How some websites deceive or manipulate users

A product randomly added at the end of your order... a highlighted "accept" button... a message designed to guilt-trip you when you refuse a discount... an easy-to-make subscription with no way to unsubscribe… Welcome to the "dark patterns" trap! Many websites, applications, social media platforms, and search engines use graphic elements (colour, size of graphics…) or technical processes to influence your behaviour and encourage you to click, purchase, subscribe, or provide personal data. How do you spot these manipulative techniques? How do you avoid falling into these traps? If they aren’t illegal, how are they regulated in Europe? Read our article to find answers to your questions.

 

How some websites entice you to make a purchase

  • An extra option, added insurance, or a discounted service is added at the end of your online order. Not wanting to start the ordering process all over again, you end up accepting this additional fee.

Example: Extra checked bags when booking a plane ticket

  • The site reminds you that if you pay only a few more euros, you will get free delivery.
  • Well-placed messages generate a sense of urgency for the user, giving the impression that you are missing out on a good deal or a rare product/service.

Examples: "Only three hotel rooms in the selected category are available at this price". "Free cancellation, no payment to be made right now". "47 others are currently viewing this item". "Only three items left in stock"...

  • When you place an order, your shopping cart already contains items that you need to remove.
  • As you search for a product or service, the site shows you alternative options that might interest you or offers and discounts that allow you to buy more for the same amount of money.
  • The website posts customer reviews or videos from influencers that praise the product. Social proof via testimonials is used to entice you to purchase certain items
  • An important news article is displayed on your screen, but when you click it, you realise it’s actually an advertisement for a product

Example of a clickable message: "Your order has arrived!"

Examples: "No thanks, I hate saving money", "No thanks, I hate getting good deals, I’d rather pay the full price"

How websites trick you with hidden subscriptions

  • A pop-up window opens and promises you a free trial for a product, but you are required to input your card details. This is most likely a hidden subscription with a regular fee that will be charged to your account.
  • The highlighted price is a "bonus", "benefit", or "VIP" option. If you validate this price, you subscribe to the option which often takes the form of a monthly subscription.  
  • The site offers you regular deliveries of the same product in order to "save money". Beware of overconsumption! Beware of hidden subscriptions!

Tips: how to not fall into the trap of dark patterns

  • Check if the purchase is still worth making despite the additional costs. Compare prices and offers on other sites.
  • Don’t be intimidated by catchy messages like "only three items left in stock" or "last available option".
  • Take the time to check of the proposed option really corresponds with your needs. Ask yourself the right questions!
  • Before confirming your purchase, check your shopping cart and be sure to delete unwanted items, options, or services.
  • Closely read pre-checked boxes and options.
  • Don’t forget that you may have a right to withdrawal and therefore 14 days to change your mind.
  • If French law applies, you are protected in case of automatic renewal of your subscription.

Unable to cancel a subscription online?

  • A few clicks to subscribe, but hundreds to unsubscribe! Some sites "hide" the cancellation conditions in their general subscription conditions. Some applications require the user to log in using the PC version of their customer account to access the terms and conditions regarding unsubscribing.

Example: Amazon Prime is obligated under regulations by the European Commissionto simplify its unsubscribing processes.

Good to know: In France, the Châtel law requires professionals to inform their customers in writing, between one and three months before the end of the subscription or contract with automatic renewal, of their option to not renew it. In addition, inspired by the "cancel button" introduced in Germany in 2022, websites of telephone operators, newspapers, insurance companies, transport companies, electricity suppliers, and even dating sites in France are required to offer a free function to facilitate subscription cancellation as of 2023.

  • You receive notifications of updates to your application. They indicate the update is "vital", "crucial", or "necessary". But in fact, you are unable to refuse it.

Example: WhatsApp update. Read the summary of the CPC network’s action with the European Commission.

How wording can trick you

Some sites use unclear wording, negative phrases, or double-negatives to trick you into doing the opposite of what you initially wanted.

Tip: Read your options carefully!

How some websites get personal information from you

Be careful if the website or social media platform:

  • Promises better function of their service if you enable your location.
  • Has your account automatically sharing your data and publications with everyone.
  • Highlights the "accept all" button for cookies.
  • Generates a pop-up window in which you are asked to enter your email address, and highlights the "send" button to receive, for example, a discount or other intriguing information.

All of these techniques exist with one goal in mind: to get personal data from you! This information has real value to companies because they can sell it and use it for targeted marketing (advertising targeted according to behaviour, habits, or location of internet users). Read our article on how to protect your personal data.

 

Are these manipulative techniques regulated in Europe?

Currently, there is no definition or European legislation regarding dark patterns specifically. These manipulative techniques fall under the scope of several European directives or regulations related to competition law, data protection, or artificial intelligence (AI).

Example: The Consumer Rights Directiveprohibits pre-ticked boxes.

Some techniques can be considered unfair commercial practices.

Examples: Advertising a product or service as "free" when you actually have to pay for it, enticing customers with attractive prices but the products are unavailable.

The European Commission has covered a lot of ground in the fight against these techniques and wants to further regulate practices in the digital sector:

  • The European Digital Services Act(DSA), which has applied to European online platforms or those targeting European consumers since 2024, has banned certain dark patterns.
  • This regulation specifically prohibits online platforms from designing, organising, and operating their interfaces in ways that mislead customers and impair their ability to make clear and informed decisions. The European Commission may soon publish guidelines clarifying this prohibition.

These regulations explicitly address certain practices, such as:

  • Placing one button above another to influence consumers’ choice.
  • Repeatedly asking customers to make a choice, even after they already selected their preference (often in the context of terminating a service).
  • Making the unsubscription process more complicated than the subscription process.

Failure to comply with these regulations is punishable by a fine of up to 6 percent of the company’s annual revenue.

The European Commission also published a behavioral study on unfair commercial practices in the digital environment in May of 2022. More specifically, it proposes banning the practices that are most harmful to consumers, imposing a fair or neutral design obligation on companies, and drawing up guidelines and practical examples for businesses and designers.

Dark patterns are also discussed in the new ePrivacy regulation, which is expected to tackle the use of cookies and direct marketing in particular.

In the meantime, the supervisory authorities of the General Data Protection Regulation (GDPR) can penalise professionals if the techniques they use on their sites undermine the protection of personal data.

Example: The French authority CNIL has fined major companies, social media platforms, and search engines for making it more difficult for customers to refuse cookies than accept them.

Some authorities in Europe also publish recommendations to protect consumers against deception.

Examples:

  • The Dutch authority’s guidelines for web designers and developers
  • The UK Competition and Markets Authority (CMA) market study

Funded by the European Union. Views and opinions expressed are however those of the author(s) only and do not necessarily reflect those of the European Union or the European Innovation Council and Small and Medium-sized Enterprises Executive Agency (EISMEA). Neither the European Union nor the granting authority can be held responsible for them.