The Central Consumer Protection Authority (CCPA) has fined SpiceJet ₹1 lakh for using deceptive dark patterns on its booking platform. The airline automatically enrolled flyers into loyalty tiers and marketing lists via pre-ticked checkouts. SpiceJet has been ordered to permanently dismantle all default-consent systems.
NEW DELHI — The Central Consumer Protection Authority (CCPA) has imposed a statutory penalty of ₹1 lakh on budget carrier SpiceJet Limited for employing deceptive user interface designs, commonly known as dark patterns, on its digital flight booking platform.
The regulatory order, announced by Union Consumer Affairs Minister Pralhad Joshi on Friday, July 17, 2026, directs the airline to permanently discontinue all default-consent practices that manipulate passenger choices. The enforcement action highlights the Indian government's tightening scrutiny on digital commerce interfaces, ensuring that consumer consent remains explicit, uncoerced, and freely given during commercial transactions.
Deceptive Booking Interfaces Under Regulatory Scrutiny
The enforcement action follows a comprehensive review of the airline's online check-in and ticketing architecture by the apex consumer watchdog. Led by CCPA Chief Commissioner Nidhi Khare and Commissioner Anupam Mishra, the investigation established that SpiceJet systematically deployed user interfaces designed to nudge flyers into financial or promotional obligations without direct affirmative action.
According to the official regulatory findings, passengers attempting to complete normal ticket purchases were automatically enrolled in the commercial SpiceClub Loyalty Programme via a pre-ticked checkbox hidden within the contact details sub-menu.
Furthermore, the platform automatically registered users as having consented to receive an influx of third-party promotional messages. The default options forced travelers to manually opt out of marketing communications across text messages, WhatsApp, and email channels rather than selecting to opt in.
Identification of Prohibited Digital Tactics
The CCPA formally classified the airline’s user experience framework under three separate prohibited categories established by the domestic Guidelines for Prevention and Regulation of Dark Patterns, 2023:
Forced Action: Violating baseline autonomy by forcing passengers into the loyalty ecosystem as a mandatory byproduct of buying a standard transit ticket.
Interface Interference: Manipulating spatial layouts to elevate the company's financially preferred selection as the automatic default choice, thereby obscuring neutral options.
Trick Question: Deploying intentionally confusing, double-negative, or vaguely worded consent prompts to mislead consumers into signing away data rights.
The authority observed that even after a statutory investigation notice was delivered, the airline failed to implement a neutral interface, choosing instead to replace the initial layout with a modified pre-ticked layout that continued the non-compliant practices in a different digital format.
During the administrative hearings, legal representatives for SpiceJet attributed the non-compliant checkbox layouts to an internal technical error. However, the CCPA rejected this defense, holding that default settings which infer user consent alter consumer rights and obligations without express agreement.
The regulatory body declared the practice a direct violation of the Consumer Protection Act, 2019, covering unfair trade practices, misleading representations, and unfair contracts. The airline was also found in breach of Rule 4(9) of the Consumer Protection (E-Commerce) Rules, 2020, which strictly mandates explicit and affirmative human interaction before recording consent.
Consequently, the CCPA has ordered SpiceJet to submit a formal compliance undertaking within 15 days. This legal document must verify that all pre-selected boxes have been removed from the live production servers and that consumer choices are gathered solely via clean, active user selections.
Official Sources Section
Regulatory findings, legal violations, and corporate mandates detailed in this report are based on official case orders released by the Central Consumer Protection Authority (CCPA), statutory provisions of the Consumer Protection Act, 2019, and official statements issued by the Union Ministry of Consumer Affairs, Food and Public Distribution.
Quote Section
Government officials emphasize that digital innovation must respect baseline customer rights rather than exploiting user experience design to increase corporate profits.
According to officials monitoring ecommerce frameworks, pre-checked opt-ins are no longer legally sustainable under modern consumer protections. Union Minister Pralhad Joshi stated that:
"Consumer choice must be informed, not manipulated. The Central Consumer Protection Authority (CCPA) has imposed a penalty on SpiceJet airlines for deploying deceptive 'dark patterns' on its flight booking platform and directed the airline to permanently discontinue default-consent practices. The action reinforces that consumer consent must always be explicit, informed and freely given."
Why It Matters
For millions of domestic airline passengers, daily digital consumers, and travel agencies, this CCPA ruling establishes an enforceable regulatory boundary. By penalizing a major domestic airline for dark patterns, the government signals to all e-commerce operators, hospitality firms, and tech platforms that hidden add-ons, auto-enrolments, and pre-ticked checkouts will face immediate legal consequences and financial penalties.
Key Facts at a Glance
Financial Penalty: SpiceJet has been hit with a ₹1 lakh regulatory fine by the CCPA for deploying deceptive user experiences.
Core Infractions: The airline automatically enrolled flyers into its SpiceClub loyalty tier and promotional messaging lists using pre-ticked checkboxes.
Banned Tactics: The booking interface was found guilty of using forced action, interface interference, and trick questions.
Defense Rejected: The airline's claim that the interface layout was caused by a technical error was dismissed by the consumer protection panel.
Compliance Directive: SpiceJet must permanently remove all pre-ticked default options and file an implementation report within 15 days.
FAQ Section
What are dark patterns on a flight booking platform?
Dark patterns refer to deceptive user interface designs intended to trick, mislead, or manipulate users into making choices they might not otherwise make—such as accidentally buying insurance, subscribing to recurring programs, or giving away data access via pre-selected buttons.
Can an airline legally enroll me in a loyalty program automatically?
No. Under Rule 4(9) of the Consumer Protection (E-Commerce) Rules, 2020, any consumer consent collected on a digital commercial platform must be secured through an explicit, active, and affirmative action by the user. Automatic log-ins or pre-ticked checkboxes are illegal.
What should consumers do if they spot dark patterns while purchasing flight tickets?
Passengers who encounter hidden fees, forced add-ons, or pre-ticked boxes can file a formal complaint with the National Consumer Helpline (NCH) or report the merchant directly to the CCPA portal for violating fair trade standards.
Source: Central Consumer Protection Authority (CCPA) Enforcement Registry; Consumer Protection Act, 2019; Guidelines for Prevention and Regulation of Dark Patterns, 2023.