The Central Consumer Protection Authority (CCPA) imposed a penalty of Rs 1 lakh on SpiceJet Ltd for deploying deceptive design practices, commonly called dark patterns, on its flight booking platform, the authority said on Friday.
An inquiry led by Chief Commissioner Nidhi Khare and Commissioner Anupam Mishra found that consumers were being enrolled into the SpiceClub Loyalty Programme automatically, through a checkbox that was pre-ticked by default. Customers were similarly deemed to have consented to receiving promotional messages, since the option to opt in was already selected without any action on their part.
The CCPA noted that even after it issued a notice to the airline, SpiceJet merely swapped one pre-ticked checkbox for another, this time for promotional messages via SMS, WhatsApp and email, effectively continuing the same practice in a different form. SpiceJet’s representatives told the authority during proceedings that the lapse was the result of a technical error. The company has since been directed to submit an undertaking confirming that corrective measures have been implemented and will remain in place permanently.
Three dark patterns
The CCPA’s order flagged three distinct dark patterns on SpiceJet’s platform. The first was “forced action”, automatic enrolment of users into the SpiceClub Loyalty Programme via a pre-ticked checkbox. The second was “Interface interference”, which presented the company’s preferred option as the default choice to nudge consumer decisions. The third was “Trick question”, use of confusing, negatively worded consent language likely to mislead users.
The authority said such practices “impair consumer autonomy, undermine informed decision-making” and run counter to the principles of fair and transparent consumer engagement.
Deceptive interface design
CCPA held that SpiceJet’s conduct violated provisions of the Consumer Protection Act, 2019, relating to unfair trade practices, unfair contract terms and misleading representations. It also found the airline in breach of Rule 4(9) of the Consumer Protection (E-Commerce) Rules, 2020 — which mandates that consumer consent be obtained through explicit, affirmative action — as well as the Guidelines for Prevention and Regulation of Dark Patterns, 2023, news agency ANI reported.
The order noted that consent secured through pre-ticked boxes, default settings or deceptive interface design does not qualify as valid consent under law and is contrary to consumer welfare.
“CCPA remains committed to protecting consumer rights and ensuring that digital platforms conduct business in a fair, transparent and consumer-centric manner,” the authority said in its statement.
(With inputs from ANI)
