Dark patterns, interface designs that subtly manipulate or mislead users, have moved from being a niche UX debate to a central regulatory concern in India’s digital economy. As consumer-facing startups scale rapidly across e-commerce, fintech, healthtech and D2C verticals, product and marketing teams increasingly rely on persuasive design and targeted advertising to drive conversions. However, regulators are now drawing a sharper line between “legitimate persuasion” and “unfair manipulation,” signalling a shift toward stricter oversight of digital interfaces and advertising practices.
In our earlier article, “Unravelling Dark Patterns: Navigating the Regulatory Framework in India”[1], Synergia Legal examined the foundational legal landscape, including the Consumer Protection Act, 2019 (“CPA”), Advertising Standards Council of India (“ASCI”) Code, and early discussions around the Central Consumer Protection Authority’s (“CCPA”) draft guidelines. Since then, the regulatory environment has evolved significantly. The Guidelines for Prevention of Misleading Advertisements and Endorsements (2022)[2], Guidelines for Influencer Advertising in Digital India by the ASCI (2023)[3], and the Guidelines for Prevention and Regulation of Dark Patters, 2023[4](“Guidelines for Dark Patterns”)have collectively expanded the scope of prohibited practices, explicitly targeting deceptive design in both digital advertising and user onboarding flows.
Parallelly, India’s data protection regime has matured with the Digital Personal Data Protection Act, 2023(“DPDP Act”), which introduces stringent consent and transparency obligations. Several dark patterns—such as interface interference, forced action, and disguised data-sharing prompts—now potentially trigger violations under both the CPA and the DPDP Act[5].
Against this backdrop, it becomes essential for startups to understand not only the legal boundaries but also the practical implications of designing “clean,” compliant and trust-based user journeys. This write-up builds on our earlier analysis and offers an updated, applied perspective on how dark patterns intersect with digital advertising, product design, and regulatory expectations in India’s fast-evolving digital ecosystem.
How India’s Regulatory Landscape Evolved
India’s regulation of dark patterns has progressed in structured phases, closely mirroring the rapid expansion of the country’s digital economy. The approach has shifted from broad prohibitions on unfair trade practices to a dedicated framework targeting manipulative user-interface and advertising practices.
a. Early Phase — Consumer Protection & Advertising Standards (Pre-2020)
The foundation of India’s regulatory stance lay in the CPA, which prohibited misleading advertisements[6] and unfair trade practices[7]. While the Act did not expressly reference “dark patterns,” several tactics—such as hidden costs, misleading pricing, or forced continuities—were implicitly covered.
In parallel, the ASCI, through its Code for Self-Regulation of Advertising Content in India[8], required advertisements to be truthful, transparent, and non-exploitative. These early norms formed the baseline for later, more explicit regulation.
b. Transition Phase — Digital Commerce & Nudging Concerns (2020–2022)
The surge in digital commerce prompted more targeted interventions. The Consumer Protection (E-Commerce) Rules, 2020 introduced obligations on pricing transparency, disclosure of charges, and prohibition of misleading sales tactics—addressing practices that now fall squarely within dark pattern classifications.
During this period, the CCPA and Department of Consumer Affairs issued advisories cautioning against exaggerated discount claims and hidden fees. Simultaneously, ASCI strengthened its oversight of digital advertising through the Guidelines for Influencer Advertising, 2021, recognising that disguised or ambiguous promotional content could mislead consumers.
c. Recognition Phase — Draft Dark Patterns Guidelines (2023)
A major turning point came with the Draft Guidelines on Prevention and Regulation of Dark Patterns[9], released by the CCPA in June 2023. This was the first formal acknowledgment of dark patterns as a regulatory concern. The draft defined specific patterns—such as false urgency, basket sneaking, confirm shaming, forced action, and interface interference—and sought feedback from industry stakeholders. Importantly, it distinguished “manipulation” from “legitimate persuasion,” signalling the regulator’s intent to target designs that materially distort user choice.
d. Consolidation Phase — Final Guidelines (Nov 2023)
The Guidelines for Dark Patterns notified in November 2023, created India’s first explicit legal framework prohibiting deceptive interface design. The Guidelines for Dark Pattern apply broadly to advertisers, sellers, platforms, and online interfaces, and expressly ban ten categories of dark patterns. Non-compliance triggers penalties under the CPA, including fines, directions to discontinue practices, and potential product or service takedowns.
e. Integration Phase — DPDP Act & Sector-Specific Developments (2023–2024)
The enactment of the DPDP Act added a parallel compliance layer, strengthening obligations relating to transparency, consent, and data minimisation. Several dark patterns—such as misleading consent prompts, privacy-intrusive defaults, or disguised data-sharing options—now risk violations under both consumer protection and data protection law. Sectoral regulators have echoed these concerns, with RBI cautioning against manipulative fintech interfaces and MeitY flagging risks in gaming and children-focused apps.
