The Federal Trade Commission (FTC) in recent years has made clear its intention to adopt a more aggressive enforcement posture toward so-called dark patterns. The FTC defines unlawful dark patterns to include any online “design practices that trick or manipulate users into making decisions they would not otherwise have made and that may cause harm.”1 Two recent enforcement actions confirm the agency’s focus on curbing dark patterns under its existing statutory authorities and offer useful insight into the types of digital design practices that could draw regulatory scrutiny.
On June 21, 2023, the FTC filed a complaint in the US District Court for the Western District of Washington alleging that Amazon used manipulative, coercive, or deceptive user interface designs—i.e., dark patterns—to trick consumers into enrolling in its Amazon Prime subscription service.2 According to FTC Chair Lina M. Khan, “Amazon tricked and trapped people into recurring subscriptions without their consent, not only frustrating users but also costing them significant money.”3 Specifically, the FTC’s complaint alleges that Amazon’s use of dark patterns was (1) an unfair trade practice in violation of Section 5 of the FTC Act4; and (2) a violation of the Restore Online Shoppers’ Confidence Act (ROSCA),5 which generally bars the sale of goods or services on the internet through negative option marketing without meeting certain requirements for disclosure, consent, and cancellation to protect consumers.
Less than a week later, on June 27, 2023, the FTC announced an enforcement action and proposed consent order requiring Publishers Clearing House (PCH) to pay $18.5 million to consumers over allegations that PCH used dark patterns “to mislead consumers about how to enter the company’s well-known sweepstakes drawings.”6 Specifically, the FTC claimed that PCH made consumers believe that a purchase was “necessary to win or increase their chances of winning, and that their sweepstakes entries [we]re incomplete.”7 The FTC alleged that PCH had violated the deception prong of the FTC Act and the Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003 (CAN-SPAM Act).8
Together, these actions provide important clarity on the types of dark patterns that the FTC views as unfair, deceptive, or otherwise unlawful. Companies across a wide stripe of consumer-facing industries would be well-advised to take this opportunity to examine their own online design practices and product flows against the categories of practices at issue in these two enforcement actions, as well as other FTC guidance. As the Director of the FTC’s Bureau of Consumer Protection said in a statement accompanying the PCH Consent Order, “firms that continue to deploy deceptive design techniques are on notice.” Companies should take the FTC at its word.
1. Background on Dark Patterns
The FTC has increasingly focused on curbing the use of dark patterns over the last several years. In October 2021, the FTC released an enforcement policy statement9 that served as a “warning” to companies that the agency was “ramping up its enforcement response” to consumer complaints about deceptive sign-up tactics “including unauthorized charges or ongoing billing that is impossible to cancel.”10 To avoid enforcement action, the FTC recommended that businesses should (1) disclose material terms of their products and services clearly, conspicuously, and up front when the customer first receives the offer; (2) obtain the consumer’s express and informed consent before charging for any product or service; and (3) provide easy and simple cancellation through mechanisms “at least as easy to use as” the purchase mechanisms.11
The FTC followed its enforcement policy statement with a Staff Report in September 2022 that pointed to specific practices that it viewed as deceptive dark patterns. For example, the Staff Report called out practices that obscure material information from consumers, such as burying key limitations of the product or service in dense terms of services that consumers don’t see before purchase. The Staff Report also called out practices that make it hard to cancel subscriptions or charges by making consumers navigate a difficult-to-find, lengthy, and confusing cancellation path on the company’s website and click through several pages of promotions and links that, when clicked, directed consumers away from the cancellation path. These practices, the FTC Staff Report found, occur in a broad range of industries and contexts, including e-commerce, cookie consent banners, children’s applications and subscription sales.
Following up on this, in April 2023, the FTC issued a Notice of Proposed Rulemaking (NPRM) that would significantly expand the legal requirements for sellers to employ so-called “negative option” offers.12 A negative option offer is one that permits a seller to interpret a customer’s silence or failure to act as an acceptance of an offer. Typically, negative option arrangements include, but are not limited to, automatic renewals, continuity plans, free-to-pay or fee-to-pay conversions, and prenotification plans.
