Online retail and dark ux patterns one year on
Dark Patterns · UX Research · Consumer Rights
In 2017, we published our initial investigation into the use of dark UX patterns across the UK’s biggest online retailers — hidden costs, forced continuity, trick questions, and interfaces deliberately designed to make users do things they did not intend. The findings were stark. A year later, we revisited the landscape to see whether things had improved. They had not.
This follow-up report draws on an exclusive survey of over 1,000 UK consumers and examines how deceptive design practices have evolved since GDPR came into force. The findings paint a troubling picture: despite new regulation, despite growing public awareness, and despite the measurable damage these practices inflict on brand reputation, dark patterns remain endemic across e-commerce. The short-term revenue they generate continues to outweigh the long-term costs — at least in the minds of the businesses deploying them.
Key Numbers
90% believe the Roach Motel pattern should be illegal
60% would not return to a site after a bad UX experience
48% still signed up to mailing lists without consent post-GDPR
47% would never interact with a brand again after unsubscription issues
23% have experienced issues trying to unsubscribe from a service
The 12 Dark Patterns: A Taxonomy of Deception
The term “dark pattern” was coined in 2010 by London-based UX designer Harry Brignull, who identified 12 distinct categories of deceptive interface design. Understanding these patterns is essential for recognising them — and for making the case that they should not exist in any product that claims to respect its users.
| Dark Pattern | What It Does | Common Example |
|---|---|---|
| Trick Questions | Uses confusing language so users agree to things they did not intend | Double negatives in opt-out checkboxes |
| Sneak into Basket | Adds items to a shopping cart without the user’s explicit consent | Pre-selected insurance or accessories at checkout |
| Hidden Costs | Reveals additional charges only at the final stage of a transaction | Service fees appearing on the payment page |
| Roach Motel | Makes it easy to sign up but extremely difficult to cancel or leave | One-click subscription, multi-step phone cancellation |
| Privacy Zuckering | Tricks users into sharing more personal data than they intended | Default privacy settings set to maximum exposure |
| Price Comparison Prevention | Makes it difficult to compare prices between products or plans | Non-standard unit pricing, bundled features |
| Misdirection | Draws attention to one element to distract from another | Large “Accept All” button, tiny “Manage Preferences” |
| Bait and Switch | Promises one outcome but delivers another | Free trial that charges without warning |
| Confirmshaming | Guilts the user into opting in by making the alternative feel shameful | “No thanks, I don’t want to save money” |
| Disguised Ads | Makes advertisements look like content or navigation elements | Download buttons that are actually ad banners |
| Forced Continuity | Automatically renews a subscription after a free trial without clear notice | Silent credit card charge after trial expires |
| Friend Spam | Harvests contacts and sends messages appearing to come from the user | LinkedIn’s $13M lawsuit over its Add Connections feature |
These are not theoretical concerns. In 2015, LinkedIn was ordered to pay $13 million in a lawsuit settlement over its friend spam pattern. High-profile airlines have been documented adding travel insurance by default on upsell pages. Hotel booking sites manufacture urgency with countdown timers and scarcity warnings — “Only 2 rooms left!” — designed to panic users into booking before they can compare alternatives. And the Consumer Rights Directive has already rendered several of these patterns — sneak into basket, aspects of hidden costs, forced continuity, and bait and switch — technically illegal. Enforcement, however, remains inconsistent.
What Consumers Actually Think: Survey of 1,000+ UK Users
We commissioned an exclusive survey of over 1,000 UK consumers to understand attitudes toward dark patterns, their experiences with deceptive interfaces, and how these encounters affect their relationship with brands. The results are unambiguous: users know when they are being manipulated, they resent it, and they leave.
| Finding | Result |
|---|---|
| Believe the Roach Motel pattern should be illegal | 90% |
| Would not return to a website after a bad UX experience | 60% |
| Still being signed up to mailing lists without consent (post-GDPR) | 48% |
| Would never interact with a brand again after unsubscription issues | 47% |
| Rank honest terms and conditions as a top website feature | 36% |
| Have experienced issues trying to unsubscribe from online services | 23% |
| Of 16-34 year olds who have had unsubscription issues | 33% |
| Of Millennials still added to mailing lists without permission | 60% |
The generational data is particularly revealing. The assumption that younger users are less susceptible to dark patterns does not hold: 60 percent of Millennials report being signed up to mailing lists without consent even after GDPR. A third of 16-34 year olds have experienced difficulties unsubscribing. Younger users may be more digitally literate, but the dark patterns deployed against them are also more sophisticated — embedded in the apps, platforms, and subscription services they use most frequently.
How UK Cities Compare: Attitudes to Dark Patterns
We broke down our survey data by city to reveal significant regional variation in how consumers respond to dark UX patterns. Businesses targeting online customers in certain cities should be particularly careful about deploying deceptive interfaces.
| City | Unlikely to return after bad UX | Notable finding |
|---|---|---|
| Glasgow | 75% | Least forgiving city in the UK |
| Newcastle | 72% | Also among highest pop-up ad hatred (57%) |
| Nottingham | 70% | Third least forgiving after bad UX |
| Bristol | 61% | 84% believe brands deliberately make unsubscribing difficult |
| London | 55% | 33% believe new tech is improving UX (most optimistic) |
| Norwich | 52% | Least confident city in UX improvements |
| Southampton | 48% | 30% have had unsubscription issues |
Glasgow stands out as the least forgiving city: three quarters of respondents would not return to a brand after a poor UX experience. Bristol shows the highest awareness, with 84 percent believing brands deliberately obstruct the unsubscription process. London is the most optimistic, with a third of respondents believing new technology is genuinely improving user experience — but even in the capital, over half would walk away from a site that treated them poorly.
