Designs that work against the user — and why they're a long-term liability even when they work in the short term.

Dark patterns are UI design choices that deliberately mislead or manipulate users into actions they didn't intend — subscribing to something they didn't want, sharing data they didn't mean to, or spending more than they planned. The term was coined by UX designer Harry Brignull, who began cataloguing them in 2010.

They're distinct from bad UX. Bad UX is careless. Dark patterns are intentional — designed to exploit the gap between what users expect an interface to do and what it actually does. The distinction matters legally and ethically.

A few categories show up repeatedly across products:

• Confirmshaming: The opt-out button says something like "No thanks, I don't want to save money" — a mild shame nudge around declining.
• Hidden subscriptions: A low-price trial that converts to a recurring charge, buried in fine print or enabled by a pre-checked box.
• Roach motel: Easy to get in, deliberately difficult to get out. Subscription cancellation flows that require phone calls, multi-step "save" sequences, or hidden settings.
• Misdirection: Drawing attention away from information users would want and toward content that serves the business. Common in privacy consent flows.
• Disguised ads: Content formatted to look like editorial or organic results, with just enough visual difference to technically claim disclosure.
• Privacy zuckering: Default privacy settings configured to share everything, with opt-out buried inside a layered settings tree.

Dark patterns often produce measurable short-term metric improvements. Conversion goes up. Sign-ups increase. Unsubscribe rates drop. This is exactly why they persist — the damage doesn't show up in the same dashboard as the gain.

What the metrics don't capture: trust erosion. Users who feel tricked don't forget. They churn, complain publicly, and warn others. For SaaS products where retention and referral are the growth engine, that damage compounds. A sign-up rate that ticked up 8% can be offset entirely by a single viral thread about a deceptive cancellation flow.

Regulators are catching up fast. The EU's Digital Services Act and GDPR enforcement both address deceptive design explicitly. The FTC has published guidance on dark patterns and taken enforcement action against companies using subscription traps. California's CCPA includes provisions against dark patterns in consent flows.

For B2B SaaS selling to enterprise or regulated industries, this is increasingly a procurement risk. Legal and compliance teams in larger buyers now routinely evaluate vendor products for deceptive UI practices — especially in data handling flows. Products that can't pass that review lose deals.

A focused dark patterns audit looks at a handful of high-risk areas:

• Subscription and upgrade flows: What does cancel actually require? How many steps, and are any of them deliberately friction-heavy?
• Default settings: What is pre-selected in data sharing, marketing consent, and notification flows? What would a user miss if they clicked through quickly?
• Opt-out mechanics: Is the "no" option as legible, accessible, and prominent as the "yes"?
• Checkout flows: What's pre-added to the cart or pre-checked at payment?

A Heuristic Evaluation naturally surfaces many of these — particularly violations of user control and error prevention. A structured UX Audit will flag them systematically alongside standard usability issues.