The FTC has long addressed harmful negative option practices through a patchwork of laws, including the ROSCA, the Telemarketing Sales Rule (TSR), the Unordered Merchandise Statute, the Electronic Fund Transfers Act, and its broad authority under Section 5 of the FTC Act.13 The new proposed rule, the FTC reasoned, was necessary because “existing patchwork of laws and regulations does not provide industry and consumers with a consistent legal framework across media and offers.”14 The FTC noted, for example, that ROSCA and the TSR do not address negative option plans in all media—ROSCA’s negative option marketing requirements only apply to internet sales, and the TSR generally applies to telemarketing only.15
The proposed rule would expand the existing “patchwork” legal framework and make specific changes, including (1) a simple cancellation mechanism (“at least as easy to cancel a subscription as it was to start it”), (2) new requirements before making additional offers during cancellation processes, and (3) new requirements regarding reminders and confirmations of automatic renewals.16 Violations of the rule, if finalized, would subject sellers to actions for civil penalties and damages.
2. FTC Enforcement Action Against Amazon
In its Amazon complaint, the FTC alleges that the company caused millions of consumers to unknowingly enroll in its Amazon Prime subscription service using a variety of dark patterns17 and made those subscriptions difficult to cancel by forcing subscribers to navigate a labyrinthine cancellation process. Amazon Prime is Amazon’s paid subscription service; for a $139 annual fee, subscribers can access benefits like free expedited delivery of products, free streaming content, and grocery delivery.18 The FTC now alleges the Amazon Prime enrollment and cancellation processes leveraged deceptive dark patterns in violation of both Section 5 of the FTC Act and ROSCA.
First, the FTC alleges that Amazon designs the Amazon Prime enrollment process to exploit consumer tendencies to overlook material information, such as placing material terms of auto-renewal policies at the bottom of pages to take advantage of the fact that consumers on mobile devices are “more likely to select a prominent option without scrutinizing fine print” accessible only by scrolling to the bottom of a webpage.19 Through these practices, the FTC contends, Amazon “fails to provide clear and conspicuous disclosures” about Prime’s material terms before customers complete purchases and provides “no disclosures at all” before collecting billing information in violation of the FTC Act and ROSCA.20
The FTC further charges that Amazon knowingly crafted a labyrinthine cancellation process for Prime subscribers, which the company allegedly called the “Iliad flow.”21 As alleged in the FTC’s complaint, the Prime cancellation flow required subscribers to navigate a “four-page, six-click, fifteen-option” flow to cancel their subscriptions online.22 According to the FTC, this cancellation flow relied on dark patterns to slow or prevent consumers from trying to cancel their memberships, resulting in customers unfairly being charged additional fees without their consent in violation of the FTC Act and depriving consumers of a simple mechanism to end recurring charges in violation of ROSCA.23
Specifically, the FTC identified six specific dark patterns it alleges were used in connection with Amazon Prime:24
1. Forced Action: The FTC defines “Forced Action” as any design that forces users to perform specific actions or processes to access certain functions. The FTC alleges that Amazon uses Forced Action in its Prime enrollment flow by forcing consumers to choose whether to enroll in Prime before allowing the consumers to complete their purchase. The FTC further alleges that Amazon used Force Action in its Iliad flow (i.e., the cancellation process) by forcing consumers to proceed through multiple screens to cancel their subscription.
2. Interface Interference: The FTC defines “Interface Interference” as any design that manipulates the user interface to privilege certain information relative to other information. The FTC alleges that Amazon used Interface Interference in its Prime enrollment flow by revealing the terms and conditions only once during the purchase process and then in a small, easy-to-miss font. According to the FTC, Amazon also uses repetition and color to direct consumers’ attention to the words “free shipping” and away from Prime’s price, which the agency believes led some consumers to enroll without providing informed consent.
