Laws

Many types of deceptive pattern are already illegal in the EU and US, depending on the type and context of use.

Important:
This component uses Transforms (Move Down 100%) to hide and show modal (on Tablet) so that filters apply once the user hits the apply button (optimal UX). Using the display: hidden will prevent the apply button from working.

To show and hide the modal for editing purposes on Tablet:
  • Select the filters2_filters-wrapper inside the parent div filters2_layout div.
  • Hit the Hide button and it will show (yes this is counterintuitive).
Filters
Clear all
Showing 0 of 100
Jurisdiction
Clear
Category
Clear
Search
Clear
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Remove
Filters

Respondent can remedy alleged infringement while proceedings are pending and complainant must explain why they consider infringement not remedied, otherwise procedure is discontinued.

EU & UK
|
Austria Data Protection Law (EU)
|
July 31, 2017

Provides consumers with a private cause of action for relief from deceptive or unlawful practices in transactions for goods or services.

USA
|
California Consumers Legal Remedies Act (US)
|
March 4, 1970

Prohibits the dissemination of any false or misleading statements in advertising.

USA
|
California False Advertising Law (US)
|
January 1, 1999

Prevents dishonest or misleading actions involving the gathering, utilization, and/or exposure of children's personal information on the Internet

USA
|
Children’s Online Privacy Protection (US)
|
April 1, 2000

Prohibits the use of automated calling and communication systems for unsolicited promotional purposes, except with the prior consent of the data subject or for legitimate interest of the data controller.

EU & UK
|
GDPR (EU)
|
September 19, 2019

Grant consumers the right to cancel contracts for goods or services made through remote communication channels such as the internet, email, or telephone.

EU & UK
|
Consumer Protection Laws (UK)
|
June 13, 2014

CFPA prohibits unfair, deceptive, and abusive acts and practices when offering or providing consumer financial products or services.

USA
|
Consumer Financial Protection Act (US)
|
July 21, 2010

Prohibits deceptive acts or unfair practices related to the sale or advertisement of any merchandise.

USA
|
Consumer Fraud Act, New Jersey (US)
|
July 22, 1960

Promotes cooperation among EU member states to enforce consumer protection laws.

EU & UK
|
CPC Regulation (EU)
|
October 27, 2004

Prohibit traders across all sectors from using unfair commercial practices that hinder consumers from making informed purchasing decisions.

EU & UK
|
Consumer Protection Laws (UK)
|
May 26, 2008

Covers various aspects of consumer transactions, including the sale of goods and services, digital content, unfair contract terms, and remedies for faulty goods.

EU & UK
|
Consumer Protection Laws (UK)
|
March 26, 2015

Defines "data subject's consent" as freely given, specific, and informed indication of agreement to personal data processing.

EU & UK
|
Data Protection Directive (EU)
|
December 13, 1995

Outlines the basic principles of fair and lawful personal data processing, including specified and legitimate purposes, adequacy, accuracy, and appropriate safeguards.

EU & UK
|
Data Protection Directive (EU)
|
December 13, 1995

Sets out the legal grounds for processing personal data, including consent, contract, legal obligations, vital interests, public interest, and legitimate interests, while protecting the rights of the data subject.

EU & UK
|
Data Protection Directive (EU)
|
December 13, 1995

Outlines various unfair or deceptive trade practices, including misrepresenting goods or services, falsely claiming affiliations, quality, or characteristics, and using innuendo to mislead

USA
|
District of Columbia Consumer Protection Procedures Act
|
May 14, 1976

Prohibits unfair commercial practices, including misleading and aggressive practices, and provides remedies for consumers who have been harmed by such practices.

EU & UK
|
Dutch Civil Code (EU)
|
December 14, 2008

Outlines the use and calculation of administrative fines for violations of privacy laws.

EU & UK
|
Dutch Policy Rules (EU)
|
June 25, 2019

Establish the legal framework for online retailers and service providers to comply with while conducting business with consumers.

EU & UK
|
Electronic Commerce Regulations (UK)
|
August 21, 2002

Requires disclosures for consumer financial products or services to be clear, easily understandable, and provided in a format that can be retained by the consumer.

USA
|
Electronic Fund Transfer Act (US)
|
July 21, 2010

German is Austria's official language, but its autochthonous ethnic groups and Austrian sign language are recognized, respected, safeguarded, and supported.

EU & UK
|
Austria's Constitution (EU)
|
October 1, 1920

Prohibits deceptive acts or practices that misrepresent or omit material facts.

USA
|
FTC Act (US)
|
September 26, 1914

Users must give informed and unambiguous consent and receive clear information about cookies, including processing purposes and data controller identity, according to the law.

EU & UK
|
GDPR (EU)
|
January 6, 1978

Defines the territorial scope of GDPR

EU & UK
|
GDPR (EU)
|
May 14, 2018

Consent is a voluntary agreement by an individual for their personal data processing, after being informed of its specific purposes and conditions.