GDPR Was Supposed to Fix This. It Hasn’t.
The General Data Protection Regulation came into force in May 2018 with a clear mandate: protect personal data as a fundamental right, end pre-checked consent options, and require that user data collection is freely given, informed, specific, and unambiguous. A year on, almost half of UK consumers are still being signed up to company mailing lists without their consent. In London, that figure rises to 54 percent. Among 23-38 year olds, it reaches 60 percent.
How? Through the use of dark patterns themselves. Trick questions, deceptive formatting, pre-selected options buried in lengthy forms, and privacy zuckering — interfaces that technically present a choice but structurally eliminate meaningful consent. Companies are using the very practices GDPR was designed to prevent as the mechanism for circumventing it. The regulation states that consent must be given without ambiguity. If a user is duped into providing it, the company places itself at serious risk of breaking the law.
The brand reputation cost is equally clear. Sixty percent of users would not return after a bad UX experience. Forty-seven percent say they would never interact with a brand again after encountering unsubscription difficulties. As consumers become more discerning and social media amplifies complaints, the short-term revenue gains from dark patterns are increasingly offset by the long-term erosion of trust, loyalty, and lifetime customer value. Implementing deceptive interfaces does not solve the problem of customer retention — it shifts it to phone queues, social media complaints, and reputational damage.
Conclusion: If Someone Wants to Leave, Let Them Leave
The argument against dark patterns is not merely ethical — it is commercial. Users who feel deceived do not simply complain; they leave. And they take their network with them. Social media has given consumers the tools to amplify negative experiences instantly. A single viral complaint about a deceptive checkout flow or an impossible cancellation process can inflict reputational damage that no amount of retained subscriptions can offset.
The data from our survey confirms what every experienced designer already knows: trying to retain customers by hiding the cancel button is harder — and ultimately less effective — than improving the product to the point where customers do not want to leave. Honest design, transparent terms, and frictionless user journeys are not competitive disadvantages. They are the foundation of sustainable customer relationships. Over a third of consumers rank honest terms and conditions as one of the most important features a website can provide. An easy user experience sits even higher.
This report was produced by Sigma based on an exclusive survey of over 1,000 UK consumers. It builds on our initial 2017 investigation into dark UX patterns in online retail and incorporates post-GDPR data on consent practices and consumer attitudes.
Frequently Asked Questions
Dark UX Patterns in Online Retail
What is a dark UX pattern?
A dark UX pattern is a user interface design choice that deliberately misleads, confuses, or manipulates users into taking actions they did not intend — or prevents them from taking actions they want to take. The term was coined in 2010 by London-based designer Harry Brignull, who identified 12 distinct categories including trick questions, sneak into basket, hidden costs, roach motel, confirmshaming, and forced continuity. Dark patterns prioritise the objectives of the business over the experience, autonomy, and ethical treatment of the user.
Are dark patterns illegal in the UK?
Some dark patterns are already illegal under the Consumer Rights Directive, which prohibits practices such as sneak into basket (adding items without consent), certain forms of hidden costs, forced continuity (automatic billing without clear notice), and bait and switch. GDPR also makes it illegal to obtain user data through ambiguous or deceptive consent mechanisms. However, enforcement remains inconsistent and many dark patterns — such as confirmshaming, misdirection, and price comparison prevention — occupy a grey area that current regulation does not explicitly address. Our survey found that 90 percent of UK consumers believe the Roach Motel pattern specifically should be made illegal.
What is confirmshaming and why is it problematic?
Confirmshaming is a dark pattern that uses guilt or shame to manipulate users into opting in to something. It typically presents the opt-out option in language designed to make the user feel foolish or irresponsible for declining. Common examples include newsletter pop-ups where the dismiss option reads “No thanks, I don’t want to save money” or “I prefer to pay full price.” While it may seem minor compared to patterns like hidden costs or forced continuity, confirmshaming erodes trust and signals to users that the company values conversion over respect. It is one of the most widely recognised dark patterns among consumers.
How do dark patterns affect brand reputation long-term?
The long-term impact is severe. Our survey found that 60 percent of users would not return to a website after a bad UX experience, and 47 percent would never interact with a brand again after encountering unsubscription difficulties. Dark patterns also shift problems rather than solving them: if a customer cannot cancel online, they will call — now more frustrated than before. Employee satisfaction in customer service departments suffers. Social media amplifies complaints. And the reputational damage from a viral dark-pattern exposé can far exceed any short-term revenue the pattern generated. LinkedIn’s $13 million settlement demonstrates that the legal and financial risks are real and growing.
What should e-commerce businesses do instead of using dark patterns?
The alternative to dark patterns is not passive design — it is honest design. Businesses should make subscription and cancellation processes equally frictionless. Pricing should be transparent from the first interaction. Consent checkboxes should be unchecked by default with clear, unambiguous language. Optional extras should be genuinely optional, presented without pressure or misdirection. Unsubscribe links should be prominent and functional. And user journeys should be designed around what the customer needs, not around what the company wants to extract. Over a third of consumers rank honest terms and conditions among the most important features a website can provide. Trust is not just an ethical position — it is a competitive advantage that dark patterns systematically destroy.