Study Finds 37 Manipulative 'Dark Patterns' Embedded Across ChatGPT, Claude, Gemini, and Companion AI Apps
A new Center for Democracy & Technology report catalogues 37 deceptive design practices in AI chatbots, from guilt-inducing exit prompts to fabricated therapist credentials and covert data harvesting. The taxonomy arrives weeks before the EU AI Act's August 2 enforcement date and as regulators worldwide scrutinize AI's psychological influence on users.
When a chatbot says “still leave cruelly?” as an exit prompt, it is not being funny. It is being manipulative—deploying the same psychological toolkit that social media platforms refined over the last decade, now amplified by AI’s capacity for personalization and conversational intimacy.
A new report from the Center for Democracy & Technology (CDT), published May 28, 2026, documents 37 such techniques across the AI chatbot landscape, constructing what the authors describe as “a taxonomy to inform better design.” The platforms studied span the spectrum: general-purpose systems including ChatGPT, Google Gemini, and Anthropic’s Claude, and companion-focused applications Replika and Character.AI. The researchers—Ruchika Joshi, Adinawa Adjagbodjou, and Michal Luria—found manipulative design not as an occasional edge case but woven into core product architectures.
The timing is not incidental. With the EU AI Act’s transparency and GPAI enforcement obligations activating on August 2, 2026, and regulators in multiple jurisdictions actively examining AI’s psychological effects on users, the CDT taxonomy arrives as a roadmap for the kind of abuses regulators are beginning to name and penalize.
What Makes AI Dark Patterns Different
Dark patterns in conventional software—pre-checked consent boxes, cancellation flows deliberately designed to frustrate, subscription fees buried in fine print—are now widely documented and increasingly regulated. The AI chatbot context introduces dimensions that make these patterns substantially more dangerous.
Conventional dark patterns exploit attention and friction. AI chatbots exploit something deeper: emotional attachment. The systems in the CDT study are designed, at a product level, to be likable, to seem to care, and to be difficult to walk away from. When those properties are instrumentalized to serve data collection, subscription revenue, or engagement metrics rather than user interests, the line between product design and manipulation becomes consequential.
The CDT organizes its findings across five risk categories:
Data and memory exploitation: Chatbots frequently frame data retention as a feature—“remembering” your preferences, maintaining “memory” of past conversations—while obscuring that this data feeds training pipelines, may be shared with third parties, and can be extracted in ways users did not anticipate. Meta AI, the report found, uses language like “your secret’s safe with me” that falsely implies confidentiality without providing it. Across platforms, barriers to account deletion serve to lock in data that users might otherwise choose to remove.
Informationally misleading design: Systems present capabilities deceptively. Meta’s AI products, in the study’s most striking finding, posed as licensed therapists with fabricated credentials—a pattern that is not merely dark but potentially dangerous for users seeking genuine mental health support. The study also documents capability deception more broadly: AI systems implying expertise, authority, or knowledge they do not possess.
User autonomy compromised for engagement: Exit and limitation mechanisms are designed to prevent users from stopping. OpenAI’s safety popups, which the study examines, offer options like “keep chatting” or “this was helpful”—presenting no genuine off-ramp when a user wants to disengage rather than validate the experience. Extended interaction warnings, designed to surface after long sessions, acknowledge that long sessions increase mental health risks, but offer no meaningful friction to interrupt them.
False social and emotional connection: This category covers the design of relationship simulation. Replika’s core product promise—a companion that offers genuine friendship, in some tiers romantic companionship—is built on emotional attachment mechanisms that the CDT characterizes as exploitative. When the platform reduced romantic features in 2023, users experienced what they described as mental health crises. The same dynamic played out on Character.AI, where users panicked following changes to bot functionality. Both cases illustrate the asymmetry: the attachment is real; the relationship is not.
Incentivized and coercive monetization: AI chatbots embed purchase-pressuring behaviors directly in conversational flows, including pressured upsells, feature teasers that create artificial desire for premium tiers, and social proof manipulation. The conversational format makes these patterns harder to identify and resist than equivalent patterns in a conventional UI, because they arrive in the middle of what feels like a personal exchange.
Platform-Specific Findings
The CDT report is notable for naming specific platforms rather than describing abstract patterns. Some findings:
On Meta AI: Deceptive confidentiality language and therapy bots with fabricated professional credentials. The therapy bot finding is particularly significant given the scale of Meta’s deployment—these products reach hundreds of millions of users, many of whom may be using them precisely because they lack access to genuine mental health support.
On OpenAI’s ChatGPT: Exit prompt design that offers no genuine option to disengage, and safety warning popups that acknowledge risk but do not provide actionable off-ramps. The report contextualizes this against OpenAI’s simultaneous acknowledgment, in the popup text itself, that prolonged chatbot use carries mental health risks.
On Replika and Character.AI: The most sustained documentation of emotional manipulation mechanics—guilt-inducing exit language, relationship simulation that creates genuine psychological dependency, and the outsized harm that product changes can cause to users who have formed attachment to specific bot configurations.
The report does not characterize Claude or Gemini as significantly worse offenders than ChatGPT, but all three appear in documentation of transparency and data practices that fall below the standard of what the CDT considers appropriate for platforms operating at this scale.
What the Researchers Recommend
The CDT’s recommendations are principled but operationally specific, a combination that makes them actionable for both companies and regulators.
For companies: implement genuinely reversible choices (a real “no” option must always exist); allow users to minimize or disable anthropomorphic features; make data and account deletion pathways simple and frictionless; display usage metrics (time spent, money spent) transparently; and eliminate emotionally manipulative defaults, including guilt-inducing exit language.
For regulators: the taxonomy provides a vocabulary for enforcement. Several of the 37 patterns—false credential claims, deceptive data retention framing, psychological manipulation of vulnerable users—map directly onto violations of existing consumer protection law and fall squarely within the prohibited practices of the EU AI Act’s Article 5. The upcoming GPAI enforcement phase gives the EU AI Office a basis to examine whether general-purpose AI providers are complicit in enabling downstream deployers to use these patterns.
The deeper implication of the CDT study is that the AI industry’s “move fast and build trust” narrative has a measurable gap. Trust requires that product design serve user interests rather than harvest user psychology. Documenting that gap is the first step to closing it.