For $9.99 per month, Pier 1 offers Pier 1 Rewards, a loyalty program that includes benefits such as a 10% discount on all purchases and free shipping and returns on eligible items. Until recently, when a consumer added an item to a cart, the company would automatically also add the Pier 1 Rewards membership to the cart (with a pre-checked box indicating acceptance) and apply the 10% discount. A consumer had to uncheck the box to remove the membership from the cart.

NAD discovered this as part of their routine monitoring – or routine shopping (it’s hard to tell) – and had two related concerns about what Pier 1 was doing. First, whether advertising a discounted price for a product is misleading if it reflects a discount that is only available with a subscription. And second, whether Pier 1 clearly and conspicuously disclosed the material terms of the subscription before a consumer made a purchase decision.

NAD determined that it could be misleading to advertise a discounted price if it reflects a discount that’s only available with a subscription, unless the terms of the subscription are clearly disclosed. In this case, NAD was concerned that the subscription was automatically added to a cart with a pre-checked box, but that consumers wouldn’t see the material terms – including that the subscription automatically renews – unless they clicked on a link to “Learn More.” (NAD also questioned whether a pre-checked box was sufficient to show acceptance, though it stopped short of saying it wasn’t.)

In its decision, NAD leaned on the FTC’s “Bringing Dark Patterns to Light” report and the agency’s .com Disclosure guidelines. To those who have been following the FTC and state AG enforcement on automatic-renewals, the decision shouldn’t come as a surprise. But it does serve as a good reminder of how important it is to clearly disclose subscription terms, especially as more companies begin to offer discounts that are contingent upon consumers signing up for other services. 

These days, consumers can obtain everything from newspapers to meal kits to credit monitoring services through subscriptions. The prevalence of these services, and the ease with which consumers can sign up, have gotten the attention of regulators who are concerned that some negative option marketing might confuse or trick consumers. The CFPB, FTC, and state AGs have been particularly vocal about practices they deem “dark patterns,” and continue to focus on the area.     

Today, the CFPB put out guidance warning covered companies and service providers that “dark patterns” surrounding negative option marketing violate the Consumer Financial Protection Act’s prohibition on unfair, deceptive, or abusive acts or practices. As the circular makes clear, the CFPB has already brought enforcement actions alleging deceptive practices around negative options (see this case against a consumer reporting agency, and this case against a company that provided registration and payment services to organizers of events and races). The announcement also notes that the CFPB’s approach to negative option “dark patterns” is generally harmonized with that of the Federal Trade Commission (the FTC put out its own Enforcement Policy Statement Regarding Negative Option Marketing in October 2021). The guidance highlights the need for companies using negative option marketing to ensure that consumers: 1) understand the material terms of the negative option; 2) provide informed consent before being charged; and 3) are able to easily cancel recurring charges.

Continue Reading Regulators Continue to Focus on “Dark Patterns” in Negative Option Marketing

Just in time for the holidays, the FTC has released two companion settlements resolving allegations that Epic Games (maker of the popular video game Fortnite) violated the Children’s Online Protection Act (COPPA) and the FTC Act, with Epic to pay $520 million in penalties and consumer redress. The cases build on existing FTC law and precedent but add new dimensions that should interest a wide array of companies subject to FTC jurisdiction.    

Notably, the first case alleges COPPA violations (compromising the privacy and safety of users under 13) but adds allegations that Epic violated teens’ privacy and safety, too. And the second case alleges unauthorized in-app purchases – not just by kids, which was the focus of earlier FTC cases, but by users of all ages. Both cases rely on unfairness theories in extending their reach. Both incorporate the (now ever-present) concept of dark patterns (generally defined as practices that subvert or impair user choice). And both got a 4-0 Commission vote, with a strong concurrence from Republican Commissioner Wilson explaining her support for the FTC’s use of unfairness here. Neither case names any individuals.  

The privacy case

The FTC’s privacy case alleges that, for over two years following Fortnite’s launch in 2017, Epic allowed kids to register with no parental involvement, and for kids and teens to play the game with features enabling them to communicate in real time with anyone on the platform. According to the FTC, these practices subjected kids and teens to bullying, harassment, threats, and “toxic” content, including “predators blackmailing extorting, or coercing children and teens…into sharing explicit image or meeting offline for sexual activity.” Further, says the FTC, Epic knew about these problems, resisted fixing them and, when it finally took action, added controls that were hard to find and use, and failed to cure the violations.     

