paper, August 2023) <https://www.drcf.org.uk/siteassets/drcf/pdf-files/harmful-design-in-digital-markets-ico-cma-joint-posi tion-paper.pdf> accessed 2 February 2026; Organisation for Economic Co-operation and Development, Dark commercial patterns (OECD Digital Economy Papers No 336, 26 October 2022) <https://www.oecd.org/content/dam/oecd/en/publications/reports/2022/10/dark-commercial-patterns_9f

23 Consumer Protection Act 2019 (India) (n 8); Taxmann, ‘Consumer Protection Act 2019 – Overview | Provisions | Legal Framework’ (Taxmann Blog, last updated 17 March 2025)<https://www.taxmann.com/post/blog/consumer-protection-act> accessed 2 February 2026; Central Inland Water Transport Corporation Ltd v Brojo Nath Ganguly (n 14). 

24 Jamie Luguri and Lior Jacob Strahilevitz, ‘Shining a light on dark patterns’ (n 1); Digital Regulation Cooperation Forum, Harmful design in digital markets: How online choice architecture practices can undermine consumer choice and control over personal information (n 22). 

25 Jamie Luguri and Lior Jacob Strahilevitz, ‘Shining a light on dark patterns’ (n 1); Alexandre de Streel and others, ‘Harmful online choice architecture’ (n 18); European Data Protection Board, ‘Guidelines 03/2022 on deceptive design patterns in social media platform interfaces: how to recognise6169cd/44f5e846-en.pdf> accessed 2 February 2026; European Data Protection Board, ‘Guidelines 03/2022 on deceptive design patterns in social media platform interfaces: how to recognise and avoid them’ (Version 2.0, 24 February 2023) <https://www.edpb.europa.eu/system/files/2023-02/edpb_03-2022_guidelines_on_deceptive_design_patt erns_in_social_media_platform_interfaces_v2_en_0.pdf> accessed 2 February 2026. 

26 Martin Brenncke, ‘A Theory of Exploitation for Consumer Law: Online Choice Architectures, Dark Patterns, and Autonomy Violations’ (n 2); Jamie Luguri and Lior Jacob Strahilevitz, ‘Shining a light on dark patterns’ (n 1); Naimy Paul, ‘Smokescreens of digital markets—choice manipulation and the illusion of consent’ (n 1); Weiwei Yi and Zihao Li, ‘Mapping the scholarship of the regulation of dark patterns’ (n 1). 

27 Regulation (EU) 2022/2065 of the European Parliament and of the Council of 19 October 2022 on a Single Market for Digital Services and amending Directive 2000/31/EC (Digital Services Act) art 25; ‘Digital Services Act (DSA)’ (EU Digital Services Act) (n 7); Federal Trade Commission Act (15 USC §§ 41–58) § 5 (n 6). 

28 Central Inland Water Transport Corporation Ltd v Brojo Nath Ganguly (n 14); Alexander Tsesis, ‘The Right to Erasure: Privacy, Data Brokers, and the Indefinite Retention of Data’ (2014) 49 Wake Forest Law Review 433 <https://lawecommons.luc.edu/cgi/viewcontent.cgi?article=1502&context=facpubs> accessed 2 February 2026; Consumer Protection Act 2019 (India) (n 8).