NordVPN, a company that earns its entire reputation on protecting your privacy and security, charged one of its own customers $271.80 (enough for a month’s groceries for a family of four, twice) for subscriptions he never wanted, never approved, and could not figure out how to stop, then admitted in writing it never even told him the first charge was coming.

The Company Selling “Trust” Was Running a Trap

NordVPN markets itself everywhere: podcast sponsorships, influencer deals, banner ads telling you it is “trusted by tech experts and users.” The pitch is simple. Pay for a plan, get protected, stay private. What the company does not tell you is that it interprets the end of your plan as a green light to charge you again for a full year, whether you want it or not.

The company is valued at $1.6 billion (more than most Americans will earn across 30,000 lifetimes combined) and has over 15 million users, with most of its customer base concentrated in the United States. That scale matters, because the lawsuit alleges that Nord Security has “reaped tens of millions in unlawful charges” through this exact scheme, applied uniformly across its entire customer base.

This is a legal structure designed to be invisible. The complaint identifies four separate mechanisms Nord Security uses to trap consumers, and it states clearly that each one alone is enough to catch someone. Together, they form what the lawsuit calls “an intentionally deceptive architecture” engineered to produce one outcome: money leaving your account and entering theirs.

The $100 Million Company Hiding Fees in Gray Text

During the enrollment process, Nord Security presents what look like time-limited plans. You pick one, two, or three years, and the page gives you every impression that you are buying a fixed product for a fixed price. The auto-renewal disclosure does exist on the payment page, but a customer must scroll down to find it, and it sits in light gray text against a lighter gray background in single-spaced format. Illinois law specifically requires that auto-renewal terms appear in “larger type than the surrounding text, or in contrasting type, font, or color.” Nord Security’s design does the opposite.

The payment page itself uses at least 12 different colors, presents information in various font sizes, includes two call-outs for add-on products, and displays 13 different logos. The auto-renewal disclosure sits at the bottom, deliberately de-emphasized by design. The complaint identifies this as the “Misinformation” dark pattern, a specific, named technique from the field of user experience design used to bury inconvenient facts in visual noise.

There is also no checkbox. Illinois law requires companies to obtain “affirmative consent” before charging consumers under an auto-renewal contract. During the class period, Nord Security’s payment page contained no mechanism for a consumer to affirmatively agree to recurring charges. You land on the page, you click purchase, and you are enrolled in a subscription that will charge you again, and again, without your explicit permission.

The 14-Day Ambush

The second trap is a timing trick most people would never anticipate. When a subscription term approaches its end, the standard expectation is that a company charges you when the old period expires and the new one begins. Nord Security charges you 14 days before your current subscription even ends. A customer who decides in the final week of their plan that they do not want to renew has already been charged and locked in for another full year.

This is called out explicitly in the lawsuit as a deliberate design choice. The complaint also notes that Nord Security’s own terms documents contradict each other on this point: one section says customers are charged “at least 14 days before” renewal, while another paragraph in the same document states the customer “will be charged” only “after the end of your initial plan.” Nord Security writes its own rules in two different directions, and then charges you under the less favorable one.

The practical effect is that a customer who even slightly misjudges when their plan ends will find themselves billed for a year they did not want, with no recourse. The money moves before the window to act was open.

The Non-Financial Ledger: What a Dollar Amount Cannot Capture

Michael Sasgen paid NordVPN $108.43 (enough to cover a week’s worth of gas and groceries for most families) for a three-year plan in November 2020. He decided he did not want to continue when it ended. He thought that was the end of it. He did not know there was anything else to do, because NordVPN never told him there was anything else to do.

Then, in November 2023, less than three years after he signed up, his credit card was charged another $108.43. No warning. No reminder. No consent. Just a charge. When he looked into it, Nord Security sent him an email that acknowledged it had charged him “without prior notice.” The company knew what it had done. It wrote the admission down. Then, twelve months later, it did it again.

On December 3, 2024, NordVPN charged Sasgen $163.37 (more than many Americans spend on a week of groceries). He had been searching the internet for months trying to find out how to cancel the subscription that kept charging him. The mobile application he used to access the service provided no cancellation option whatsoever. The account portal buried the cancellation toggle four levels deep, labeled not “Cancel” but “Auto-renewal,” requiring consumers to know instinctively that the path to exit a subscription runs through a toggle switch with no label connecting it to their problem.

The total taken from Sasgen without his authorization was $271.80 (more than the average American spends on utilities in a month). But the real cost lives outside that number. This is a person who paid for a privacy product and had his financial autonomy stripped from him by the very company he was trusting. He spent months searching for an exit. He read terms of service documents stretching over 9,500 words looking for the path out. He found himself in a loop that the company had deliberately engineered. That is not a billing error. That is a system built to exhaust people into giving up.

The lawsuit notes that “hundreds of consumers” have complained directly to Nord Security or through platforms like Trustpilot, SiteJabber, and Reddit. The complaint also states that Nord Security “experiences a high rate of chargebacks” from customers who realize what has happened and fight back through their credit card companies. The company has developed internal customer service protocols specifically for handling these complaints. It knows exactly what it is doing to people. It has built a process around managing their frustration, rather than stopping the behavior that caused it.

For many victims, the loss is not just financial. People pay for NordVPN because they want to feel secure online. They are, often, people worried about surveillance, data theft, or corporate tracking. They chose this product because it promised to be on their side. To discover that the company protecting your data was simultaneously running an unauthorized extraction scheme against your bank account is a specific kind of betrayal, one that hits harder because of the trust that made you vulnerable to it in the first place.

