EU Consumer Law and UX: The Consumer as Ecosystem
Age-restricted products online are governed by a patchwork of national laws, platform rules, and product-category regulations. There is no single EU standard. The result is a fragmented legal node that arrives at the moment of highest purchase intent and currently resolves into either a privacy violation or a dark pattern.
Applying the user-ecosystem framework — Youngblood and Chesluk, Rethinking Users (BIS Publishers, 2020) · NN/g, 2025.
The right to undo
a purchase
The consumer has 14 days to cancel any online purchase without giving a reason. The amended directive now requires an active withdrawal function, not just a policy link, in the post-purchase interface. Most interfaces do not provide it.
Acquisition mode — legal node absent
No legal archetypes are active here, and this is appropriate. The ecosystem is correctly configured for browsing. The absence of the legal node at this stage reveals where and how it eventually surfaces.
Nothing to redesign at this stage. The gap is downstream.
High intent — disclosed but not received
The legal archetype is present but weightless. The cognitive archetype is directed at the product. Disclosure is occurring; comprehension is not.
The right is disclosed at the moment of highest purchase intent, the state least receptive to legal information.
Completion mode — disclosure met, function absent
Disclosure is met. The cognitive archetype is at maximum load. The legal information lands in a hostile ecosystem state and is processed by no active archetype.
Disclosure does not equal function. Checkout satisfies the information requirement. The withdrawal function belongs in the post-purchase ecosystem.
Where the law places its obligation
The ecosystem has completely changed. The clock is running. The consumer is evaluating a product they own. The withdrawal function the directive requires to be here is absent.
Dir. 2023/2673 is explicit: the withdrawal function must be in the account area or on relevant pages, not a footer link. The temporal archetype must also be activated: the consumer needs to see not just that they can withdraw, but when that right expires.
The symmetry test
The ecosystem is now the inverse of purchase. The law requires withdrawal to be as easy as purchase. The footer link fails this test on every dimension.
The symmetry principle: if purchase took two clicks and a primary button, withdrawal must take the same. The interface structurally opposed to this is not merely poor UX. It is non-compliant.
In ecosystem terms the withdrawal button is an active artifact, a designed object that performs the consumer’s right. Its absence from the order view is not a UX omission. It is the ecosystem refusing to activate a node the law requires to be present.
The node is present, but its weight is near zero. A footer link signals administrative content. The user who wants to withdraw must know to look there, navigate past unrelated links, and work through a policy page. The symmetry test is not met.
The active artifact is doing its work. The withdrawal function is contextual, in the order view, with a live deadline. The button carries the same action register as the purchase button. Symmetry of effort.
Active artifact
The withdrawal button is a legal actor. When absent, the right cannot be exercised. When present with a deadline counter, it performs the law’s symmetry requirement on behalf of the consumer, making the safe action the natural one.
The trader shall ensure that the consumer can exercise the right of withdrawal by means of a clearly labelled withdrawal function placed in the consumer’s account area or on any other relevant page.
Two rights,
one confusion
Every product sold in the EU carries a mandatory 2-year legal guarantee. Most interfaces promote the commercial warranty instead, a voluntary manufacturer’s offer. The ECGT directive now requires these to be clearly distinguished. They are not currently.
Acquisition mode — guarantee invisible
No legal archetypes are active at browsing. The legal guarantee exists in law, but has no presence in the browsing ecosystem. The commercial warranty, by contrast, is often promoted actively through badge design and product imagery.
The asymmetry begins here: the mandatory right is invisible, the voluntary offer is prominent.
Where the law requires clear distinction
The ECGT directive requires both to be present and distinct on the product page. Currently the commercial warranty dominates because it is a marketing asset. The legal guarantee, which is stronger and mandatory, is either absent or indistinguishable from the commercial offer.
ECGT 2024/825 creates two separate legal objects: the statutory guarantee label, mandatory and seller-owned, and the commercial durability guarantee label, voluntary and manufacturer-owned. Most product pages currently show one undifferentiated badge.
Purchase confirmed — two clocks now running
Two legally distinct timers start at the moment of purchase. The consumer is aware of neither. The checkout confirmation page typically shows order summary and delivery estimate, not the start of their consumer rights.
A confirmation message that says your 2-year guarantee starts today would activate the temporal archetype at the correct moment. Most interfaces do not do this.
The ecosystem the law was written for
The legal archetype is now maximally relevant. The consumer has a right to free repair or replacement. If the guarantee was never clearly communicated, the interface directs them toward paid support, an upsell, or manufacturer channels that obscure the mandatory right.
The ecosystem at breakdown is the one the law was designed for. But the information the consumer needs was disclosed at a completely different ecosystem state, high purchase intent, and was not retained. The active artifact that could bridge these states is a guarantee card or account record surfaced at the moment of breakdown.
The guarantee label is an active artifact. Currently it amplifies the commercial warranty and renders the legal guarantee invisible. Under ECGT 2024/825 it must do the opposite: make the mandatory right legible and the voluntary offer secondary.
The commercial warranty dominates the interface. The legal guarantee, the stronger and mandatory right, is absent or indistinguishable. When the product fails, the consumer does not know which protection applies or how to invoke it.
Two distinct labels, two distinct rights. The mandatory legal guarantee is primary. The commercial warranty is secondary and clearly voluntary. Both can link to a claim process, but the consumer can tell immediately which right is theirs by default.
Active artifact
The guarantee label on a product page is a legal actor. When it says 2-year warranty without distinguishing legal from commercial, it performs the seller’s interest, not the consumer’s right. The ECGT directive requires it to perform both, separately, clearly, and in that order.
