Educational platform PhysicsWallah and cybersecurity firm McAfee India have been fined Rs 5 lakh and Rs 1 lakh, respectively, for digital manipulation by employing deceptive user interfaces.
The action was taken by Central Consumer Protection Authority (CCPA). It has urged both the companies to dismantle digital tactics designed to trick users into spending money or giving away data.
According to the Ministry of Consumer Affairs, an investigation revealed that PhysicsWallah targeted its largely young audience, including vulnerable minors, through a psychological trick known as “confirm shaming”. During checkout, the platform automatically added Rs 10 donation to the final bill without explicit consent, a practice called “basket sneaking”, it said.
“To prevent users from removing this charge, the interface displayed emotional messages regarding children’s education and health, using guilt to override free financial choice,” it said.
Furthermore, the platform advertised courses as free but forced users to hand over telephone numbers and email addresses to gain access. The regulator ruled that masking data collection as a prerequisite for free content is a misleading and unfair trade practice.
McAfee India was found guilty of using fear-based messaging to force software subscription renewals. When navigating the renewal page, users were denied a neutral choice and presented with two stark options: “Renew Now” or “Accept Risk”.
The action was taken under the Consumer Protection Act, 2019, the Consumer Protection (E-Commerce) Rules, 2020, and the Guidelines for Prevention and Regulation of Dark Patterns, 2023. The guidelines identify 13 dark patterns that are considered unfair trade practices, including Basket Sneaking, Confirm Shaming, Forced Action, Interface Interference and Trick Questions.
To strengthen compliance, CCPA issued an advisory on June 5, 2025 asking e-commerce companies and digital platforms to conduct self-audits and remove dark patterns from their interfaces.
CCPA said the practices used by the companies affected consumers’ ability to make free and informed choices. It further found that courses advertised as “free” could only be accessed after users provided personal information such as their mobile number and email address.
According to the authority’s examination, the content offered remained the same across different user accounts, indicating that collecting personal data was not necessary for access to the courses.
CCPA said these practices amounted to several dark patterns identified under the 2023 guidelines.
The authority observed that consumer consent cannot be presumed through pre-selected options and must be obtained through a clear and affirmative action.
It also noted that advertising courses as free without clearly informing users about mandatory registration and data-sharing requirements was misleading.
CCPA said these practices amounted to unfair trade practices and interfered with consumers’ ability to make informed decisions. It added that since a large number of users on the platform are students, including minors, the matter raised serious consumer protection concerns.
The latest orders highlight the authority’s continued focus on creating a fair, transparent and consumer-friendly digital marketplace.
