Have you ever tried to cancel a subscription and felt like you needed a map, a compass, and a PhD in linguistics just to find the "Yes, I really want to leave" button?
Most consumers would chalk that up to "bad design". But it's more likely that this "bad design" is actually a conscious choice made by a product manager somewhere.
And in 2026, these choices are at the center of a massive battle between user experience (UX) designers, trillion-dollar corporations, and government regulators.
Let’s take a casual, but deep look, under the hood of the internet to see how these dark patterns work, why they are so effective, and the massive legal wars being fought over your right to click "No."
The Blueprint: What Are Dark Patterns?
The term "Dark Pattern" was coined back in 2010 by UX specialist Harry Brignull. He noticed a disturbing trend: websites weren't just being "badly designed" by lazy coders. They were being expertly designed by lazy coders.
Brignull realized that companies were using their knowledge of human behavior against their own users. They knew that on the web, nobody reads entire pages, we scan quickly looking for specific cues.
We look for big green buttons, bold text, familiar shapes. Dark patterns hijack those rapid-fire heuristic shortcuts (mental rules of thumb) to trick us into following a predetermined route.
It’s the digital equivalent of a grocery store putting the milk at the very back of the shop so you have to walk past the candy and chips to get to it, except on the web, they can also lock the doors and hide the exit sign.
The Psychology of the Trick
These designs rely on three main psychological vulnerabilities:
- Status Quo Bias: We tend to stick with the default option. If a box is pre-checked, we assume it’s the "correct" choice.
- Scarcity Bias: "Only 2 rooms left!" triggers a panic response that bypasses our critical thinking.
- Sunk Cost Fallacy: Once we've spent 10 minutes filling out a form, we are likely to agree to a sudden hidden fee at the end just to "get it over with."
Common Types
Dark patterns come in many flavors, ranging from "mildly annoying" to "actually illegal" in some cases. Here are the heavy hitters:
1. The Roach Motel (and Project Iliad)
This is the most famous pattern: Easy to get in, impossible to get out.
The classic example is the gym membership you can sign up for in 30 seconds on an app, but can only cancel by sending a certified letter to a PO Box in another state.
This "was" my least favorite. I paid for a gym membership for 2 years, without stepping foot in the gym, because the cost was low enough that it wasn't causing issues and because cancelling indeed involved me driving down to the city where I initially signed up.
Case Study: Amazon’s "Project Iliad"
For years, cancelling Amazon Prime was notoriously difficult. Internally, Amazon reportedly referred to the cancellation process as "Project Iliad," named after Homer’s epic poem about the Trojan War, a long, grueling slog that took a decade to finish.
The "Iliad Flow" forced users to navigate multiple pages of guilt trips ("Are you sure? You'll lose free shipping on these items!"), confusing button choices (where "Continue" meant "Stay Subscribed"), and distractingly bright offers. It wasn't until the FTC stepped in that this flow was simplified.
2. Confirmshaming
This is the art of weaponizing guilt. You see a popup offering a discount in exchange for your email. The decline link isn't just a simple "No." It says something like:
- "No, I prefer paying full price."
- "No, I hate saving money."
- "No, I don't want to be healthy."
It sounds ridiculous, but it works. It forces a micro-moment of emotional friction that makes you second-guess clicking away.
In the modern age though, these choices are more comical than anything. They are designed to add some levity to an otherwise boring sign up process.
Just to point out that not every single dark pattern is in violation of laws and unethical. Some are just quirky design choices.
3. Sneak into Basket
You’re buying a laptop. You’ve picked the model, the RAM, and the color. You hit checkout, and suddenly the total is $40 higher than expected. Why? Because the site quietly added a "Screen Cleaning Kit" or "2-Year Protection Plan" to your cart without you clicking it.
In the EU and now parts of the US, this is largely illegal, but it still persists in grey areas, often disguised as "Recommended Bundles."
The idea of a "Recommended bundle" isn't the problem though. It's not being clear whether the user is purchasing said bundle.
4. Forced Continuity
This is the "Free Trial" trap. You enter your credit card for a 7-day free trial. The company relies on you forgetting. But the dark part is that they don't send you a reminder that the trial is ending, they just quietly charge you for a full year the second the clock strikes midnight on day 8.
This is sort of a gray zone for now, as you are obviously responsible for managing your own subscriptions and "nobody told me", isn't really a valid legal excuse.
5. Misdirection (Interface Interference)
This is a visual magic trick. A website will highlight one specific path (usually the "Accept All Cookies" or "Subscribe" path) with bright colors and big fonts, while the alternative ("Reject" or "Skip") is grey text on a grey background, often hidden in a corner or disguised to look like non-clickable text.
But again, not illegal in it of itself. Having a bright green 'Cancel' button next to a bright green 'Approve' button isn't more "ethical", it's just bad design.
The Legal Battleground: 2025 and Beyond
In the last few years, regulators have finally started catching up to the tech giants.
The FTC Wakes Up
The US Federal Trade Commission (FTC) has been busy the past few years.
- Vonage: The internet phone company had to pay $100 million in refunds because they made cancelling their service a nightmare of loops and dropped calls.
- Epic Games (Fortnite): They were hit with a $245 million judgment for using dark patterns that tricked kids into buying in-game skins and prevented users from easily refunding accidental purchases.
The "Click-to-Cancel" Saga
A major flashpoint in 2025 was the federal "Click-to-Cancel" rule. The idea was simple: If it takes one click to sign up, it must take one click to cancel.
While the rule faced legal hurdles in federal courts (with some provisions vacated in mid-2025), the momentum didn't stop. Individual states picked up the torch.
California’s 2026 Crackdown
As of January 1, 2026, California’s updated CCPA (California Consumer Privacy Act) regulations have come into full effect, and they are a game-changer for the web.
- Symmetry is Law: It is now explicitly banned in California to make opting out harder than opting in. You cannot force a user to click 5 times to reject cookies if it only takes 1 click to accept them.
- Opt-Out Confirmation: Websites must now clearly show an "Opt-Out Request Honored" message, treating the absence of consent as a rejection.
This effectively forces national changes, because no company wants to build a separate website just for California.
The New Trust Economy
We are entering the "Trust Economy." Modern users are getting too savvy. When we feel tricked, we don't just get annoyed and we get vengeful. We post screenshots on social media, we leave 1-star reviews, and we move to competitors.
Ethical brands are realizing that Good UX = Good Business. Being transparent might lower short-term metrics, but it increases "Customer Lifetime Value" (CLV). A customer who stays because they want to is worth ten times more than a customer who stays because they can't figure out how to leave.
All in all, this just means that web designers jobs are more difficult now than ever before. Because overall, it is pretty simple to poorly design a page so that the user is left confused, but it is substantially harder to design an experience where the user doesn't want to leave.
Last words
As a web developer, dark patterns are a part of the toolkit sometimes. You want more engaged users, less unsubscribes and you want people to actually use that fancy new feature that you just rolled out.
But going forward, just "how" you go about doing that is going to become more important. And web developers should stay mindful and be ready to update their designs when needed.
But as long as your transparent and honest with your visitors, you typically don't have to worry too much about whether your landing page is in violation of the law.