3. Obstruction (Roach Motel): The FTC defines “Obstruction” as any design that intentionally complicates a process by adding steps to discourage users from taking a particular action. Obstruction is also known as “Roach Moteling” because, like roaches into the eponymous motel, “[consumers] check in, but they don’t check out.” The FTC alleges that Amazon deployed Roach Moteling by making the option to decline enrollment difficult to locate and, in the Iliad flow, making the ability to cancel Prime membership difficult for consumers to locate.
4. Misdirection: The FTC defines “Misdirection” as any design that draws a user’s attention to one thing in order to distract from another. The FTC alleges that Amazon uses Misdirection in its Prime checkout enrollment flow by presenting asymmetric choices that make it easier to enroll in Prime than not. Additionally, according to the FTC, certain versions of Amazon’s checkout enrollment flow offer consumers only a less prominent blue link to decline Prime.
The FTC further alleges that the Iliad flow uses Misdirection by making it easier to abandon an attempt to cancel Prime than to complete it. Per the FTC, “Amazon uses attractors such as animation, a contrasting color blue, and text to draw consumers’ attention to ‘Remind me later’ and ‘Keep my benefits’ options rather than ‘Continue to Cancel.’”
5. Sneaking: The FTC defines “Sneaking” as any design that hides relevant information or delays its disclosure. According to the FTC’s complaint, “Amazon uses Sneaking by failing to clearly and conspicuously disclose Prime’s terms and conditions during its enrollment checkout flow, including its price and auto-renew attribute” and “by failing to show Prime’s price or its auto-renewal feature in the consumer’s cart.”
6. Confirmshaming: Finally, the FTC defines “Confirmshaming” as any design that uses emotive wording around disfavored options to guilt consumers into choosing favored options, though its allegations related to this category of dark patterns are wholly redacted.
Although the FTC has previously described enforcement actions as crackdowns on dark patterns, the Amazon complaint represents the first time the agency has offered this level of detail on the specific practices it regards as deceptive dark patterns.25
3. FTC Enforcement Action Against PCH
The FTC’s enforcement action against PCH, issued just days after the Amazon announcement, alleges PCH used dark patterns to trick consumers into believing that they were required to purchase products in order to enter a sweepstakes or to increase their chances of winning.26 According to the complaint, the deception begins with PCH’s homepage, where consumers complete a form by clicking a “WIN IT!” or “Win for Life!” button that does not actually enter them in the sweepstakes; instead, consumers must wade through several pages of advertisements before being presented with an opportunity to submit entries.27 And after customers have entered the sweepstakes, PCH sends emails that make it seem as though they must take additional steps or risk disqualification; those emails merely send consumers to PCH’s e-commerce site, where they encounter additional advertising that has no impact on their sweepstakes entries.28 All of these actions, the FTC contends, amount to misrepresentation and deceptions in violation of Section 5 of the FTC Act, and the misleading emails sent after sweepstakes entries violate the CAN-SPAM Act.29
The FTC’s complaint cites three specific dark patterns deployed by PCH:
- “Linking and conflating ‘ordering’ products and ‘entering’ the sweepstakes through the use of trick wording and visual interference;
- Placing disclosures in small and light font and in places where a consumer is unlikely to see them; bombarding consumers with emails that pressure them to take immediate action by clicking on the email or purportedly risk losing the opportunity to enter or win the sweepstakes; and
- Making it difficult for consumers to enter the sweepstakes without an order.”
In their statement accompanying the action, Chair Khan and Commissioners Slaughter and Bedoya described the PCH action as “build[ing] on previous efforts to crack down on companies that use illegal dark patterns to fuel digital deception and harm consumers.”30 Of note, the Commissioners explained that direct financial loss is not the only way consumers suffer as a result of dark patterns; instead, they explained, the PCH action represented a victory by the FTC in obtaining compensation for consumers’ wasted time.
