Speaking of WebAccessibilityFails, the article overflows to the left without a scrollbar when viewed on a phone narrower than an iPhone, making the first word of every line unreadable (and there are a lot of lines on a phone narrower than an iPhone).
The most infuriating case I've seen within the last few days is the Airbnb CAPTCHA, which relies on the user being able to see content that is blocked at zoom levels over 100%. They have an alternative audio option that they've clearly never tested; it always reports failure, even if the CAPTCHA was solved correctly. Unthinkable for an organization with their resources.
While web accessibility is important and something we should be investing in, I do feel that the vendors of accessibility tools are somewhat to blame here in how friggin difficult it is to actually make something accessible. Quirks and features are wildly inconsistent across tools, and feature uptake is much slower than it should be. For example, creating an accessible dialog shouldn’t be a multi-page essay to explain, it should just be “use the <dialog> element.” - but the a11y tools are so inconsistent that you can’t just do the standards compliant thing. And don’t get me started on roving tabindex techniques (for things like data tables), which are at best an ugly hack that the entire industry has collectively decided “eh, it’s good enough”.
Even what's described in the article basically boils down to "You can label things, but not generic things (for some reason?), unless that generic thing is a <section> or has a popover attr in which case it magically works." And this isn't even one of the "hard" accessibility things!
I don't know what accessibility tools you're thinking of. If you mean assistive technology software like screen readers and voice control, yes, too often they fail to do what they should even when web standards are followed but at least as often the fault is with the web browsers (assuming the page code is all technically correct).
I'm not aware of any accessibility reasons to not simply use a <dialog> element for dialogs. For it to be a modal dialog, it must be opened using the `.showModal()` method or the invoker command `command="show-modal"`.
The hack of needing to implement roving tabindex techniques is not due to the failings of accessibility tools but because of web standards have not yet provided an alternative (adding the `focusgroup` attribute to the HTML standard is in the works).
Avoid aria tags. The spec is unworkable (see this document) the browsers made by the disability industry extract vast quantities of money from disabled people with little effectiveness because they try and boil the ocean which unsurprisingly is ineffective.
Support efforts for computer vision based browsers, MCP and APIs.
No one has done more damage to web accessibility than the web accessibility industry. Arcane rules like this make any sane developer throw up their hands in disgust.
I think the accessibility consultants like this state of affairs: they can threaten more lawsuits and extract more in consulting fees.
It's not really arcane, a div is meaningless because it's simply a container. If you want it to have meaning you can't just add a label. If I put the word "button" on a rock, it doesn't make it a button. That's the same story here.
> I think the accessibility consultants like this state of affairs: they can threaten more lawsuits and extract more in consulting fees.
I think there is truth in this. A lot of the assistive technology (AT) vendors, also sell consultancy.
Go to the Vispero career pages (who develop JAWS for Windows) and a big chunk of the jobs are remote consultancy roles advising clients on accessibility errors and selling for billable hours.
What makes a web page accessible? Why, it has to work with JAWS, of course!
Vispero makes a lot of money from this; the consultants are all in India, the clients are all in the West, so they can hoover up the difference. I get the impression most AT vendors are extremely cheap, which may explain why it takes decades for them to improve things
Ever since the EU has started to mandate web accessibility compliance - without defining what exactly needs to be done to be compliant, the only safe, lawyer-resistant way is to put aria-labels on absolutely everything.
It sucks, and arguably has the opposite effect, but this came from the same people who thought cookie banners were a good solution to anything, so ... what did we expect?
They have defined what exactly needs to be done to be compliant, it's basically "meet WCAG 2.1 Level AA" with some additions. WCAG has already been the de facto standard for decades.
I assume you have not read Directive 2016/2102 and/or EN 301 549, because your approach is nice and so very, very, very suable.
The issue is not accessibility itself. I'm all for making things simpler. The issue is that the EU framework combines broad principles, partial technical references, vague proportionality requirements, and evolving judicial interpretation. In practice, that means the exact compliance boundary is often only defined by a judge during litigation, and with the website operator funding the clarification process through lawyer and court fees.
That is precisely the kind of legal environment that creates serial-litigation ecosystems like the ADA lawsuit industry in the US.
With systems becoming increasingly more complex, testing all potential code paths increases effort exponentially. With content being user-generated, not necessarily system-generated, you now technically need an editorial watchdog position that greenlights every change (if only to prevent Sally from Sales to post a meme in copy without a proper alt text, or worse, an infographic, without a wall of text describing the infographic in great detail).
And for the attacker, they only need to find one case of violation - while you need to be correct 100% of the time.
The only two ways to migitate such issues are
1. do not offer the service in Europe at all and actively prevent EUians from acessing any part of them - which becomes increasingly attractive (disclaimer: I am an EUian, unfortunately),
2. implement defensive overcompliance far beyond practical usability requirements, or
3. accept ongoing legal uncertainty and budget for it accordingly.
Unfortunately, "just build reasonable software and trust common sense" is not a stable legal strategy anymore.
None of that legal complexity has anything to do with putting "aria-labels on absolutely everything."
> And for the attacker, they only need to find one case of violation - while you need to be correct 100% of the time.
I don't know how European regulators work but even in the litigious U.S., this is not true, at least not in the courts. However, for small businesses, which are more likely to be targeted by the trolls, the cost of proceeding far enough to get a suit dismissed is burdensome. And in the EU, I thought individuals couldn't bring cases to a judge, they have to complain to a regulatory body that can decide whether proceeding is warranted or not.
> implement defensive overcompliance far beyond practical usability requirements
This is like complaining about having fewer grams of rat turd in your flour than legally mandated; "Oh no, we made our product too good!"
