No More Auto Donation in Websites

Ψ  PhysicsWallah fined ₹5 lakh and McAfee ₹1 lakh for practices affecting informed consumer choice

Ψ  Companies directed to discontinue practices that undermine informed consumer consent

Key Highlights

·         The Central Consumer Protection Authority imposed penalties on:

o    PhysicsWallah Limited – ₹5 lakh

o    McAfee Software India Private Limited – ₹1 lakh

·         Both companies were directed to discontinue dark pattern practices and ensure consumers can make informed and voluntary choices.

·         Action was taken under:

o    Consumer Protection Act, 2019

o    Consumer Protection (E-Commerce) Rules, 2020

o    Guidelines for Prevention and Regulation of Dark Patterns, 2023

·         The Authority is headed by Nidhi Khare and Commissioner Anupam Mishra.

Action Against PhysicsWallah

Violations Identified

1. Pre-Selected Donation During Checkout

·         A ₹10 donation to the PW Foundation was automatically selected and added to the payment amount.

·         Consumers had to actively remove the donation if they did not wish to contribute.

2. Emotional Pressure Tactics

·         Messages relating to children's education, healthcare and marriages were displayed to discourage users from opting out of the donation.

3. Misleading “Free Courses”

·         Courses advertised as "free" required users to provide personal information such as:

o    Mobile number

o    Email address

·         CCPA found that the course content remained identical across accounts, indicating that mandatory data collection was not essential.

Dark Patterns Identified

·         Basket Sneaking – Automatic addition of donations.

·         Confirm Shaming – Emotional messages discouraging users from removing donations.

·         Forced Action – Mandatory sharing of personal data to access "free" courses.

CCPA Observations

·         Consumer consent cannot be presumed through pre-ticked options.

·         Consent must be explicit and affirmative.

·         Advertising services as "free" without clearly disclosing mandatory registration requirements is misleading.

·         The practices were especially concerning because many users are students and minors.

Penalty

·         PhysicsWallah was fined ₹5 lakh.

·         Directed to eliminate dark patterns across all digital interfaces.

Action Against McAfee

What CCPA Found

·         During subscription renewal, users were presented with:

o    "Renew Now"

o    "Accept Risk"

·         The phrase "Accept Risk" implied consumers would face cybersecurity threats if they chose not to renew.

Dark Patterns Identified

·         Confirm Shaming – Making users feel irresponsible for declining renewal.

·         Interface Interference – Greater visual emphasis on renewal.

·         Trick Question – Use of emotionally loaded language instead of neutral choices.

·         Forced Action – Lack of a clearly visible neutral opt-out option.

CCPA Observations

·         Subscription decisions should be made freely without fear-based messaging.

·         The renewal interface used manipulative design practices that could influence consumer behaviour.

Penalty

·         McAfee was fined ₹1 lakh.

·         Ordered to remove dark patterns from all websites, applications and digital platforms.

Legal Provisions Violated

PhysicsWallah

·         Violation of consumer rights and informed decision-making.

·         Misleading advertisements regarding "free" courses.

·         Unfair trade practices involving:

o    Basket Sneaking

o    Confirm Shaming

o    Forced Action

·         Violations of E-Commerce Rules and Dark Pattern Guidelines.

McAfee

·         Misleading advertisements based on fear-driven messaging.

·         Unfair trade practices through manipulative subscription design.

·         Violations involving:

o    Confirm Shaming

o    Interface Interference

o    Trick Questions

o    Forced Action

CCPA's Wider Campaign Against Dark Patterns

·         The Guidelines for Prevention and Regulation of Dark Patterns, 2023 identify 13 types of dark patterns as unfair trade practices.

·         Common dark patterns include:

o    Basket Sneaking

o    Confirm Shaming

o    Forced Action

o    Interface Interference

o    Trick Questions

·         On 5 June 2025, CCPA issued an advisory directing e-commerce companies and digital platforms to:

o    Conduct self-audits.

o    Identify and remove dark patterns.

o    Strengthen consumer protection measures.

Significance

The action against PhysicsWallah and McAfee marks another significant step by the CCPA to curb manipulative online design practices. The orders reinforce the principle that consumer consent must be explicit, informed and free from pressure, helping create a more transparent and consumer-friendly digital marketplace in India.

<CCPA Final Orders>

 

[ABS News Service/04.06.2026]

The Central Consumer Protection Authority (CCPA), headed by Chief Commissioner Smt. Nidhi Khare and Commissioner Anupam Mishra, has imposed penalties on PhysicsWallah Limited and McAfee Software India Private Limited for using dark pattern practices that misled consumers and influenced their choices on digital platforms.

PhysicsWallah has been fined ₹5 lakh, while McAfee has been fined ₹1 lakh. Both companies have been directed to remove such practices from their platforms and ensure that consumers are able to make informed choices without pressure or manipulation.

The action has been taken under the Consumer Protection Act, 2019, the Consumer Protection (E-Commerce) Rules, 2020, and the Guidelines for Prevention and Regulation of Dark Patterns, 2023.

