As a consumer, you’ve likely been manipulated in some form when shopping online by so-called dark patterns: deceptive online marketing techniques.

In one recent example, the Consumer Financial Protection Bureau (CFPB) filed a case against TransUnion, and John Danaher, a former TransUnion executive, alleging the credit reporting bureau manipulated consumers into signing up for subscription services.

According to the CFPB, TransUnion did not adhere to the terms of a 2017 settlement with the consumer protection agency and continued to engage in marketing practices that deceived consumers.

“TransUnion is an out-of-control repeat offender that believes it is above the law,” says Rohit Chopra, CFPB director. “I am concerned that TransUnion’s leadership is either unwilling or incapable of operating its businesses lawfully.”

Charges against TransUnion

In the 2017 settlement, TransUnion agreed to pay $13.9 million to recompense victims of its deceptive marketing practices, as well as $3 million in civil penalties. The credit reporting agency also agreed to warn consumers that lenders are likely not using the exact scores TransUnion provided the consumers.

In addition, TransUnion agreed to get consumers’ informed consent before they sign up for recurring payments for subscription services and provide them an easy way to opt out of such services.

A follow-up examination by the CFPB revealed that TransUnion was in violation of the settlement in 2019 and 2020. According to the consumer protection agency, when consumers applied for an annual free copy of their credit reports, TransUnion would ask for their credit card information for what appeared to be identity verification purposes. An online button appeared that seemed to offer a free credit score in addition to the credit report.

What actually happened is that consumers who pressed the button were signed up for credit-monitoring services with recurring monthly charges using the card information they provided. Disclosures about this charge were made in fine print that was difficult to locate. Consumers who tried to cancel these recurring charges found there was no simple way to do so.

CFPB action against TransUnion

Based on its findings, the CFPB alleges that the credit reporting agency and Danaher went against the 2017 settlement and “deceived customers through digital dark patterns.”

Consequently, the consumer protection agency is charging TransUnion with violating the Consumer Financial Protection Act, as well as the Fair Credit Reporting Act and the Electronic Fund Transfer Act.

The CFPB is also asking for TransUnion to provide monetary relief to consumers by returning their money and giving up its “unjust gains,” among other things.

Watch out for dark patterns

“Dark patterns are design features used to deceive, steer or manipulate users into behavior that is profitable for an entity offering a product or service online, but they are often harmful to users,” Chopra said.

These sorts of deceptive marketing practices have become prevalent online, taking over where direct mail marketing has left off. Digital techniques can also reach a wider audience online.

The term “dark patterns,” coined by Henry Brignull, a user experience designer, refers to the use of technology and design to create a sort of Roach Motel—a digital trap consumers find difficult to exit.

Some examples of dark patterns include:

  • Signing consumers up for recurring subscriptions without their informed consent
  • Charging consumers without notice after a free trial period expires
  • Getting consumer information through online forms that trick them into giving up input
  • Making it difficult for consumers to opt out of something
  • Adding on unexpected charges at the point of checkout

Consumer recourse to deal with dark patterns

Consumers have certain protections in dealing with dark patterns. The Federal Trade Commission (FTC) enforces the Restore Online Shoppers’ Confidence Act. The CAN-SPAM Act also allows the FTC to go after website disclosures that are not clear and marketers that don’t provide consumers easy ways to opt out of their email messages.

The California Privacy Rights Act, which will be enacted in 2023, also protects against dark patterns and allows consumers to opt out and decline to share their personal information. At the federal level, the pending “Deceptive Experiences to Online Users Reduction Act” (or DETOUR Act) aims to bar “the usage of exploitative and deceptive practices by large online operators.” The FTC would also enforce this law, using its authority to pursue unfair and deceptive practices.

If you’ve been a victim of a dark pattern, you should file a complaint with the CFPB or the FTC, and even reach out to your state attorney general’s office.

The bottom line

Dark patterns involve the use of deceptive marketing techniques to lure consumers without their informed consent. In one recent example, the CFPB has filed a case against TransUnion alleging that the latter tricked consumers into signing up for subscription services with recurring monthly charges. If you’ve been tricked by online marketers, you can file a complaint with the CFPB or the FTC. There are also laws, including those pending, that address such situations.