Skip to content   Skip to footer navigation 

Wait, what's in my cart? The hidden cost of website 'dark patterns'

A guide to the deceptive design tricks to watch out for when shopping online. 

person shopping online on laptop
Last updated: 19 August 2022


Checked for accuracy by our qualified fact-checkers and verifiers. Find out more about fact-checking at CHOICE.

Chandni Gupta is the Digital Policy Director at the Consumer Policy Research Centre (CPRC) – an independent, nonprofit, consumer think-tank where she leads the research stream on protecting consumers in a digital world.

Imagine you're out shopping, but before you can even enter the store, you're asked to share your personal information. Once inside, you're offered free samples, but you have to give your credit card details before you can try them. 

For every item you browse, you're told there's only a few left in stock, or how many people may have looked at or bought the same thing that day. Randomly, every few seconds, a loudspeaker announces what another customer has recently purchased. For the offers you don't take up, staff make you feel guilty about saying no, some even commenting that you must just prefer paying more. 

Once you finally arrive at the checkout, you notice that other items have been added to your basket – items you never looked at or intended to buy. You walk out of the store, but you keep receiving calls about items that you had put in your basket, but then put back, pressuring you to reconsider purchasing these items. 

More than eight in 10 Australians (83%) have lost money, lost control of their data or have been manipulated by a business to make a choice that isn't in their interest

This sounds like a perverse retail experience, but this is exactly what it's like for so many Australians when shopping online. Welcome to the world of 'dark patterns'.

What are dark patterns?

Dark patterns, also called deceptive design patterns, are design features and functionalities built into websites and apps that exist purely to influence us. They are extremely prevalent and cause harm.

The Consumer Policy Research Centre (CPRC) found that more than eight in 10 Australians (83%) have lost money, lost control of their data or have been manipulated by a business to make a choice that isn't in their interest.

Here are some common dark patterns to look out for when shopping online:

1. Hidden costs

Something added to your cart that you didn't want or expect? That's a hidden cost. Often this involves pre-selected add-ons that you must either untick or remove from your cart. In worst-case scenarios, you're forced to pay more than you initially perceived.

CPRC found that when someone is buying a washing machine online, appliance retailer Appliances Online automatically adds a $160 extended warranty to the online cart. Harvey Norman, Good Guys and Kogan continue to present their extended warranty program at almost every step of the purchasing process. These tactics strongly imply that these extended warranties are essential, when in fact they offer very little to the rights we already enjoy for free under the Australian Consumer Law.

2. Confirmshaming

Have you ever felt you're being mocked for not selecting a particular offer online? This design feature uses words to cause hurt, suggesting that a particular choice is shameful or inappropriate. The aim here is to guilt you into choosing something you may not have otherwise selected. This tactic is often used to keep you subscribed to a service, get you to share more personal information, or sign up to marketing content.

The aim here is to guilt you into choosing something you may not have otherwise selected

CPRC's sweep found that the shoe retailer, Brand House Direct, offers two options on the email subscription pop-up as soon as you enter its website. One has the wording 'Get $10 off Now' and the other in small font states 'No thanks, I prefer to pay more for shoes!'. These types of tactics can manipulate both purchasing and data-sharing decisions.

example of confirmshaming brand house direct website

Confirmshaming mocks you for your choices. Source: CPRC 'Duped by Design' report.

3. Hotel California 

Ever found it hard to unsubscribe? You're not the only one – more than three in four people (76%) surveyed in CPRC's research have experienced difficulties in cancelling an online subscription, including unsubscribing from free trials. 

Complex navigation involving multiple screens and vague terminology are all designed to make it as hard as possible for you to leave. As the Eagles sing in 'Hotel California': "You can check out any time you like but you can never leave." 

CPRC's sweep found that while it was simple to sign up to both Amazon and eBay services (often just one click), cancelling them involved multiple and confusing steps. Combined with confirmshaming and trick questions, this dark pattern can leave you feeling disempowered to a point where you may give up on the cancellation process – which is almost certainly the intended effect.

4. Trick question 

Have you struggled with double negatives or vague options online? Appearing in pop-ups and online forms, trick questions ask you to confirm a particular choice, but the options aren't always clear, so it's difficult to know whether to opt in or opt out. 

This dark pattern often appears when businesses are asking for your consent to collect information about you (cookie consents). One option may be a simple 'accept all', but the other option is either information on the privacy policy or a lengthy form where you need to untick specific options to truly opt out.

5. Disguised advertisements 

These are simply clickbait designed to make you navigate away from the content you originally intended to visit. The format, wording and design of these hidden ads often mirrors standard content, making it hard to work out whether it's actual content or just an ad. 

This dark pattern can leave you feeling disempowered to a point where you may give up on the cancellation process – which is almost certainly the intended effect

Often prevalent across news or search sites, more than eight in 10 Australians (85%) recalled having difficulty differentiating between actual content and advertisements. This can increase the time and effort you need when searching online. It can also lead to mistaken purchases, simply because of the way the information is presented.

example of activity notifications and scarcity cues agoda website marked

There's no way customers can verify low stock claims. Source: CPRC 'Duped by Design' report.

6. Scarcity cues

Instilling a fear of missing out, scarcity cues create a sense of urgency for you to buy or spend more than you intend to, through messages about items being 'low in stock' or 'in demand', and countdown timers. Yet there's no way you can verify whether these claims are genuine or not. 