EU & UK
|
GDPR (EU)
|
May 14, 2018

Defines the term "main establishment" for controllers and processors operating in multiple EU member states.

EU & UK
|
GDPR (EU)
|
May 14, 2018

Requires personal data to be processed lawfully, fairly, and transparently.

EU & UK
|
GDPR (EU)
|
May 14, 2018

Legal basis for processing personal data are performance of contract, legal obligations compliance, protection of vital interests, controller's legitimate interests, and data subject's consent.

EU & UK
|
GDPR (EU)
|
May 14, 2018

Valid consent conditions include being freely given, specific, informed, and unambiguous, and the data subject should be able to withdraw it anytime.

EU & UK
|
GDPR (EU)
|
May 14, 2018

Establishes rules for processing personal data of children under the age of 16.

EU & UK
|
GDPR (EU)
|
May 14, 2018

Outlines the rules and restrictions surrounding the processing of sensitive personal data.

EU & UK
|
GDPR (EU)
|
May 14, 2018

Ensures transparent information and easy access for individuals to their personal data processing, with the right to obtain a copy in a clear and common format.

EU & UK
|
GDPR (EU)
|
May 14, 2018

Controllers must provide identity, contact details, processing purposes and legal basis, recipient information, retention period, and data subject rights when collecting personal data.

EU & UK
|
GDPR (EU)
|
May 14, 2018

Specifies required information for data subjects when collecting personal data from other sources, including controller identity, processing purposes, personal data categories, recipients, and retention period.

EU & UK
|
GDPR (EU)
|
May 14, 2018

Grants individuals the right to access their personal data and receive information on how it is processed.

EU & UK
|
GDPR (EU)
|
May 14, 2018

Grants individuals the right to have their personal data erased under certain circumstances.

EU & UK
|
GDPR (EU)
|
May 14, 2018

Gives individuals the right to object to the processing of their personal data in certain situations.

EU & UK
|
GDPR (EU)
|
May 14, 2018

Requires data controllers to implement appropriate measures to ensure data protection and to demonstrate compliance with GDPR.

EU & UK
|
GDPR (EU)
|
May 14, 2018

Mandates that data protection must be incorporated into the design of systems, and that privacy must be a default setting for all data processing activities.

EU & UK
|
GDPR (EU)
|
May 14, 2018

Outlines data processors' responsibilities, including implementing appropriate security measures, processing data based on controller instructions, and maintaining records of processing activities.

EU & UK
|
GDPR (EU)
|
May 14, 2018

Requires controllers and processors to implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk.

EU & UK
|
GDPR (EU)
|
May 14, 2018

Requires controllers to notify the supervisory authority without undue delay if a personal data breach is likely to result in a risk to the rights and freedoms of individuals.

EU & UK
|
GDPR (EU)
|
May 14, 2018

Outlines the appointment of a Data Protection Officer (DPO) for certain organizations.

EU & UK
|
GDPR (EU)
|
May 14, 2018

Requires the appointment of a Data Protection Officer (DPO) in certain circumstances.

EU & UK
|
GDPR (EU)
|
May 14, 2018

Outlines the role of the Data Protection Officer (DPO) within organizations.

EU & UK
|
GDPR (EU)
|
May 14, 2018

Outlines the certification mechanisms available for demonstrating compliance with the regulation.

EU & UK
|
GDPR (EU)
|
May 14, 2018

Mentions certification bodies as a potential entity to provide accreditation and certification for data protection compliance.

EU & UK
|
GDPR (EU)
|
May 14, 2018

Outlines the tasks and powers of the supervisory authorities.

EU & UK
|
GDPR (EU)
|
May 14, 2018

Empowers supervisory authorities to carry out investigations and order controllers and processors to comply with the regulation.

EU & UK
|
GDPR (EU)
|
May 14, 2018

Outlines conditions for fines and penalties for non-compliance, including up to 4% of global annual revenue or €20 million, whichever is greater.

EU & UK
|
GDPR (EU)
|
May 14, 2018

Consent should be specific, informed, unambiguous, cover all processing activities, and not inferred from silence or pre-ticked boxes, must be clear, concise and non-disruptive.

EU & UK
|
GDPR (EU)
|
May 14, 2018

Requires financial institutions to protect the confidentiality and security of customers' personal information.

USA
|
Gramm-Leach-Bliley Act (US)
|
November 12, 1999

Requires financial institutions to provide privacy notices to customers and to safeguard nonpublic personal information.

USA
|
Gramm-Leach-Bliley Act (US)
|
November 12, 1999

Requires financial institutions to disclose to customers their privacy notices explaining how their personal information is collected, shared, and protected.