Continue Reading Two Epic Cases from the FTC: Spotlight on COPPA, Unfairness, Teens, Dark Patterns, In-App Purchases, Cancellations, and More

In a case that will likely resonate with many readers, the FTC’s recent settlement with Vonage describes in excruciating detail the obstacles and costs that Vonage allegedly imposed on consumers when they tried to cancel their phone service.  In many ways, it’s a typical FTC case involving deception, unauthorized charges, and misuse of a “negative option” that makes it simple to sign up and almost impossible to cancel.  However, the FTC’s characterization of the practices as “dark patterns,” coupled with some other features, make this case stand out.  Indeed, any company with a “customer retention strategy” (which is apparently what this was) would be wise to pay attention.

The FTC’s Complaint  

According to the FTC’s complaint, Vonage provides internet based phone service (known as Voice Over Internet Protocol or VOIP) to consumers and small businesses. Monthly charges range from $5-50 for individual customers and can be as high as thousands of dollars for small businesses.  In many cases, Vonage signs up consumers using a negative option plan that requires them to cancel by certain date before being charged.

The complaint alleges that, between 2017 and 2022, Vonage provided several ways to sign up for its plans (including online and via toll free number) but made cancellation much more difficult through numerous hurdles.  It also alleges that, in some cases, monthly fees continued after cancellation; consumers were charged (or threatened with) undisclosed early termination fees (ETFs); and Vonage provided only partial refunds or no refunds at all.  The complaint says that this was all part of a “customer retention strategy” that Vonage pursued despite hundreds of consumer complaints, knowledge among employees, and an earlier settlement with 32 states over similar allegations.

According to the complaint, these practices violated the Restore Online Shoppers’ Confidence Act (ROSCA) (failure to disclose material terms, obtain informed consent before imposing charges, and provide a simple mechanism to stop recurring charges) and Section 5 (charging consumers without their express informed consent). Continue Reading The FTC’s case against Vonage – Customer Service Nightmare as “Dark Patterns”

No, we’re not talking about sinister sewing guides, but rather practices or formats that may manipulate or mislead consumers into taking actions they would not otherwise take.

We untangled the topic of so-called “dark patterns” in two in-depth blogs earlier this year, available here and here. At that time, we noted there was a common thread between practices that regulators were calling “dark patterns” and practices that have been core elements of consumer protection law and policy for years. We concluded that, despite the catchy new terminology, it did not appear we’d be seeing a new legal standard.

The FTC’s newly released dark patterns staff report may lead us to pause and reconsider. While the majority of identified practices fall squarely within the FTC’s prior enforcement activities (e.g., hidden fees, improper disclosures, bait-and-switch offers), the report also weaves in a handful of practices that may be more of a stretch under existing law, signaling a possible pivot towards more aggressive enforcement activities.  Here are a few of them:

  • Using shame to steer users away from certain choices, a concept the California Privacy Protection Agency (led by FTC alum Askhan Soltani) has also proposed to include in the draft CPRA regulations.
  • Making the free version of a game so cumbersome and labor-intensive that the player is induced to unlock new features with in-app purchases;
  • Making users create an account or share their information to complete a task;
  • Asking repeatedly and disruptively if a user wants to take an action;
  • Making a request that doesn’t let the user permanently decline – and then repeatedly prompting them with the request.

The report also focuses specifically on dark patterns seeking to obscure or subvert consumers’ privacy choices.  These include:

  • Asking users to give consent but not informing them in a clear, understandable way what they are agreeing to share, an issue France’s data protection authority has addressed;
  • Telling users the site is collecting their information for one purpose but then sharing it with others or using it for other purposes;
  • Including default settings that maximize data collection and making it difficult for users to find and change them.

In text on which staff did not elaborate, the report also contends that businesses should use consumer information only for “the service the consumer requested, and nothing more.” Such restrictive purpose limitations are not contemplated by state privacy laws and would foreclose innovation.

As of this writing, the FTC hasn’t announced any cases challenging practices in these more innovative categories. Some of these same categories have also been discussed by State Attorneys General in recent months at meetings such as the NAAG Consumer Protection conference, but similarly, AGs have been reluctant so far to push the boundaries of which of these practices they believe constitute a violation of state law. We will continue to monitor this issue on both the state and federal fronts and post updates as they occur.  In the meantime, companies should give serious consideration (both in light of this FTC development and the emerging state law emphasis on dark patterns) in their product interfaces, disclosure and notice design, purchases flows, cancellation methods, and other consumer communications.


Fareportal to Pay $2.6 Million Over Dark Patterns



Last week, the New York Attorney General announced that Fareportal had agreed to pay $2.6 million to end an investigation over its use of “dark patterns” to manipulate consumers into booking flights and hotel accommodations. As we’ve noted in previous posts, “dark patterns” is arguably a new name to describe practices that have been around for a while, so it helps to see some examples of what the AG alleged Fareportal did.

