Affiliate Disclaimer

The digital marketing game is about to shift, is your website prepared?

California is at it again.

They were on the cutting edge of protecting users’ data and privacy and now they are expanding the California Consumer Protection Act (CCPA) to include the wording and design of websites.

Recently California announced that it has included a ban of “dark patterns” on websites in the latest amendment to the CCPA. What are dark patterns? 

Well, that encompasses a lot of “traditional” online marketing tactics. I’m willing to bet you have at least one of these on your website, sales page, or opt-in. So let’s dive in. 

Thanks to a Princeton University/Chicago University study we have a good breakdown of dark patterns and how they are implemented on sites. The study specifically looked at eCommerce sites but a lot of these are pretty universal. I bet you’ll even recognize some of the “tips and tricks” from your favorite marketing guru. 


“This offer expires in *insert countdown timer* don’t miss out!”

“This offer is only available for a limited time join now!”

If you have never been to a website using this tactic please email me because I am 90% sure that person doesn’t exist and I would love to be proven wrong. And find out where you are hanging out online.

Urgency is one of the favorite tactics of digital marketing. Particularly using open-ended time limits (using wording like “soon” or “shortly” rather than giving a set time frame) or using timers that just reset themselves when you revisit the page. 

According to Gunes Acar, a former postdoctoral researcher at Princeton University’s Center for Information Technology Policy in a Business Insider Article “Showing a timer and saying you only have five minutes left — there’s a sense of urgency that’s questionable at best.”


This one isn’t as common but I’ve seen it and certain kinds of upsells fall under this category. Sneaking is when you add something to your cart and the site automatically adds something else (usually something small) and you have to manually tell it that you don’t want that additional product. 

This also includes adding charges at the last minute (like when you start to buy something but you don’t know how much shipping is until the very last screen when you confirm your purchase and you suddenly find out it’s $37.99). Or when you sneak in a recurring fee under the guise of a “free trial” or a one-time fee.


This dark pattern includes one of my new favorite terms: “confirmshaming”. I’m sure you’ve seen this… You go to a sales page, you are scrolling through, maybe you decide to purchase something. Or you’ve opted into a freebie or newsletter. The next page is an upsell trying to get you to add something to your order.

The buttons to add to your order are big and bright and loud both in color and wording. But to decline the offer you first have to work to even find the link (its almost never a button), but then when you do find it instead of saying “no” or “don’t add to order” it says something like “No, I don’t want to make my life easier” or “No thanks, I’d rather pay full price”. That’s confirmshaming. 

This also includes using confusing language to trick people into opt into something like “check here if you don’t want us to not send you marketing emails”. (Yes, I’ve seen that in real life) 

Another version of misdirection is when you get to the order form and there is more than one variation of the product (like 1, 2, or 3 pack) and the most expensive option is automatically selected. 


“Only 1 left in stock, order now!” “Only 5 spots left, enroll now!” Scarcity marketing is familiar for most digital marketers. Or as I’ve often heard it called Fear of Missing Out. This is where you make it appear that a product or service is so popular that if you don’t buy NOW you might not get it. Usually this scarcity is entirely manufactured particularly for courses or digital products. 

Social Proof

Going hand in hand with Scarcity is Social Proof. At first glance, it seems like there isn’t anything wrong with social proof. People often use reviews and testimonials to help them decide if they want to purchase or not. Of course, that opens the door for sleazy marketers to misuse that behavior. For example, they may use fake reviews on a site, or use one of those widgets that pops up every ten seconds to tell you that “Karen in AZ has purchased product x” filled with preloaded names and places that cycle through over and over on the site. 

Forced Continuity

We are all familiar with this scenario. You sign up for a free trial for service, time gets away from you and suddenly your 7 days are up and you see a charge on your account. You get irritated and decide to cancel, but you are out that money and now you have to go through all the hoops to cancel the account. 

If you are lucky the stars will align and you will 1)remember you want to cancel the account 2) have the time to figure out how to cancel the account 3) be able to figure out how to cancel the account (see Roach Motel below). If not, you may end up paying for 2 or 3 or more months before you manage to untangle yourself. This issue was actually at the center of a statement issued by Rohit Choprad, Commissioner of the Federal Trade Commission.

