What is The Non-Consensual Cookie Bandit?

A satirical web experience that parodies cookie consent popups by "auditing your life" instead of tracking your data. It's a humorous exploration of digital consent culture.

Is this actually tracking my cookies?

No. Despite the name, we don't actually track cookies in the traditional sense. This is a parody project that uses "cookies" as a metaphor for life decisions.

Is the life audit real?

The audit is generated for entertainment purposes only. Results are satirical and should not be taken as genuine life advice.

Can I play games on this site?

Yes! We have several mini-games including the Reject Button Game and Cookie Clicker. More games are being added regularly.

What is the Sneak Into Basket dark pattern?

Sneak Into Basket adds items to your purchase without you explicitly selecting them — through pre-checked boxes, default toggles, or obscured add-ons. You must actively remove them to avoid being charged. It is most common in travel booking, event ticketing, and e-commerce checkout flows.

Is pre-selecting add-ons at checkout illegal?

Yes, in the EU. The Consumer Rights Directive explicitly prohibits pre-ticked boxes for additional purchases. UK consumer protection law has equivalent provisions. Companies continue to use the pattern in jurisdictions with less enforcement and in forms that are more subtle than a simple pre-ticked checkbox.

What should I do if I was charged for an item I didn't add?

Contact the retailer and request a refund, referencing the item being pre-selected rather than actively chosen. If they refuse, dispute the charge with your bank or card company. In the EU or UK, you can also contact your national consumer protection authority. Keep the order confirmation and any screenshots of the checkout flow.

← Dark Pattern Encyclopedia

Deceptive Commerce🚨 Felony

Sneak Into Basket

AKA: Cart Stuffing · The Pre-Selected Add-On · The Uninvited Guest in Your Checkout

Bureau Classification

What It Does

Sneak Into Basket places additional items, services, insurance products, or donations into a user's shopping cart or order without explicit selection by the user. The user decides to buy Product A; by the time they reach checkout, they are also buying Travel Insurance, a "Premium Membership Trial," a charity donation, and event parking. Each addition was enabled by a pre-checked box, a default toggle, or an interface design that made "add this" the path of least resistance. The user who reads carefully and removes each item will not be charged; the user who doesn't notice or doesn't want to spend time removing things will pay for items they never chose. The pattern is calibrated to maximize the non-reading majority.

Why It Works

Cognitive tunneling — focused attention on the primary task — causes users to miss peripheral interface elements. When buying a concert ticket, the user's attention is on the ticket price, the seats, the date. The insurance checkbox to the right of the seat selector is background noise, processed only if the user specifically allocates attention to it. The default-selected state means that inattention results in purchase. The pattern also exploits completion pressure at checkout: users who have reached the payment stage have a strong motivation to complete the transaction and are less likely to pause and audit their basket than they were earlier in the flow.

How To Spot It

Audit your basket before every purchase. Scroll through the order summary at checkout and verify that every item listed was explicitly selected by you. Look for service products (insurance, protection plans, memberships) that appear alongside physical or event tickets — these are common Sneak Into Basket targets. Check the final order total against what you expected to pay; a significant discrepancy warrants investigation.

Documented Incidents

#01

Ticketmaster: event ticket purchases routinely include pre-selected ticket insurance requiring active removal, in addition to unavoidable service fees

#02

Ryanair: travel insurance pre-selected by default during flight booking, requiring specific navigation to deselect

#03

Amazon: "Subscribe & Save" options sometimes defaulted when similar items were previously on subscription

#04

UK supermarkets: charity donations pre-added to online grocery orders requiring removal

#05

Utility comparison sites: additional products pre-selected during the "comparison" flow that turn out to be upsells from partner providers

Body Count

No comprehensive industry figure exists, because the sneak items are often low-cost enough that users don't notice or don't bother disputing individual charges. The Bureau estimates that the aggregate revenue from unrequested cart items across e-commerce runs to hundreds of millions of dollars annually in the UK alone, based on consumer protection authority estimates.

Legal Status

The EU Consumer Rights Directive explicitly prohibits pre-ticked boxes as a means of obtaining consent to purchase additional services. This was a response to the near-universal use of pre-selected insurance and add-ons in travel booking. UK consumer protection law has similar provisions. Enforcement has produced regulatory guidance more frequently than it has produced fines, but the legal standard is clear: anything added to a basket must be actively chosen, not actively removed.

Bureau Verdict

"Sneak Into Basket is a felony because it represents an unauthorized purchase — a transaction to which one party did not consent — disguised as a UI default. The Bureau notes that the same companies who deploy this pattern would describe it as "relevant offers presented at the point of purchase," a description that technically excludes the relevant detail that the relevant offer added itself."

— Bureau of Non-Consensual Cookie Bandits

Frequently Asked Questions

Companies Caught Using This Pattern

Amazon →

Full audits available in the Privacy Policy Hall of Shame.

← All Patterns Hall of Shame →Internet Autopsy →