According to the AG, Fareportal created a “false sense of urgency and social pressure” to push consumers into making decisions they may not have made had they known the full truth. For example, Fareportal would display that only a few flights were available, even if that wasn’t the case. A consumer searching for one ticket would see a message stating “Only 2 tickets left” for certain flights, while a consumer searching for two tickets would see a message stating “Only 3 tickets left.”

Fareportal Screen Shot

The AG alleged that Fareportal used similar tactics when consumers searched for hotel accommodations. For example, a consumer searching for hotel rooms 16 to 30 days before check-in was told that 41 – 70% of hotel rooms had already been reserved, while a consumer searching for hotel rooms 7 to 15 days before check-in was told that 71 – 80% percent of rooms had already been reserved. However, these numbers did not accurately reflect availability.

Beyond these tactics, the AG alleged that Fareportal fabricated information related to the popularity of certain products or services – such as the number of consumers that had purchased insurance, upgraded seats, or were viewing certain listings – and that the company used misleading countdown timers to get consumers to act quickly. In addition, Fareportal allegedly used fictitious prices when advertising purported discounts on airline tickets.

As part of its settlement, Fareportal is required to make significant changes to its marketing practices and to pay $2.6 million in disgorgement and costs.

The lessons in this case extend beyond the travel industry. For example, it’s common to see messages on retail sites stating how a sale will last, how many products are left, how many consumers have a certain product in their cart, or how many consumers are viewing that product. Those tactics are fine, if they accurately reflect the facts. But if they don’t accurately reflect the facts, those same tactics will be viewed as dark patterns.

As my colleagues reported, we’re likely to see an increase in these types of investigations, at both the federal and state level.

Dark Patterns: A New Legal Standard or Just a Catchy Name? (Part Two)In Part One of this discussion, we provided background on the concept of dark patterns and analyzed some recent examples from State AG enforcement. We concluded that, in alleging dark patterns, State AGs are building primarily on existing precedent governing deception and unfairness but also are trying to push the envelope. Whereas earlier precedent mostly focused on false and hidden information, some of the State’s current allegations lean more towards coercion and the impairment of voluntary action.

In this post (Part Two), we examine the FTC’s approach to this issue, now and in the past. Here, we conclude that, despite the new terminology, the practices that comprise today’s dark patterns have been core elements of FTC law and policy for years. So far – and we emphasize so far – dark patterns is a catchy (and catch-all) name for a variety of longstanding and well-known practices that trick people into making choices that they would not otherwise make.

Dark Patterns Today

During the last year, the main actions the FTC has taken on dark patterns were to (1) hold a workshop on the topic (2) issue a policy statement on their use in negative option marketing, and (3) announce that the FTC’s planned rulemaking on “surveillance-based business models” will address dark patterns.

The workshop identified a range of conduct classified as dark patterns, some of which is classic deception (e.g., not disclosing up-front fees) and some of which would be more of a stretch under existing law (e.g., language denigrating a particular choice, like “no thanks, I don’t want to save money.”) As of this writing, the FTC hasn’t issued a report on the workshop and hasn’t announced any cases challenging practices in the “stretch” category.

Meanwhile, the policy statement on negative option marketing (described in the FTC’s press release as part of a “ramp up” on dark patterns) is largely a summary of prior cases based on the FTC Act, the Restore Online Confidence Act, the Telemarketing Sales Rule, and other laws and rules. The extensive precedent it cites – which includes dozens of cases addressing misleading or hidden disclosures, as well as burdensome cancellation and refund procedures – demonstrates the FTC’s long track record of addressing dark patterns, by whatever name.

Finally, the rulemaking to address “surveillance” and dark patterns has not yet been initiated.

Dark Patterns of Yesteryear       

A trip down memory lane reveals an abundance of other FTC actions (beyond negative option marketing) to address the tricks and obfuscation now known as “dark patterns.” Here are just some of them:

