CCPA Fines PhysicsWallah ₹5 Lakh For 'Basket Sneaking', 'Confirm Shaming' And 'Forced Action'; Imposes ₹1 Lakh Penalty On McAfee Over Dark Patterns
The Central Consumer Protection Authority (CCPA), headed by Chief Commissioner Nidhi Khare and Commissioner Anupam Mishra, has imposed penalties on PhysicsWallah Limited and McAfee Software India Private Limited for deploying "dark patterns" that misled consumers and influenced their choices on digital platforms. The Authority imposed a penalty of ₹5 lakh on PhysicsWallah and ₹1 lakh...
The Central Consumer Protection Authority (CCPA), headed by Chief Commissioner Nidhi Khare and Commissioner Anupam Mishra, has imposed penalties on PhysicsWallah Limited and McAfee Software India Private Limited for deploying "dark patterns" that misled consumers and influenced their choices on digital platforms.
The Authority imposed a penalty of ₹5 lakh on PhysicsWallah and ₹1 lakh on McAfee, directing both companies to remove such practices and ensure that consumers can make informed decisions without manipulation.
According to the CCPA, PhysicsWallah automatically added a ₹10 donation to the PW Foundation during the checkout process through a pre-selected option, without obtaining explicit consent from users. Consumers were also shown emotional messages related to children's education, healthcare and marriages, encouraging them to retain the donation. The Authority further found that courses advertised as "free" could only be accessed after users shared personal information such as mobile numbers and email addresses.
The CCPA held that these practices amounted to Basket Sneaking, Confirm Shaming and Forced Action, which are prohibited under the Guidelines for Prevention and Regulation of Dark Patterns, 2023. It observed that consumer consent cannot be assumed through pre-selected options and must always be obtained through a clear and affirmative action. The Authority also noted that many users of the platform are students, including minors, making such practices particularly concerning.
In McAfee's case, the CCPA found that the company's subscription renewal interface prominently displayed options such as "Renew Now" and "Accept Risk", effectively portraying non-renewal as a risky choice. The Authority observed that the phrase "Accept Risk" could create fear among consumers by suggesting exposure to cybersecurity threats if they chose not to renew their subscriptions.
The regulator concluded that McAfee's interface employed dark patterns including Confirm Shaming, Interface Interference, Trick Question and Forced Action, thereby influencing consumer decisions through deceptive design elements.
The action was taken under the Consumer Protection Act, 2019, the Consumer Protection (E-Commerce) Rules, 2020, and the Guidelines for Prevention and Regulation of Dark Patterns, 2023. The CCPA reiterated that consumer consent must be explicit, informed and free from manipulative practices, underscoring its commitment to ensuring a fair and transparent digital marketplace.
Case No.: CCPA-2/94/2025-2025