Overall, India’s regulatory trajectory demonstrates a clear evolution toward recognising, naming, and prohibiting manipulative digital design—anchoring dark patterns firmly within the compliance expectations for modern digital businesses.
What the Guidelines for Dark Patterns Mean for Digital Advertising
The Guidelines for Dark Patterns mark a decisive pivot in how digital advertising is regulated in India. Earlier frameworks under the CPA and the ASCI Code primarily assessed whether an advertisement was misleading. The Guidelines go further: they scrutinise the design, presentation, and architecture of advertising journeys, placing responsibility on entities that influence how users perceive choices.
a. Scope – Who Must Comply
The Guidelines for Dark Patterns apply to all Advertisers, Sellers, Platforms, and Endorsers that design, publish, or modify any User Interface directed at users in India. This flows from the broad consumer protection mandate under the CPA. The applicability extends even where the entity is located outside India, so long as its digital interface or advertising is accessible to Indian users.
Under the CPA’s construct of an “unfair trade practice,” liability may attach not only to the primary Advertiser but also to any Platform or Endorser that participates in disseminating a deceptive interface.
b. Advertising-Relevant Dark Patterns
Several prohibited dark patterns directly impact digital advertising and related conversion flows:
i. False Urgency: Creating artificial scarcity or countdowns without factual basis.
ii. Drip Pricing: Revealing mandatory charges only after User engagement.
iii. Bait-and-Switch: Promoting an offer in the advertisement that is unavailable or materially different when the User reaches the landing page.
iv. Interface Interference: Designing advertisements or CTAs that mimic Platform UI elements, leading Users to unintended outcomes.
v. Confirmshaming and Nagging: Using emotionally manipulative language (“No, I do not want to save money”) or repetitive prompts.
These patterns demonstrate that the regulator now evaluates entire advertising journeys, not just isolated ad creatives.
c. Enforcement and Liability
Non-compliance with the Guidelines for Dark Patterns may trigger CCPA action under CPA[10], including directions to discontinue the practice, takedowns, and financial penalties. The ASCI Code continues to govern advertising content, especially disclosure obligations for Endorsers. Liability is shared—Advertisers, Platforms, Sellers, and Endorsers must all ensure their User Interfaces comply with the Guidelines for Dark Patterns.
Interaction with Other Indian Laws
This section should demonstrate how the Guidelines do not operate in isolation but interact with existing regulatory obligations under the CPA, the DPDP Act, the ASCI Code, and sector-specific frameworks. The focus remains on how these frameworks collectively govern digital advertising, User Interface design, and data practices.
a. Interaction with the CPA — Foundational Framework
The CPA remains the principal statute governing misleading advertisements and unfair trade practices. Its definition of an “unfair trade practice”[11] is broad enough to encompass many dark patterns, such as misleading pricing, disguised actions, or manipulated consent flows.
The CCPA, empowered under Section 18 of the CPA, issued the Guidelines for Dark Patterns to clarify and operationalise this framework in the context of digital User Interfaces. Accordingly, the Guidelines do not replace the CPA; they supplement it by expressly identifying patterns that impair User autonomy and therefore constitute prohibited practices. Any violation of the Guidelines may therefore result in action under the CPA.
b. Interaction with the DPDP Act — Consent, Transparency, and Data Practices
Several prohibited dark patterns overlap directly with obligations under the DPDP Act. The DPDP Act requires that consent be “free, specific, informed and unambiguous”. Designs that pressure users into granting consent—through Forced Action, Interface Interference, or Confirmshaming—may undermine the validity of such consent.
Further, the DPDP Act’s principles of transparency and purpose limitation require clear communication of processing purposes. If an advertisement or User Interface obscures disclosures, nudges Users into data-sharing, or makes opt-out mechanisms difficult to locate, the conduct may simultaneously violate both the Guidelines for Dark Patterns and the DPDP Act.
c. Interaction with the ASCI Code — Advertising Content and Disclosures
The ASCI Code, including the Guidelines for Influencer Advertising, mandates truthful representation, adequate disclosures, and visible identification of promotional content. Dark patterns that disguise commercial intent, mimic native content without disclosure, or mislead Users through ambiguous CTAs may contravene the ASCI Code in addition to the Guidelines.