The proposed court order requires PCH to take steps to prevent customer confusion on its website. For example, when a customer is presented with a button that results in placing an order, PCH must display the statement, “I understand that I don’t have to buy anything to enter the Sweepstakes and that buying won’t help me win.”31 And in emails that might lead a consumer to PCH’s e-commerce platform, the company must state: “No Purchase Necessary. A Purchase Will Not Improve Your Chances of Winning.”32
4. Implications for Other Consumer-Facing Businesses
The Amazon and PCH actions provide important clarity on the specific types of design practices the FTC considers to be unfair, deceptive, or otherwise unlawful dark patterns and can serve as a guide for other consumer-facing businesses looking to examine their own online design hygiene.
Companies with e-commerce platforms or subscription-based models, or that otherwise rely heavily on online marketing, can and should take a number of steps to ensure they are appropriately identifying and controlling for design-related risks in the current regulatory environment. These steps may include:
- Review enrollment/sign-up flows: Companies should take this opportunity to review their existing online customer flows and related design principles with an eye toward the types of practices addressed in the Amazon complaint. A quick hygiene check today may well identify opportunities to improve or streamline product flows and other design decisions that not only mitigate regulatory risk associated with potential dark patterns, but that also improve customer communication and help the bottom line.
- Review methods of cancellations: Likewise, companies should examine their existing cancellation flows to confirm they provide a “simple mechanism” to achieve that outcome, and potentially one that makes it at least as easy for consumers to cancel a service as it was to enroll. In line with the FTC’s proposed Negative Option Rule and its enforcement action against Amazon, companies should have a simple cancellation process that is easy to find and easy to use and will be available through the same method the consumer used to enroll (e.g., website, email address, or other application). Sellers on the internet should provide an accessible cancellation mechanism on the same website or web-based application used for sign-up. If the seller allows users to sign up using a phone, it must provide, at a minimum, a telephone number and ensure all calls to that number are answered during normal business hours. Simply put, companies should avoid making consumers jump through hoops to cancel subscription plans.
- Clear disclosures around subscription plans: Finally, companies that employ negative option subscription plans should take a moment to ensure that all material terms are clearly and conspicuously disclosed up front. The disclosure should include any action that must be taken to avoid being charged and the timeline in which that action is required. Although not yet finalized, the FTC’s proposed negative option rule will require the following information prior to obtaining consumers’ billing information: (1) that consumers’ payments will be recurring, if applicable, (2) the deadline by which consumers must act to stop charges, (3) the amount or ranges of costs consumers may incur, (4) the date the charge will be submitted for payment, and (5) information about the mechanism consumers may use to cancel the recurring payments.
There are, of course, open questions as to the viability and scope of the FTC’s determination that dark patterns are illegal and that subscription cancellations must be as easy as sign-up. The FTC may be able to prove that a practice that meets its definition of a dark pattern is unfair or deceptive based on the specific facts of a given case—but it is not enough to show that a fact pattern meets the definition of “forced action” or “confirmshaming.” At the end of the day, the FTC Act does not prohibit “dark patterns”—it prohibits unfairness and deception, as developed through decades of case law. To prove deception, the FTC must still demonstrate that a consumer acting reasonably under the circumstances would likely be misled about a material term and would likely need to use copy testing or other extrinsic evidence to carry its burden. To prove unfairness, the FTC must show that a practice causes or is likely to cause injury that is not reasonably avoidable and that is not outweighed by benefits to commerce and competition. For example, there may be benefits to one-click cancellation, but “save” offers during a cancellation flow can provide tremendous benefit to consumers who may be willing to keep a subscription at a lower price. Save offers also can drive price competition.
However, the FTC has made enforcement against practices that it considers dark patterns, including widely used practices, a clear priority. There is no comfort in looking at the practices of your competitors as a baseline. To avoid regulatory uncertainty and risk, businesses should take a careful but realistic view of their sign-up and cancellation flow processes, as the FTC’s decision to crack down on existing (and, in the case of PCH, long-term) practices presents something of a departure from its prior practice and understanding. Whether the FTC continues its tack of aggressive enforcement will become clearer through the litigation of the Amazon complaint and the course of the NPRM on negative option offers.