Dark-patterns audit + remediation program

Description

Dark-patterns prohibitions started as an FTC enforcement theme around forced-action and roach-motel cancellation flows and have since hardened into specific prohibitions in DSA Article 25, the EU Digital Fairness Act draft Article 8, the FTC Click-to-Cancel Rule, the California ROSCA enforcement track, and the Australian Consumer Law unconscionable-conduct doctrine. A working prohibition program has three pieces: a periodic UX audit of the high-risk surfaces (purchase, cancellation, consent capture, engagement loops, default settings) against the canonical pattern taxonomy (forced action, hidden costs, sneaking-into-cart, confirmshaming, nagging, disguised ads, false urgency, obstruction, pre-selected options, friction asymmetry between sign-up and cancellation), a remediation backlog that turns audit findings into prioritized tickets, and design-system guardrails that prevent regressions (button-prominence parity between accept and reject, equivalent friction for opt-in and opt-out, consistent positive-framing rules). The prohibitions describe outcomes rather than mechanics: a flow that accidentally produces a manipulative outcome through ordinary design choices is treated identically to one that does so deliberately, which means the audit cadence has to be ongoing rather than one-time. Accessibility-team review on the same surfaces tends to surface dark-pattern issues as a side effect, so the two reviews often co-locate.

Applicability

Applies when: customer segment is b2c or b2b2c.

How predicates are evaluated

Required by (8 regulations)

• ACL

  ACL unconscionable-conduct prohibition + dark-patterns clause (acl-dark-patterns).

  Competition and Consumer Act 2010, Schedule 2

• Algorithm Provisions

  Cyberspace Administration of China algorithm rules: prohibition on designs that induce user addiction or excessive consumption (china-algo-no-addiction).

  Provisions on the Management of Algorithmic Recommendations in Internet Information Services (jointly issued by CAC, MIIT, MPS, and SAMR; effective March 1, 2022)

• Minors Online Protection

  Regulations on the Protection of Minors in Cyberspace (promulgated by the State Council, Order No. 766, effective January 1, 2024)

• DSA

  DSA Article 25 prohibition on dark patterns in online-platform interfaces.

  Regulation (EU) 2022/2065 of the European Parliament and of the Council (Digital Services Act)

  Source →

• EU CRD

  Directive 2011/83/EU of the European Parliament and of the Council

• DFA

  EU Digital Fairness Act dark-patterns + addictive-design clauses.

  Proposed. no legislative text published

• FTC Act

  15 U.S.C. §§41-58; 16 CFR Parts 255, 425

• TDPSA

  Tex. Bus. & Com. Code §§541.001-541.205

Fulfilled by (5)

• userlytics · partial · low effort · $$
  Userlytics user testing surfaces friction + manipulation patterns; doesn't enforce, just detects.
• fullstory · partial · low effort · $$$
  FullStory session-replay quantifies rage-clicks, friction, abandonment in suspect flows.
• humblegate · partial · low effort · $
  Niche dark-patterns scanner; covers a subset of the EDPB / FTC taxonomy.
• In-house build · medium effort
  UX + legal partnership running quarterly audits against the EDPB '03/2022 Dark Patterns' taxonomy + FTC 2022 'Bringing Dark Patterns to Light' framework.
• In-house build · partial · low effort · $
  Build a dark-patterns audit checklist against the Deceptive Design reference taxonomy (deceptive.design).

ClearLaunch does not accept payment from vendors. Methodology.

Evidence formats

• annual dark-patterns UX audit report
• remediation backlog + closure log
• design-system rules enforcing button-parity / no-pre-checks
• screenshot diffs showing remediated flows
• user-research test results validating non-manipulative flows