  • Bait and Switch Guides. First promulgated in 1967, these guides interpret how Section 5 applies to advertising that “baits” consumers with an “an alluring but insincere offer” in order to sell something else, typically at a higher price or on less favorable terms for the consumer. The guides identify as illegal a range of practices that steer consumers to the less desirable option – including disparagement of the advertised product, the refusal to take orders for it, and difficulties and delays in providing refunds for it.
  • CAN-SPAM Act/Rule: This Act and Rule from the early 2000s prohibit deceptive email header information, which tricks consumers into opening the email, and requires senders to provide recipients with a simple way to opt out of future emails.
  • “Clear and Conspicuous” Requirement: This requirement, which has appeared (in some form) in FTC rules and orders for decades, is designed to ensure that important disclosures (including mechanisms for obtaining consumer consent) aren’t hidden or drowned out by more prominent advertising claims or confusing text. It requires, among other things, that such disclosures, “by size, contrast, location, [and] length of time it appears” stand out from accompanying text so they are “easily noticed, read, and understood.” Also, the disclosures can’t be contradicted by anything else in the communication.
  • Ticketmaster case: In this 2010 case against a leading ticket seller, the FTC alleged that the company used bait and switch ads, combined with a deceptive website interface, to cause buyers to click on a link taking them to an affiliated ticket reseller that charged higher prices.
  • In app purchase cases: In a series of cases against Apple, Google, and Amazon in 2014, the FTC alleged that the app stores (1) offered “free” games to kids that included incentives for them to make in-app purchases, but (2) failed to disclose to parents that by entering a password, they were authorizing unlimited purchases for a certain time window.
  • Payments MD case: In this 2015 case against a payment portal, the FTC charged that the portal used a confusing interface and registration system to trick consumers into signing up for a separate service that harvested their private medical information.

Of course, the fact that “dark patterns” aren’t new at the FTC doesn’t mean they’re not important. To the contrary, it means that the FTC’s renewed interest in this area rests on solid precedent and deserves attention. Just as we stated with respect to State efforts here, companies should take extra care in designing their disclosures, purchases flows, cancellation methods, and other communications to steer clear of marketing techniques that cross the line into dark patterns.

We will continue to monitor this issue on both the state and federal fronts and post updates as they occur.

Dark Patterns: A New Legal Standard or Just a Catchy Name? (Part Two)

Dark Patterns- A New Legal Standard or Just a Catchy Name? (Part One)State and federal regulators have definitely put a new emphasis on combatting so-called “dark patterns” – a term attributed in 2010 to user-experience expert Harry Brignull, who runs the website Consider some of the actions of 2021: In April, the FTC hosted a workshop dedicated to dark patterns. In July, Colorado passed the Colorado Privacy Act that specifically defines and prohibits the use of dark patterns.  In October, the FTC issued a policy statement warning against the use of dark patterns in subscription services.  And just last week, a bipartisan group of four states sued Google alleging in part violations of state law for Google’s use of dark patterns in obtaining consumers’ consent to collect geolocation information.  But other than a catchy name, is there really anything new about the types of conduct that state and federal officials are calling illegal?  This two-part blogpost will take a closer look at that question.

What are “Dark Patterns?”

There are a number of definitions of “dark patterns” that are bandied about. calls them, “tricks used in websites and apps that make you do things that you didn’t mean to, like buying or signing up for something.”  In the Colorado Privacy Act, dark patterns are defined as, “a user interface designed or manipulated with the substantial effect of subverting or impairing user autonomy, decision-making, or choice.”  And in the recent Google lawsuits, each State defined dark patterns as, “deceptive design choices that take advantage of behavioral tendencies to manipulate users to make choices for the designer’s benefit and to the user’s detriment.” Continue Reading Dark Patterns: A New Legal Standard or Just a Catchy Name? (Part One)

Earlier this week, District of Columbia Attorney General Brian Schwalb settled one of two outstanding lawsuits against the Washington Commanders – this time over allegedly deceptive practices related to security deposits paid by season ticket holders.  These deposits, which averaged $1,200, were supposed to be returned by the team thirty days after the expiration of ticket holders’ contracts, but the AG alleged they were instead retained by the team for years.  Moreover, the AG alleged that the team created additional hurdles for consumers who did seek their deposits back, including requiring a signed, written request, which was never disclosed to consumers as a requirement for a refund.  Former AG Karl Racine originally brought the case in 2022 alleging that this conduct violated the District of Columbia Consumer Protection Procedures Act (“CPPA”).

The settlement requires the team to pay back all outstanding security deposits to affected District residents, totaling approximately $200,000.  In addition, the team will pay $425,000 to the District for restitution, attorneys’ fees, costs, and contributions to the District’s litigation support fund (as determined in the sole discretion of the AG).  The agreement also includes a broad permanent injunction that not only prohibits future misrepresentations about the process of obtaining a refund of a security deposit, but also that prohibits “any act or practice that violates the CPPA.”