For example, CPRC's sweep found that clothing retailer BooHoo used a countdown timer indicating a sale with only hours to go – only to replicate the same offer within the same month, but without the countdown timer. 

7. Activity notifications

Often taking the form of pop-ups, these notifications are all about letting you know what other users are browsing or buying. As with scarcity cues, it's impossible for you to verify the accuracy of these notifications, yet their frequency and prevalence can create a sense of frenzied activity, putting pressure on you to make a purchase. 

As with scarcity cues, it's impossible for you to verify the accuracy of these notifications

CPRC's sweep found that some sites display activity notifications every four to 11 seconds. Assuming they're authentic, that's up to 150 pop-ups you have to endure about other people's activities in just 10 minutes.

8. False hierarchy

When businesses have a preferred option, they'll find ways to nudge you into choosing it. Often we see this design in email subscription invitations where the preferred option is made to stand out over others through size, placement and colour. The other options are either in a smaller font or shown via a small cross on the top-left of the screen. This dark pattern is all about what's good for the business, often with little regard for offering you meaningful outcomes.

9. Redirection or nagging

This is usually done through pop-ups and, if your personal information has been shared at any time, the nagging can follow you long after you've left the website or app. The aim is to move you away from what you're doing and instead take up an offer that the business is pushing onto you. 

For example, Shein's website forces users to navigate through three different pop-ups before you can browse its website. Other websites seem to watch where and how you move your cursor, so if it looks as if you're about to leave, a pop-up will appear encouraging you to stay. 

Of course, pressure sales tactics existed well before online shopping was around, but the persistent nature of dark patterns online means businesses have an unfair advantage and can exert more pressure for longer.

10. Data grab

Aiming to harvest more of your personal information, this dark pattern often involves ticking data-sharing options on forms in advance, forcing you to create a customer profile, or showing you a message indicating that by visiting the site you automatically agree to their data-collection terms and conditions (which are often buried in the fine print). 

This can have a significant effect, especially over a period of time, as more personal information is collected and shared about you

CPRC reports that almost nine in 10 people surveyed recalled being asked for more information about themselves than was needed to access the product or service. For instance, CPRC found one instance where a user could view a timetable for a yoga class only after they'd created a profile using a third-party app. Other businesses pre-tick the newsletter sign-up option, which appears in small print only at the final checkout page. This is often when you're concentrating on checking that your address and payment details are correct, so you could easily overlook giving automatic consent for your information to be shared. 

This dark pattern can have a significant effect, especially over a period of time, as more personal information is collected and shared about you. Your personal information can be used to make predictions about you and influence what you buy and at what price, all in a way that benefits businesses – but could actually leave you worse off.

example of redirection or nagging three popups shein website

Endless popups make it difficult to stay on task. Source: CPRC 'Duped by Design' report.

What's all this deception costing us?

CPRC's research confirmed some hard truths about the harm dark patterns cause:

  • One in five Australians spent more money than they intended to.
  • Almost one in six felt pressured into buying something.
  • Nearly one in 10 accidentally bought something.
  • More than one in four created an account online they didn't want.
  • More than one in four accidentally signed up to something.
  • One in four shared more personal information than they wanted to.
  • Younger people were 65% more likely than the national average to spend more than they intended, and 34% more likely to create an online account they didn't want.

Dark patterns undeniably create consumer harm. They can cost you financially or mislead you about what you're buying, what personal information you may be sharing, and what your consumer rights are.

Are dark patterns illegal?

They may be damaging and unjust, but at present many dark patterns either aren't illegal or don't quite meet the threshold of current consumer protections. 

That said, in Australia some dark patterns may be in breach of consumer protections. These include:

  • misleading or deceptive conduct if businesses create a misleading or deceptive impression about their product or service
  • unfair contract terms where there is limited opportunity to negotiate with a business and where a term may pose significant imbalance or detriment, or where there is a lack of transparency
  • patterns that breach privacy protections under the Privacy Act 1988 to protect the privacy of personal information.

Hidden costs and disguised advertisements could potentially amount to misleading and deceptive conduct. If a business gives consumers a false or inaccurate impression regarding a product or service, this could be taken into account in an investigation.

At present many dark patterns either aren't illegal or don't quite meet the threshold of current consumer protections

Scarcity cues and activity notifications sit squarely in the space of credence claims, where the consumer must rely on trust because they can't independently verify the claims for themselves. But if a regulator were to investigate whether the claims are accurate, any that are false could amount to misleading or deceptive conduct.

Dark patterns designed to harvest personal information – or that fail to notify people that a particular action will lead to its collection – could potentially breach Australian Privacy Principles of openness and transparency in how personal information is managed. 

They could also breach unfair contract terms law if a different set of personal details is collected from you online compared with a physical setting, without any difference in the type of service you receive.

Which dark patterns have you seen? We want to know

With so many dark patterns currently falling through gaps in consumer laws and protections, regulators such as the ACCC are making it their compliance and enforcement priority.

This is where you can help. If you see a dark pattern when you're online, fill out the form below to share it with CHOICE. By taking this step, you can play a vital role in shining a light on dark patterns and reducing the harm they're doing to people in Australia.

Information in this article is from Consumer Policy Research Centre's report Duped by Design.

We care about accuracy. See something that's not quite right in this article? Let us know or read more about fact-checking at CHOICE.

Stock images: Getty, unless otherwise stated.