Legal Receipts: The Words They Cannot Take Back

“Nord Security intentionally misleads consumers into thinking they can subscribe for a discrete period of time. The truth is, however, that the Nord Subscriptions automatically renew and the Company’s ‘disclosures’ regarding the ongoing charges are hidden from consumers both before and after purchase.” Class Action Complaint, Paragraph 1

“It is not happenstance that Nord Security’s customers are paying for unwanted subscriptions. This outcome is the result of Nord Security’s intentional and bad-faith design choices. Nord Security is well aware that its scheme is tricking customers, as complaints about Nord Security are legion, with hundreds of consumers complaining directly to Nord Security or via sites like Trustpilot, SiteJabber, and Reddit.” Class Action Complaint, Paragraph 14

“On November 4, 2023, Nord Security charged Plaintiff Sasgen for an unwanted and unauthorized automatic renewal. On November 9, 2023, Nord Security sent Plaintiff Sasgen an email with the subject line ‘Information regarding your subscription’ wherein Nord Security admitted that Plaintiff Sasgen was ‘charged for the Nord subscription renewal without prior notice.’ This violated the Illinois ARL.” Class Action Complaint, Paragraph 71

“Nord Security buries its cancellation mechanism four layers deep in its customer account portal, with no clear path evident to the consumer for how to get there… Once customers access the ‘Subscriptions’ tab, they are still not presented with a ‘Cancel’ option. Instead, consumers must then understand that they need to click on ‘Manage’ on a line pertaining to ‘Auto-renewal’ to finally access a page where they can cancel their account.” Class Action Complaint, Paragraphs 65–66

“Nord Security conducts its deceptive subscription scheme by employing a highly unconventional charging practice. Rather than automatically renew consumers by charging their stored payment methods at the beginning of a new subscription period if they do not cancel before the prior subscription is over, Nord Security extracts its charges 14 days before the customer’s current subscription period even ends. By doing so, Nord Security locks consumers into another subscription well before any reasonable consumer would expect to be auto-renewed.” Class Action Complaint, Paragraph 98

“Nord Security uses its deceptive and unlawful subscription scheme in order to trap Nord Security customers into paying for Nord Subscriptions that they do not want. As a direct result of this scheme, Defendants have successfully reaped tens of millions in unlawful charges at the expense of unsuspecting customers.” Class Action Complaint, Paragraph 101

Societal Impact Mapping: Who Actually Gets Hurt

Economic Inequality: The Dark Pattern Tax on Ordinary People

The Consumer Financial Protection Bureau, cited directly in the lawsuit, defines negative option billing as a scheme where a company interprets your silence as consent to keep charging you. The CFPB has stated explicitly that this kind of program causes “serious harm to consumers” and is “most likely to occur when sellers mislead consumers about terms and conditions, fail to obtain consumers’ informed consent, or make it difficult for consumers to cancel.” Nord Security, according to this lawsuit, hits all three criteria simultaneously.

The complaint notes that the subscription economy has grown more than 400% over the last eight and a half years. As that market expanded, the government’s ability to police it fell behind. The lawsuit specifically states that the “rapid growth of subscriptions has created a host of challenges for the economy, far outpacing the government’s ability to combat aggressive marketing practices.” The companies that profit most from this regulatory lag are companies like Nord Security, which have the engineering resources to design psychologically optimized traps and the legal teams to defend them.

The harm falls hardest on people with the least margin for error. When a $163.37 ($163.37 is roughly two weeks of groceries for a single person) charge lands on a credit card that is already stretched, it can trigger overdraft fees, missed payments, or cascading debt. The lawsuit acknowledges this dynamic directly: it argues that individual consumers cannot practically fight back because the cost of litigation far exceeds the individual loss. Nord Security profits from exactly this calculus. It charges amounts small enough that suing is not worth it for one person, but large enough to add up to tens of millions across its user base.

The complaint also flags a sharp irony in how Nord Security markets itself. It advertises on dozens of podcasts and through influencer sponsorships, reaching ordinary people who are trying to protect themselves online. It positions itself as a tool against corporate surveillance and data exploitation. Then it runs a covert extraction operation against those same customers using tools borrowed from behavioral science: cognitive bias research, A/B testing, and interface design engineered to prevent rational decision-making. The people selling you protection from manipulation are using manipulation as their primary revenue strategy.

Public Health: The Stress Economy Nobody Accounts For

Financial stress is a documented public health crisis. When unexpected charges hit, people report elevated anxiety, disrupted sleep, and reduced cognitive function. The lawsuit describes Michael Sasgen spending months searching the internet for a way to cancel, reading 9,500-word terms documents, and repeatedly failing to find the exit. That sustained, low-grade stress over financial ambiguity is a real cost that no settlement amount fully compensates.

The class in this lawsuit encompasses thousands of Illinois consumers, and Nord Security has over 15 million users with most centered in the United States. At scale, the psychological burden of discovering unauthorized charges, fighting chargebacks, and navigating deliberately hostile cancellation systems represents a significant collective drain on public wellbeing. Each customer who goes through this process loses time, sleep, and the baseline sense of financial security that makes it possible to function.

The complaint notes that many victims “do not realize they are victims of Nord Security’s unlawful acts and continue to be charged to this day.” These are people living under a financial drain they cannot see. The harm accumulates silently, month by month, year by year, until someone finally notices a charge and begins the exhausting process of figuring out what happened and how to stop it.