Apart from a reminder that the D.C. AG continues to use his consumer protection authority to battle the Commanders (see here and here for info on D.C.’s ongoing suit related to allegations of a toxic work environment and its impact on District consumers), this settlement is also a reminder that creating unnecessary and undisclosed steps for your customers to obtain refunds or assert other contractual rights will likely attract the ire of state and federal enforcers.  This is increasingly true as more attention is brought to the concept of “dark patterns” – a phrase that we have previously called a “catchy” name for historically deceptive practices (see our two part post here and here), but that enforcers continue focus on in recent enforcement priorities and business guidance

This settlement also serves as a reminder of the rather broad ability to seek significant monetary relief in AG-brought consumer protection actions.  It is not uncommon in consumer protection matters for AGs to characterize settlement payments broadly to give the AG discretion on the allocation of those amounts (depending on the state and it’s unique state consumer protection authority).  Given the range of penalties, redress, costs, fees, and other relief authorized by law it is easy to imagine how significant those potential recoveries may be in any given matter.  As a result it is critical to have a complete understanding of the AG’s authority wherever you do business.

Join our Kelley Drye State AG team for our free monthly State Attorney General webinar series, featuring Attorneys General, front office staff, and consumer protection chiefs from around the country as they discuss their consumer protection authority and various hot topics in consumer protection.

For anyone planning to attending the ABA Antitrust Spring Meeting in Washington DC this week (March 29-31), please look for your friends from Kelley Drye Ad Law on multiple panels on Wednesday and Thursday:

ABBY STEMPSON (Special Counsel in the Ad Law and State AG practices) will be speaking on a panel entitled Fundamentals – Consumer Protection. The session will include a fact pattern to help set the scene for the audience and will discuss potential violations of federal and state law, as well as BBB self-regulatory standards.  Panelists will examine enforcement, corporate compliance, and emerging issues, with Abby focusing in particular on state consumer protection laws, AG enforcement, and business compliance strategies. This session takes place on Wednesday from 9:00-10:15.

JESSICA L. RICH (Of Counsel and Senior Policy Advisor for Consumer Protection in the Ad Law Practice) will speak on the panel, Regulating Women’s Privacy Post-Dobbs: The Next Frontier. As participants will discuss, the Dobbs decision overturned Roe, which was based in part on the right to privacy, and now some states have outlawed abortion in many circumstances.  Meanwhile, the ubiquitous collection of digital information about consumers is raising fears that data about women’s location, purchases, and medications will be used to prosecute women and their health care providers in states with anti-abortion laws.  How can we understand these new frontiers of women’s privacy?  This panel is on Wednesday from 10:45 am -12:00 pm.

DONNELLY MCDOWELL (Partner in the Ad Law Practice) is moderating the panel Navigating the “Green” Minefield of ESG Claims, which will offer perspectives from the FTC, in-house counsel, and plaintiff’s counsel on issues related to green marketing and environmental, social and governance (ESG) initiatives.  As we’ve discussed at length on Ad Law Access in a series of posts, green marketing claims continue to generate attention and scrutiny from the FTC, NAD, and plaintiff’s attorneys and are more prevalent than ever. In addition, the FTC has solicited comment on potential revisions to the Green Guides, as we discussed here.  This session will address all of these developments and more, and takes place on Wednesday from 1:45-3:15 pm

LAURA RIPOSO VANDRUFF (Partner and Chair of the Ad Law Practice) is the Session Chair and Moderator of the panel Is AMG the Tip of the Iceberg? Two years after the Supreme Court stripped the FTC of its authority to use Section 13(b) to obtain monetary remedies in FTC v. AMG, the FTC is facing new challenges on other fronts. Laura’s panel includes a former Chairman of the FTC; an attorney representing the Petitioner in Axon v. FTC; the FTC Bureau of Consumer Protection’s Chief Litigation Counsel; and a prominent member of the FTC defense bar. Among other things, the panel will assess whether Chair Khan’s ambitious rulemaking priorities are vulnerable to constitutional challenges, including under the major questions doctrine. This panel is on Thursday from 8:30-10:00 am.    

PAUL SINGER (Ad Law Partner and co-chair of the State AG practice) is the Session Chair and Moderator of this year’s Consumer Protection Year in Review panel.  This panel will feature representatives from the FTC, DOJ, NAD Division of BBB National Programs, Florida AG’s Office, and the private bar.  This annual panel takes a look back at the major consumer protection developments of the past year, and will include a robust discussion of many of the hot topics that emerged through enforcement efforts, including dark patterns, privacy and data security, testimonials, endorsements and reviews, green claims, and health claims.  The panel will also discuss the increased collaboration among enforcers – both between federal agencies (FTC/DOJ) and state-federal partnerships (FTC/State AGs). This panel will take place on Thursday from 1:30-3:00 pm.

Please join us at any or all of these interesting and timely panels.