Dark patterns are the new black

Have you have ever been frustrated at the number of clicks it took you to get away from a website or vanquish a pop-up ad?

Or been mesmerised by the options a website offers on using cookies?

Or perhaps become bewildered by a website that promises to find you the best accommodation deal?

It is more than likely that you have been caught up in a dark pattern.

It is probable that your clients have, or will, become caught up in dark patterns leading to unwanted purchases or the handing over of personal data without knowing it.

As regulators begin to grapple with this practice, practitioners would do well to familiarise themselves with the concept, as it will likely be a growth area in the law.


What are ‘dark patterns’?

Dark patterns are elements built into websites and online products that deliberately obscure, mislead, or trick users into making unintended (and possibly harmful) choices and purchases.

They are often created based on serious psychological research with the intention of getting users to make choices which benefit service providers rather than the users themselves – usually without the user being aware of what is going on.

In some cases, that can lead to consumers spending large sums of money without intending to – and retailers getting into trouble with regulators.

For example, in December of 2022, Epic Games – a company which develops and publishes video games – was ordered to pay over $500 million in fines and refunds as a result of the use of dark patterns. Epic Games produces the online video game Fortnite, which is mostly free to play but generates income via allowing players to buy items within the game.

The fines and refunds related to the use of dark patterns to harvest player data, deceive players into making purchases without wanting to or even knowing about them (via, for example, counter-intuitive, inconsistent and confusing control configuration) and charge credit cards without authorisation. To make matters worse, Epic locked the accounts of customers who questioned these charges, and threatened life bans for any future disputed charges.

With so much of our clients’ lives now taking place online, their exposure to dark patterns is almost constant; some of the more common techniques are as follows:


Privacy Zuckering: Consumers are tricked into giving away more information than they intend. For example, when a messaging app is installed on a smartphone and requests access to the contacts list, apparently to improve the performance of the app – but also allowing the maker of the app to target the consumer and their contacts with advertising.

Confirmshaming: In this pattern, the ‘decline’ option for a service is formed in such a way as to make a consumer feel foolish or bad for declining. For example, when an option to subscribe to a service is provided, and the decline option reads, “No thanks, I’d rather pay more!”

Obstruction: An online service might require only require one click to subscribe, but many clicks and a complicated process to unsubscribe; usually many ‘are you sure?’ buttons will also appear, as well as a ‘remind me later’ option to encourage procrastination.

Scarcity: A website will claim that only a small percentage of a given item – concert tickets, sale-priced electronic devices, rare collectibles – remain for sale and play on the fear of missing out, while in reality many such items remain (the ACCC took action against ticket seller Viagogo in 2019 for utilising this technique).

Psychologically manipulating consumers is not new – some retail stores are designed so that it is difficult to leave the store without walking past most of its merchandise, and so-called ‘charity muggers’ utilise shame in their efforts to sign donors – but the rise of the internet has increased its reach. It is effectively impossible for any user of social media or the internet in general to avoid contact with dark patterns.

Why should solicitors care?

Firstly, some of our clients will get caught up in dark patterns and need help to get out; it makes sense for practitioners to get their heads around this issue early in anticipation. It also enables us to warn clients about dark patterns and prevent the problem in the first place.


Secondly, we can avoid getting involved ourselves – both as victims and perpetrators. Law firms are regularly barraged with offers to increase business, clicks to websites, client databases etc., by a plethora of marketing consultants and firms.

Before a practitioner signs on it is worth checking what tactics are going to be used, and if it includes dark patterns, giving it a miss. Used in the wrong way, some of these services will likely breach Rule 36 of the Australian Solicitors Conduct Rules, and can lead to action by the ACCC – see, for example, the Employsure decision.

Finally, our fundamental duty of competence1 may well be broad enough to encompass a requirement that we have some level of familiarity with technology, AI and other things that affect our clients and the services we provide.

The American Bar Association has already moved to include a specific duty in its rules2 and it would be prudent to assume a similar duty is expected of Australian lawyers.3

Shane Budden is a Special Counsel, Ethics, with the Queensland Law Society Ethics and Practice Centre.

1 See Rule 4, Australian Solicitors Conduct Rules 2012.
2 American Bar Association Model Rules of Professional Conduct, rule 1.1 comment [8].
3 See Gino Dal Pont, Lawyers’ Professional Responsibility, 7th ed., at [4.20].

Share this article

Leave a Reply

Your email address will not be published. Required fields are marked *

Search by keyword