Hi Marketing Wranglers,

The tactics that quietly boosted conversions for years are now drawing regulatory scrutiny. From dark-pattern UX designs that make opting out harder than opting in, to pricing strategies that hide fees until checkout, regulators are shifting from guidance to enforcement.

The FTC is already putting dollars behind that shift, ordering refunds and mandating interface changes, while privacy and consumer protection rules are increasingly evaluating how choices are presented, not just whether they exist. Design decisions that once lived in growth playbooks are now being treated as legal artifacts and the penalties are getting pretty expensive.

🔍 UX Tricks Becoming Legal Liabilities: The funnel tactics built on dark patterns are shifting from clever conversion plays to regulatory risk

💸 StubHub’s $10M Pricing Wake-Up: The FTC enforces total price transparency and punishes drip pricing

📡 Regulatory Radar: Compliance signals you can’t ignore

🙋 Ask Austin: Straight answers to your marketing puzzles

There is a move that marketers have quietly relied on for years. It does not show up in strategy decks. Nobody presents it to the CMO as a tactic. But it is everywhere: the subscription that signs up in two clicks and cancels through a customer service call. The cookie banner where "Accept All" is a bold green button and "Manage Preferences" is grey text nobody ever finds. The checkout page where travel insurance is already ticked on your behalf.

These are dark patterns. And for a long time, the industry treated them as clever UX. Low effort, high conversion. Legal's problem only if someone complained loudly enough.

That era is closing.

Dark patterns are interface designs that steer users toward decisions that benefit the business, not through good offers or compelling copy, but through confusion, manufactured urgency, and friction placed in all the wrong places on purpose.

In September 2025, the FTC secured a $2.5 billion settlement against a major e-commerce platform, alleging it used deceptive dark patterns to enroll users in a subscription service while making it deliberately hard to cancel. The number made headlines. The more important detail was quieter: the court also ordered changes to the actual product interface. The design team had homework, not just legal.

What makes this moment different from previous regulatory noise is not one big case. It is simultaneity. Multiple governments are moving in the same direction at once.

California's updated privacy regulations, which came into force in January 2026, explicitly frame non-compliance with consumer request processes as potential evidence of dark pattern use. It is no longer about what your privacy policy says. It is about whether the opt-out path you built was genuinely designed to be found.

Under GDPR in the EU, any consent design that makes opting out harder than opting in can invalidate the consent entirely. The EU is also advancing a Digital Fairness Act, with explicit prohibition of dark patterns listed as one of its six core legislative priorities. And in the UK, both privacy and competition regulators have issued joint guidance on dark patterns, signaling these practices are being examined through more than one legal lens at once.

Privacy. Competition. Consumer protection. The scrutiny is no longer coming from one direction.

The instinct when regulations tighten is to pass legal review and move on. That instinct is exactly what regulators are now calling out by name.

Regulators have named the practice "compliance theater": interfaces that technically satisfy the law while still being designed to nudge users away from the choices they actually want to make. A consent flow that includes an opt-out button in grey text after three extra screens technically has an opt-out. It is also designed to be invisible.

Courts are increasingly evaluating intent, not just architecture. The standard has shifted from "does the option exist?" to "was it built to be used?" Most marketing and UX teams are not calibrated for that yet.

This is not about stripping personality from your product or making conversion a dirty word. The line being drawn is between persuasion and manipulation, and the difference is more practical than philosophical:

Underneath the compliance story is a harder one. Dark patterns were always a quiet admission that users, if fully informed, would choose differently. That the offer does not fully stand on its own. Manipulative UX has always been a patch on a value problem, and the brands learning that lesson through enforcement are learning it expensively.

The interface your team ships is no longer just a conversion tool. In 2026, it is a legal artifact, a brand signal, and an audience bet. The teams treating it that way now are the ones who will not be explaining their design decisions somewhere far less comfortable than a strategy review.

The Setup: Drip pricing, where the advertised price looks great until the fees quietly pile up at checkout, has been a known consumer frustration for years. The FTC finally put a formal rule around it, and the ink was barely dry before enforcement started.

What Happened: The FTC settled charges against StubHub, the largest ticket resale platform in the US, for violating the agency's Fees Rule by advertising ticket prices without disclosing the total amount consumers would actually pay, mandatory fees included. The company will refund $10 million to affected consumers and is now prohibited from displaying any price that does not reflect the full cost upfront.

The Context: The FTC's Fees Rule took effect in May 2025, requiring any business selling live event tickets to clearly and prominently disclose the total price at every stage of the purchasing process. StubHub received a warning letter that same month. It continued the practice anyway. The enforcement action follows a broader White House executive order specifically targeting pricing transparency in the live entertainment and ticketing market.

The Takeaway: The FTC is not waiting long between rule, warning, and enforcement action. For any brand running checkout flows where fees surface late in the process, the window to get ahead of this is closing fast. The total price is the only price that counts now.

Source: FTC

The FDIC, OCC, and NCUA jointly proposed updated anti-money laundering compliance rules on April 7, 2026, shifting focus toward higher-risk activities and away from low-risk customers. The update aligns bank programs with the Bank Secrecy Act and introduces a new FinCEN consultation framework for enforcement. Read more

The U.S. Securities and Exchange Commission (SEC) released its first major update to the Enforcement Manual since 2017, introducing changes designed to improve how investigations are conducted and communicated. The revisions emphasize greater fairness, transparency, and efficiency, including clearer processes and more engagement with individuals under investigation. Read more

Not necessarily wrong, but you’re exposed. Regulators generally expect material terms of a promotion to be clear and conspicuous where the promotion appears, not hidden behind extra clicks. A bio link adds friction, and that’s where problems start especially if key details like eligibility, deadlines, odds, or restrictions change how someone would decide to enter.

A safer structure is to surface the core terms directly in the post: who can enter, when it ends, any purchase requirements, and that full terms apply. Then use the link for the long-form legal details. If the post drives urgency (“Ends tonight,” “Open to everyone,” “Free entry”), those claims must be accurate without needing the link.

The practical test: could someone reasonably misunderstand the giveaway by only reading the post? If yes, the disclosure needs to move up, not sit in the bio.

Your marketing stack is moving at machine speed. The rules still apply at human speed.

Warrant OS is your marketing compliance system with built-in digital asset management, applying brand and compliance checks as teams review, approve, and store content in one place.

Warrant Reach fuels compliant employee advocacy by surfacing daily, industry-relevant news and turning it into thought leadership posts with built-in brand and compliance checks.

Got a horror story? A question? A regulatory update I missed? Hit reply.

— Austin | Founder, Warrant | hellowarrant.com

💬 If you love smart takes from Marketing, Compliance, and Legal pros, plus the latest industry news, this is where the good stuff lives.

→ Join the community here.