CCPA Imposes ₹1 Lakh Penalty on SpiceJet Over Dark Patterns on Flight Booking Platform
Consumer watchdog says pre-ticked checkboxes and deceptive consent practices violated the Consumer Protection Act, E-Commerce Rules, and Dark Patterns Guidelines

The Central Consumer Protection Authority (CCPA) has imposed a ₹1 lakh penalty on SpiceJet Limited for using deceptive design practices, commonly known as dark patterns, on its flight booking platform. The authority held that the airline’s practices violated the Consumer Protection Act, 2019, Rule 4(9) of the Consumer Protection (E-Commerce) Rules, 2020, and the Guidelines for Prevention and Regulation of Dark Patterns, 2023.
The order was issued by the CCPA under the leadership of Chief Commissioner Nidhi Khare and Commissioner Anupam Mishra.
According to the CCPA, consumers booking flights on SpiceJet’s platform were automatically enrolled in the Spice Club Loyalty Programme through a pre-ticked checkbox. In addition, users were considered to have consented to receive promotional messages because the default option was already selected, without requiring any affirmative action.
The authority noted that even after issuing a notice, SpiceJet merely altered the mechanism by introducing another pre-ticked checkbox for future communications through SMS, WhatsApp and email, thereby continuing the same practice in a different form.
During the proceedings, SpiceJet attributed the issue to a technical error. The airline was directed to submit an undertaking confirming that corrective measures had been implemented and would remain in place permanently.
CCPA Identifies Three Dark Patterns
The consumer watchdog identified the following deceptive practices on SpiceJet’s booking platform:
- Forced Action: Automatic enrolment of customers into the Spice Club Loyalty Programme through a pre-selected checkbox.
- Interface Interference: Presenting the company’s preferred option as the default choice, thereby influencing consumer decisions.
- Trick Question: Using confusing and negatively worded consent language that could mislead consumers.
The CCPA observed that these practices compromise consumer autonomy, undermine informed decision-making, and violate principles of fair and transparent consumer engagement.
Violation of Consumer Protection Laws
The authority held that SpiceJet’s conduct amounted to unfair trade practices, unfair contracts, and misleading representations under the Consumer Protection Act, 2019.
It also found that the airline violated:
- Rule 4(9) of the Consumer Protection (E-Commerce) Rules, 2020, which mandates that consumer consent must be obtained through explicit and affirmative action.
- Guidelines for Prevention and Regulation of Dark Patterns, 2023, which prohibit deceptive interface designs that manipulate consumer choices.
The CCPA reiterated that valid consumer consent must be explicit, informed, and freely given. Consent obtained through pre-ticked checkboxes, default selections, or deceptive interface designs is not legally valid and runs contrary to consumer welfare and the spirit of the law.


