Tag Archives: Dark Patterns

Dark Patterns and the Law

First – what are dark patterns?

Here is a definition from Wired:

The term “dark patterns” was first coined by UX specialist Harry Brignull to describe the ways in which software can subtly trick users into doing things they didn’t mean to do, or discouraging behavior that’s bad for the company. When you want to unsubscribe from a mailing list, but the “Unsubscribe” button is tiny, low-contrast, and buried in paragraphs of text at the bottom of an email, it’s a strong sign the company is putting up subtle roadblocks between you and cancellation.


The objective of using a dark pattern to get you to do something you really don’t mean to do or stop you from doing something the company does not want you to do.

That is why we are seeing more attention from legislatures and regulators.

California’s new privacy law says that it can’t be any more difficult to close an account than to open an account.

The EU’s new Digital Markets Act is proposing to regulate dark patterns.

But not everyone is listening.

Now even the CFPB is going after them.

The Consumer Finance Protection Bureau filed a lawsuit against TransUnion, two of its subsidiaries and a former TransUnion executive.

The CFPB says that they are violating a 2017 consent order and that TransUnion was engaging in deceptive marketing of credit related products.

In this case, the CFPB wants to make a point of making officers and directors feel the pain from the decisions of their companies by including them in the lawsuit.

In October 2018 the CFPB went checking on TransUnion’s compliance with the previous year’s consent order. That consent order required TransUnion to get the consumer’s express informed consent before enrolling them in a product with a “negative option” feature. In this case, that means enrolling the consumer in a free trial and then forcing them to do something to cancel the subscription at the end of the trial. It also required them to simplify the cancellation process (the so called dark pattern – make it hard to cancel).

In 2019, 2020 and 2021 the CFPB told TransUnion that they were violating the consent order, hence the lawsuit.

In the lawsuit, the CFPB says:

In its complaint, the CFPB alleges that the corporate defendants violated the consent order in various ways, including by (1) giving consumers the misleading impression that their payment information was requested for purposes other than payment, (2) offering negative option enrollments without using a checkbox to affirmatively enroll in such products as required by the consent order, and (3) failing to provide an appropriate method for consumers to cancel their enrollment.  Following its pattern of using heated rhetoric in its media statements and more neutral language in its complaints, the CFPB alleged in its press release that TransUnion “used an array of dark patterns to trick people” and “cheated customers.”


TransUnion says that the complaint is meritless and blamed the CFPB. Interesting strategy.

Expect more of this from all sides. If you are using dark patterns, consult your attorney. Better yet, just stop.

Credit: Ballard Spahr