USA
|
Gramm-Leach-Bliley Act (US)
|
November 12, 1999

Defines the terms related to advertising, including misleading and comparative advertising, and identifies the advertiser.

EU & UK
|
Italian Consumer Law (EU)
|
September 6, 2005

Considers all aspects of advertising to determine if it is misleading, including information on products, prices, and the advertiser's attributes and rights.

EU & UK
|
Italian Consumer Law (EU)
|
September 6, 2005

Describes the conditions that must be met for comparative advertising to be permitted, including requirements for honesty, fair comparison, non-discrediting of competitors, and clarity regarding special offers.

EU & UK
|
Italian Consumer Law (EU)
|
September 6, 2005

Requires advertising to provide information about potential health and safety risks associated with products.

EU & UK
|
Italian Consumer Law (EU)
|
September 6, 2005

Prohibits advertising that encourages behavior that is potentially harmful to children.

EU & UK
|
Italian Consumer Law (EU)
|
September 6, 2005

Prohibits deceptive acts and practices in business or service, allows AG action against violators, and private right of action for injured individuals with increased damages for willful violations.

USA
|
Consumer Fraud Act, New York (US)
|
December 22, 1970

Requires financial institutions to notify customers about privacy policies, sets conditions for disclosing information to third parties, and provides opt-out rights to customers.

USA
|
Financial Privacy Rule (US)
|
November 12, 1999

Provides definitions of various terms used in the Privacy and Electronic Communications

EU & UK
|
PECR (UK)
|
December 11, 2003

Prohibits unsolicited electronic marketing communication without prior consent, except in certain circumstances.

EU & UK
|
PECR (UK)
|
December 11, 2003

Regulates the use of electronic communications for direct marketing purposes, including requirements for consent, opt-out options, and cookie disclosure.

EU & UK
|
PECR (UK)
|
December 11, 2003

The internet must provide clear and accurate information to consumers, and the use of "data pass" to share billing information with third parties for unwanted memberships undermines consumer confidence.

USA
|
Restore Online Shoppers’ Confidence Act (US)
|
December 29, 2010

Prohibits unfair and deceptive Internet sales practices, including misleading representations, failure to disclose material terms, and charging consumers without their express informed consent.

USA
|
Restore Online Shoppers’ Confidence Act (US)
|
December 29, 2010

Requires companies to obtain consumer's consent before charging their credit or debit cards for goods or services offered through a "negative option feature."

USA
|
Restore Online Shoppers’ Confidence Act (US)
|
December 29, 2010

Specifies the enforcement provisions for violations of the Act by the Federal Trade Commission, including penalties and privileges.

USA
|
Restore Online Shoppers’ Confidence Act (US)
|
December 29, 2010

Allows State attorneys general to bring a civil action in federal court to obtain injunctive relief for alleged violations of ROSCA, with certain requirements and limitations.

USA
|
Restore Online Shoppers’ Confidence Act (US)
|
December 29, 2010

Imposes fines ranging from 10 million to 250 million ROL for contraventions involving the processing of personal data in breach of specific provisions.

EU & UK
|
GDPR (EU)
|
December 20, 2001

Related to transparency and information to the affected party, and it requires the controller to provide certain information to data subjects when collecting their personal data.

EU & UK
|
GDPR (EU)
|
December 7, 2018

Establishes the principles of lawfulness, fairness, and transparency in the processing of personal data.

EU & UK
|
GDPR (EU)
|
December 7, 2018

Prohibits the sending of commercial communications by email or other electronic means without the prior consent of the recipient.

EU & UK
|
Spanish Law on Information Society Services
|
October 12, 2002

Requires informed consent for the use of data storage and retrieval devices, unless they are strictly necessary for service provision, and mandates clear information provision for such use.

EU & UK
|
Spanish Law on Information Society Services
|
March 12, 2023

Sets standards for advertising, sales promotion, and direct marketing practices in the UK.

EU & UK
|
CAP Code (UK)
|
September 1, 2010

Prohibits misleading commercial practices.

EU & UK
|
UCPD (EU)
|
May 11, 2005

Outlines what constitutes a misleading commercial practice that could deceive the average consumer into making a transactional decision they would not have otherwise taken.

EU & UK
|
UCPD (EU)
|
May 11, 2005

Requires traders to provide material information and not to hide or obscure it in any way, in order to avoid misleading consumers and affecting their transactional decisions.

EU & UK
|
UCPD (EU)
|
May 11, 2005

Prohibits unfair and unlawful business practices that deceive or mislead consumers in California.

USA
|
Unfair Competition Law (US)
|
January 1, 1993

Aim to protect consumers against unfair standard terms in standard term contracts.

EU & UK
|
Consumer Protection Laws (UK)
|
October 1, 1999

Requires website operators to obtain user consent before storing or accessing information on the user's device through cookies or similar technologies.

EU & UK
|
ePrivacy (EU)
|
March 20, 2010