PhysicsWallah Limited: Pre-selected Donations and Misleading ‘Free’ Courses

CCPA took suo motu cognizance of certain practices on the PhysicsWallah platform and found that consumers were being influenced through interface designs that affected their ability to make free and informed choices.

What CCPA Found

·         A donation of ₹10 to the PW Foundation was automatically selected during checkout and added to the total payable amount without the consumer's explicit consent.

·         Consumers were shown emotional messages related to children's education, healthcare and marriages, encouraging them to keep the donation selected.

·         Courses advertised as “free” could only be accessed after users shared personal information such as their mobile number and email address.

·         CCPA's examination found that the content offered remained the same across user accounts, indicating that mandatory data collection was not essential for accessing the courses.

Dark Patterns Identified

·         Basket Sneaking – Automatic addition of a donation during checkout.

·         Confirm Shaming – Emotional messaging that discouraged users from removing the donation.

·         Forced Action – Requiring users to share personal information before accessing courses advertised as free.

CCPA observed that:

·         Consumer consent cannot be assumed through pre-selected options and must always be obtained through a clear and affirmative action.

·         Advertising courses as “free” without clearly informing users about mandatory registration and data-sharing requirements was misleading.

·         The practices amounted to unfair trade practices and interfered with consumers' ability to make informed decisions.

·         Since a large number of users on the platform are students, including minors, such practices raised serious consumer protection concerns.

Provisions Violated –PhysicsWallah

S.No.

Provision

Nature of Violation
  1.  

Section 2(9), Consumer Protection Act, 2019

Violation of consumer rights-impairment of free and informed decision-making
  1.  

Section 2(28), Consumer Protection Act, 2019

Misleading advertisement- 'free courses' without disclosing mandatory registration conditions
  1.  

Section 2(47), Consumer Protection Act, 2019

Unfair trade practice- basket sneaking, confirm shaming, forced action
  1.  

Consumer Protection (E-Commerce) Rules, 2020

Rule 4(9): Automatic recording of consent through pre-ticked checkbox; Rule 4(3): Unfair trade practice
  1.  

Dark Patterns Guidelines, 2023

Basket Sneaking, Confirm Shaming, Forced Action

PhysicsWallah Limited has been directed to ensure that no dark patterns are deployed on any of its digital interfaces and pay a penalty of ₹5,00,000.

McAfee Software India Private Limited: Subscription Renewal Interface Found Misleading

CCPA also examined McAfee's subscription renewal process and found that consumers were not provided with a neutral choice while deciding whether to renew their subscriptions.

Users were prominently shown two options - "Renew Now" and "Accept Risk" effectively portraying non-renewal as a risky decision.

What CCPA Found

·         The phrase "Accept Risk" suggested that consumers would be exposed to cybersecurity threats if they chose not to renew their subscription.

·         Such a claim could not be justified or guaranteed by the company.

·         The design of the interface created pressure on consumers to continue their subscriptions.

Dark Patterns Identified

·         Confirm Shaming – Making consumers feel irresponsible for not renewing.

·         Interface Interference – Giving greater visual prominence to the renewal option.

·         Trick Question – Using confusing and emotionally loaded language instead of a neutral option.

·         Forced Action – Not providing a clearly visible and neutral opt-out choice.

CCPA's Observations

CCPA noted that consumers should be able to make subscription decisions freely and without fear-based messaging or misleading design elements.The Authority found that the renewal interface used deceptive practices that could influence consumer decisions and amount to unfair trade practices.

Provisions Violated- McAfee

S.No.

Provision

Nature of Violation
  1.  

Section 2(28), Consumer Protection Act, 2019

Misleading advertisement: fear-based representation regarding necessity and consequences of non-renewal
  1.  

Section 2(47), Consumer Protection Act, 2019

Unfair trade practice: deceptive and manipulative interface design promoting subscription renewals
  1.  

Consumer Protection (E-Commerce) Rules, 2020

Rule 4(3): Unfair trade practice & Rule 4(9): Impaired explicit and affirmative consumer consent
  1.  

Dark Patterns Guidelines, 2023

Confirm Shaming, Interface Interference, Trick Question, Forced Action

McAfee Software India Private Limited has been directed to ensure that no dark patterns are employed on its platform, website, application or any other digital interface and pay a penalty of ₹1,00,000.

CCPA's Continued Action Against Dark Patterns

The Guidelines for Prevention and Regulation of Dark Patterns, 2023, were notified by CCPA on 30 November 2023 after extensive consultations with stakeholders. The Guidelines identify 13 dark patterns that are considered unfair trade practices, including Basket Sneaking, Confirm Shaming, Forced Action, Interface Interference and Trick Questions.

To strengthen compliance, CCPA issued an advisory on 5 June 2025 asking e-commerce companies and digital platforms to conduct self-audits and remove dark patterns from their interfaces. These orders underline CCPA's commitment to ensuring a fair, transparent and consumer-friendly digital marketplace. The Authority has reiterated that consumer consent must always be explicit, informed and free from manipulative design practices.