Even major corporations have been caught with their hands in the cookie jar. For instance, Dell was fined US$6.5mil (RM30.1mil) over jacking up the prices for its monitors as part of a supposed add-on “deal” by the Australian government in mid-August.
The monitors were offered as part of a bundle package alongside a desktop, laptop, or notebook computer under an inflated price tag that was then discounted as part of the package.
For certain customers, the “discounted” price ended up surpassing the cost it would have been if purchased individually. The company managed to sell 5,300 monitors using this approach.
Dell only earned a total of US$1.3mil (RM6mil) for the monitors sold via the misleading add-ons between August 2019 and December 2021, a far cry from the amount that the company was fined.
Meanwhile, in the United States, the Federal Trade Commission (FTC) filed a suit against Amazon in June of this year.
It claimed that the ecommerce giant had used “manipulative, coercive, or deceptive user-interface designs” to keep consumers stuck in automatically renewing Prime subscriptions.
The suit alleges that Amazon made purchasing items on the platform more difficult without a subscription and made cancelling subscriptions intentionally more difficult, requiring navigating through five pages on the desktop or six on the mobile app to do so.
It had also supposedly not been clearly stated that the button shown to customers to complete transactions would also enrol them for a Prime subscription.
The FTC previously imposed a fine of US$100mil (RM464mil) on Vonage, an Internet service provider (ISP), in November for deliberately complicating the cancellation process and imposing unexpected early termination fees.
This included hiding the cancellation number on its website and failing to contact customers who requested callbacks.
In January, the FTC announced that it would be taking a tougher stance against dark patterns. It emphasised that penalties and legal actions, as seen in cases involving Amazon, would be administered as a response.
For dark patterns being used to obtain personal data, Facebook, YouTube, and Google faced fines in France in January 2021 over making the process of refusing tracker cookies more complicated by intentionally misdirecting users.
France’s data privacy regulatory body, the National Commission on Informatics and Liberty, which fined the companies, found that their websites required multiple clicks to opt out of tracking cookies.
This was short of the mandate that requires opting out to be as easy as opting in.
Google was fined €150mil (RM751mil), while Facebook was fined €60mil (RM300mil).
In December last year, Epic Games was fined US$520mil (RM2.4bil) in December 2022 over dark patterns encouraging in-game spending and adding hurdles for parents requesting the deletion of their children’s personal data.
It is set to ban dark patterns with the Digital Services Act, which comes into effect on Feb 17, 2024, along with a proposed AI Act that prevents the use of dark patterns in artificial intelligence systems.
Meanwhile, in the United Kingdom, there are no specific regulations against dark patterns, but its general consumer protection and data protection laws have been applied against such practices.
GDPR has been used to address non-consensual data collection, the Consumer Rights Act 2015, when dark patterns are primarily used to encourage purchases of goods and services, and the Consumer Protection from Unfair Trading Regulations 2008, when used to influence financial decisions.