Hidden Information

I see an example of this a LOT in my inbox. This is where you obscure information to make it hard to find. Like when you make the unsubscribe link in a newsletter nearly match the background of the email so it’s hard to find. Another example is hiding information, content, or options in fine print or Terms of Service.

Those are some of the dark patterns that most websites implement but they are by no means the only ones. There are several other dark patterns that include:

Price Comparison Prevention – making it difficult to compare prices for a product on other sites

Roach Motel – making it easy to sign up for something but difficult to get out (like making someone call the company to cancel a subscription and then trying to talk them into staying)

Hidden Costs – offering a product or service at a certain price but only under certain conditions/for a certain period of time (join for only $.99/week, then you find out that it’s only that price for the first week and then the price goes up to $9.99)

Bait and Switch – making it look like an action will have one result, but causing another. Mobile games do this a lot, you see an ad pop up and you click on the X and suddenly find yourself watching another ad, or the “buy now” button gets placed in the same place as the button you push to start a game or do an action. Muscle memory takes over and you find yourself spending money. 

Privacy Zuckering – not as common on small websites, but I love the name so I’m including it. This is where you are tricked into sharing more information about yourself than you mean to. It’s named after Facebook founder Mark Zuckerberg as Facebook (and almost all the fun apps/quizzes/games that live there) is notorious for this. 

Currently, the CCPA is focusing on dark patterns that directly impact consumers’ data privacy and financial well-being’: roach motel, privacy zuckering, and forced continuity are all examples. According to an article by  Vinson & Elkins LLP the new regulations are focusing on:

  • using an opt-out request process that requires more steps than the process for a consumer to opt back into the sale of personal information after previously opting out;
  • using confusing language (e.g., double-negatives, “Don’t Not Sell My Personal Information”);
  • requiring consumers to click through or listen to unnecessary reasons why they should not submit a request to opt-out before confirming their request;
  • requiring a consumer to provide personal information that is unnecessary to implement an opt-out request; or
  • upon clicking the “Do Not Sell My Personal Information” link, requiring a consumer to search or scroll through the text of a website or privacy policy to submit the opt-out request.”

But I’m Not in California

I hear you. But there are some things to remember. First California’s laws are not designed for websites based in California, they are designed to protect the citizens of California. So if you have visitors from California coming to your site this is something to take into consideration. (For more information about that you can check my post here about Data Privacy). Also, California often leads the way with laws like this with other states following suit. 

The CCPA was the first in the country to protect users’ data privacy and now there are several more states that have followed suit. You can learn more about data privacy and the various laws in this post

Second, these tactics and “Dark Patterns” have been gaining more and more visibility lately. There have already been a few bills brought forward in Congress in the United States that directly addressed these issues.

According to a Business Insider articleLawmakers from both sides of the aisle are calling for greater regulation over dark patterns. In 2019, Senators Mark Warner, a Democrat, and Deb Fischer, a Republican, introduced a bill banning tech firms from using dark patterns. Rohit Chopra, the commissioner of the Federal Trade Commission who served under Trump and now Biden, has spoken out against dark patterns.”

 It is only a matter of time before penalties are going to be attached to these tactics. People are getting tired of feeling taken advantage of by websites and they are speaking out. As tech companies come under fire for their marketing practices, platform moderation, and other issues small businesses and entrepreneurs are going to get caught up in the legislation aimed at these mega-companies. 

Finally, the biggest reason to really take a look at your website and consider if you are using any of these dark patterns on your website…being a decent human being. I’m not saying there isn’t ever a time and place for a timer (like a Black Friday Sale) or social proof (show off those testimonials!). But I have followed, watched, and even worked with marketers that blurred the line between genuine marketing and being sleazy. And a lot of them have tons of followers soaking up everything they say and then implementing it because “that’s how you make MONEY!” 

Except, that’s not how I want to make money. And I hope that’s not how you want to make money either (if you read this entire article just for ideas, shame on you!). Making money by tricking people into it is sleazy. If you read through this article and recognized a few of these tactics that are living on your website or are a part of your marketing I encourage you to take some time to consider what changes you can make to remove some of them. Authenticity is one of the latest buzzwords in marketing but it can not be faked. Using iffy tactics to get and keep customers might make you a few bucks, but is it really worth it? 

Want to keep your website safe and up to date?

Download my monthly Website Maintenance Checklist to

help you remember what needs to be done each month.