Traders shall provide consumers with clear information on the statutory guarantee of conformity and on the distinction between the statutory guarantee and any commercial guarantee offered.
The product page
after purchase
The product page has always been a sales endpoint. The Right to Repair makes it the entry point to a legally mandated post-purchase infrastructure: repairability scores, spare parts availability, and repair pricing. None of these currently exist as active interface nodes.
Acquisition mode — repairability invisible
The repairability of a product is not a visible attribute in the browsing ecosystem. The consumer has no interface node to evaluate it against. The commercial ecosystem is optimised for replacement, not repair.
The ecosystem at browsing reflects the commercial incentive: sell new products. The Right to Repair introduces a counter-incentive that currently has no interface home.
The product page must now carry lifecycle information
Dir. 2024/1799 requires repairability information on the product page. Currently the product page is a pure sales surface. Repairability scores, spare parts availability, and repair cost indicators have no visual language, no established placement, and no interface precedent.
This is the most structurally disruptive regulation in the series. It requires the product page to carry information that is actively against the commercial interest: the long-term cost of ownership, at the moment of purchase.
The post-purchase ecosystem — repair need building
The consumer is in ownership mode. A fault develops. The current ecosystem offers no repair pathway. The interface was not designed to support post-purchase repair decisions. The path of least resistance is replacement.
The Right to Repair creates an obligation during the ownership phase that has no current interface expression. The consumer’s repair rights are invisible to the ecosystem.
A choice the interface must now support
The directive creates a new decision point the interface must support. The repair-or-replace choice is currently invisible. The commercial incentive is replacement. The legal obligation is to make repair the accessible option.
A product repaired under warranty gains an additional year of legal guarantee. This changes the repair calculus, but only if the consumer knows it exists. The interface that surfaces this information at the repair decision moment is performing the directive’s intent.
The repairability score is a legally mandated active artifact. Currently it does not exist as an interface node. When it does, it changes the nature of the product page, from a sales-only surface to a lifecycle interface that must support both acquisition and long-term ownership.
The product page is a sales endpoint. No repairability information, no spare parts access, and no repair pathway. The ecosystem is optimised for purchase. The Right to Repair has no active artifact here.
The product page now carries lifecycle information. Repairability score, spare parts availability, and repair pathway are visible at point of purchase. The consumer can evaluate the long-term cost of ownership before buying.
Active artifact
The repairability score is a legal actor before purchase and after. It changes the product decision at point of sale, and it anchors the repair infrastructure that must remain accessible for the product’s lifetime. The commercial incentive is replacement. The legal obligation is repair.
Manufacturers shall provide information concerning spare parts and repair on their website, make them available at a reasonable price, and shall not use hardware or software techniques that impede repair.
The fragmented
gate
Age-restricted products online are governed by a patchwork of national laws, platform rules, and product-category regulations. There is no single EU standard. The result is a fragmented legal node that arrives at the moment of highest purchase intent and currently resolves into either a privacy violation or a dark pattern.
Pre-restriction — ecosystem unaware
The consumer is browsing without awareness that an age restriction will interrupt the journey. The legal node does not yet exist in the ecosystem. It will arrive at the worst possible moment.
The design question begins here: when should the restriction become visible? Surfacing it early reduces checkout friction, but also introduces a gate before the consumer has committed.
The legal node arrives at maximum purchase intent
The legal node arrives at the moment of highest purchase intent. Cognitive archetype: completion-focused. Emotional archetype: friction-averse. Any method that introduces steps, requests documents, or requires account creation will generate abandonment. The commercial and legal archetypes are in direct opposition.
No single EU standard governs this moment. National laws vary by product category. The interface must resolve a legally fragmented requirement with a coherent user experience.
The verification method determines everything
The verification method is the design. A document upload harvests data and introduces maximum friction. A date-of-birth field is bypassable and legally inadequate. The EU Digital Identity Wallet offers a third path: cryptographic age confirmation with no data transfer. But this infrastructure is not yet uniformly available.
The autonomic user archetype is active here. When the Digital Identity Wallet verifies age automatically, the consumer and the verification system become indistinguishable, a single node within the ecosystem.
Verification resolved — ecosystem resumes
If verification was smooth and privacy-preserving, the ecosystem recovers. If it required document upload or account creation, a significant share of consumers abandoned at the previous stage and never reach here.
The design outcome is measured at this stage. The method that minimises the distance between the legal requirement and purchase completion, in effort, time, and privacy cost, is the ecosystem-aware solution.
The age verification mechanism is an active artifact with two possible natures. Currently it is either a data-harvesting gate or a bypassable checkbox. The EU Digital Identity Wallet proposes a third state: a privacy-preserving signal that confirms age without revealing it.
The current dominant pattern is either document upload or a date-of-birth field. The first harvests personal data and introduces maximum friction. The second is trivially bypassable and legally inadequate. Both fail on privacy, friction, or legal certainty.
EU Digital Identity Wallet: confirm age, share nothing. A cryptographic proof that the consumer is over 18, without revealing date of birth, name, or other personal data. Low friction, low privacy cost, and high legal certainty.
Autonomic user
Youngblood and Chesluk’s concept of the autonomic user, where technology and user become a single whole, is most visible here. When the EU Digital Identity Wallet verifies age automatically and privately, the user does not perform verification. The ecosystem performs it.
The EU age verification initiative aims to allow EU users to prove they are old enough to access age-restricted content without sharing any other personal information, privacy-preserving and interoperable with EU Digital Identity Wallets.