Although ASCI operates on a self-regulatory basis, its decisions influence how the CCPA evaluates misleading advertisements under the CPA.
d. Interaction with E-Commerce Rules and Sectoral Standards
The Consumer Protection (E-Commerce) Rules, 2020 (“E-Commerce Rules”) complement the CPA by requiring pricing transparency, non-misleading representations, and disclosure of mandatory charges. Practices such as Drip Pricing, False Urgency, or exaggerated discount claims may therefore breach both the E-Commerce Rules and the Guidelines.
Sectoral regulators have also expressed concerns about manipulative interfaces—for instance, RBI’s caution regarding digital lending flows and MeitY’s focus on gaming and children’s online safety. Many of these concerns align with prohibited categories under the Guidelines.
e. Overall Regulatory Convergence
Together, the CPA, the DPDP Act, the ASCI Code, the E-Commerce Rules, and sectoral standards reflect a unified regulatory expectation: digital products and advertising must protect User autonomy, ensure transparency, and avoid manipulative design. The Guidelines crystallise this expectation by providing explicit definitions, but compliance must be viewed holistically across all applicable frameworks.
Practical Notes for Startups
For startups operating in increasingly competitive digital markets, compliance with the Guidelines for Dark Patterns, the CPA, and the DPDP Act is not merely a legal requirement—it is fundamental to building User trust and sustainable growth. Practical implementation requires a careful balance between interface efficiency, product design choices, and transparency.
a. Designing Transparent and Fair User Interfaces
Startups should ensure that all User Interfaces allow Users to make decisions freely and without hidden friction. Default selections that favour the Startup, or pathways that make opting out substantially harder than opting in, may be viewed as impairing User autonomy. Cancellation, unsubscribe, and account deletion processes should be accessible, linear, and comparable in effort to sign-up flows. Pricing elements, key terms, and material disclosures must be presented upfront, without requiring Users to navigate multiple layers to access essential information.
b. Building CPA- and DPDP-Consistent Data and Consent Flows
Under the DPDP Act, consent must be “free, specific, informed and unambiguous”. Startups should therefore ensure that consent prompts do not rely on Forced Action, Interface Interference, or any design that pressures Users into sharing data. Notices must be concise, written in clear language, and aligned with transparency obligations under Sections 5 to 7 of the DPDP Act. It is also advisable to distinguish between essential and optional data-collection activities and to offer Users an accessible means to withdraw or correct their information.
c. Strengthening Internal Review and Governance Mechanisms
Operational compliance requires internal discipline. Startups should adopt pre-launch review processes that include product, design, and legal teams, ensuring early identification of potential dark patterns. Maintaining documentation supporting price claims, representations, and User Interface decisions can help mitigate risk in case of regulatory scrutiny. Periodic audits assessing User journeys against the Guidelines for Dark Patterns and the CPA serve as effective preventive measures.
d. Managing Third-Party and Platform-Level Risks
Where Startups rely on external agencies, Platforms, or Endorsers, contractual arrangements should mandate adherence to the Guidelines for Dark Patterns, the CPA, and the ASCI Code. Startups should monitor Endorser disclosures and ensure that Platform-driven modifications do not introduce prohibited dark patterns.
e. Adopting a Pro-User Approach
Ultimately, transparent and User-centric design aligns legal compliance with long-term brand trust. Ethical interface practices increasingly serve as a competitive differentiator in India’s digital ecosystem.
[1] https://synergialegal.com/unraveling-dark-patterns-navigating-the-regulatory-framework-in-india/
[2] https://doca.gov.in/ccpa/files/CCPA_Notification.pdf
[3] https://www.ascionline.in/wp-content/uploads/2023/08/GUIDELINES-FOR-INFLUENCER-ADVERTISING-IN-DIGITAL-MEDIA.pdf
[4] https://doca.gov.in/ccpa/files/The%20Guidelines%20for%20Prevention%20and%20Regulation%20of%20Dark%20Patterns,%202023_1732707717.pdf
[5] Sections 5 to 7 of the DPDP Act
[6] Section 2(28) of the CPA
[7] Section 2(47) of the CPA
[8] https://www.ascionline.in/wp-content/uploads/guidelines/ASCI_Codes_Guidelines_Book.pdf
[9] https://consumeraffairs.gov.in/sites/default/files/file-uploads/latestnews/Draft%20Guidelines%20for%20Prevention%20and%20Regulation%20of%20Dark%20Patterns%202023.pdf
[10] Sections 20 and 21 of the CPA
[11] Section 2(47) of the CPA