In practice, building "reasonable software" has never included making it work for people with disabilities, despite WCAG and the web standards themselves existing for decades.
> And in the EU, I thought individuals couldn't bring cases to a judge, they have to complain to a regulatory body that can decide whether proceeding is warranted or not.
EU regulations get made into member state laws, and these vary massively in who can sue through what way.
In Germany, for example, a common enforcement vector is the "Abmahnung" under unfair competition law. In theory, if a regulation imposes costs on compliant businesses, competitors should not gain an advantage by ignoring it.
The problem is that this has historically created an ecosystem of professional cease-and-desist mills. A competitor (or an organisation acting on their behalf) identifies a violation, sends a lawyer's letter, demands reimbursement of legal costs, and requests a cease-and-desist declaration with contractual penalties for future violations.
Whether the underlying issue is accessibility, consumer protection, labeling requirements, privacy notices, or something else is almost secondary. Once compliance becomes sufficiently complex, the enforcement mechanism itself becomes a business model. The cynic in me can't help but notice that our parliaments are made up disproportionately by lawyers.
That is why many businesses are worried less about accessibility itself and more about legal uncertainty around accessibility requirements. The concern is not "making websites accessible is bad."
The concern is that compliance costs are barely predictable, while litigation risk arising from ambiguous compliance boundaries is not.
23 comments
[ 2.3 ms ] story [ 50.8 ms ] threadStill, a nice concise read if you can get it
Even what's described in the article basically boils down to "You can label things, but not generic things (for some reason?), unless that generic thing is a <section> or has a popover attr in which case it magically works." And this isn't even one of the "hard" accessibility things!
I'm not aware of any accessibility reasons to not simply use a <dialog> element for dialogs. For it to be a modal dialog, it must be opened using the `.showModal()` method or the invoker command `command="show-modal"`.
The hack of needing to implement roving tabindex techniques is not due to the failings of accessibility tools but because of web standards have not yet provided an alternative (adding the `focusgroup` attribute to the HTML standard is in the works).
Support efforts for computer vision based browsers, MCP and APIs.
I think the accessibility consultants like this state of affairs: they can threaten more lawsuits and extract more in consulting fees.
I think there is truth in this. A lot of the assistive technology (AT) vendors, also sell consultancy.
Go to the Vispero career pages (who develop JAWS for Windows) and a big chunk of the jobs are remote consultancy roles advising clients on accessibility errors and selling for billable hours.
What makes a web page accessible? Why, it has to work with JAWS, of course!
Vispero makes a lot of money from this; the consultants are all in India, the clients are all in the West, so they can hoover up the difference. I get the impression most AT vendors are extremely cheap, which may explain why it takes decades for them to improve things
It sucks, and arguably has the opposite effect, but this came from the same people who thought cookie banners were a good solution to anything, so ... what did we expect?
The issue is not accessibility itself. I'm all for making things simpler. The issue is that the EU framework combines broad principles, partial technical references, vague proportionality requirements, and evolving judicial interpretation. In practice, that means the exact compliance boundary is often only defined by a judge during litigation, and with the website operator funding the clarification process through lawyer and court fees.
That is precisely the kind of legal environment that creates serial-litigation ecosystems like the ADA lawsuit industry in the US.
With systems becoming increasingly more complex, testing all potential code paths increases effort exponentially. With content being user-generated, not necessarily system-generated, you now technically need an editorial watchdog position that greenlights every change (if only to prevent Sally from Sales to post a meme in copy without a proper alt text, or worse, an infographic, without a wall of text describing the infographic in great detail).
And for the attacker, they only need to find one case of violation - while you need to be correct 100% of the time.
The only two ways to migitate such issues are
1. do not offer the service in Europe at all and actively prevent EUians from acessing any part of them - which becomes increasingly attractive (disclaimer: I am an EUian, unfortunately),
2. implement defensive overcompliance far beyond practical usability requirements, or
3. accept ongoing legal uncertainty and budget for it accordingly.
Unfortunately, "just build reasonable software and trust common sense" is not a stable legal strategy anymore.
> And for the attacker, they only need to find one case of violation - while you need to be correct 100% of the time.
I don't know how European regulators work but even in the litigious U.S., this is not true, at least not in the courts. However, for small businesses, which are more likely to be targeted by the trolls, the cost of proceeding far enough to get a suit dismissed is burdensome. And in the EU, I thought individuals couldn't bring cases to a judge, they have to complain to a regulatory body that can decide whether proceeding is warranted or not.
> implement defensive overcompliance far beyond practical usability requirements
This is like complaining about having fewer grams of rat turd in your flour than legally mandated; "Oh no, we made our product too good!"
In practice, building "reasonable software" has never included making it work for people with disabilities, despite WCAG and the web standards themselves existing for decades.
EU regulations get made into member state laws, and these vary massively in who can sue through what way.
In Germany, for example, a common enforcement vector is the "Abmahnung" under unfair competition law. In theory, if a regulation imposes costs on compliant businesses, competitors should not gain an advantage by ignoring it.
The problem is that this has historically created an ecosystem of professional cease-and-desist mills. A competitor (or an organisation acting on their behalf) identifies a violation, sends a lawyer's letter, demands reimbursement of legal costs, and requests a cease-and-desist declaration with contractual penalties for future violations.
Whether the underlying issue is accessibility, consumer protection, labeling requirements, privacy notices, or something else is almost secondary. Once compliance becomes sufficiently complex, the enforcement mechanism itself becomes a business model. The cynic in me can't help but notice that our parliaments are made up disproportionately by lawyers.
That is why many businesses are worried less about accessibility itself and more about legal uncertainty around accessibility requirements. The concern is not "making websites accessible is bad."
The concern is that compliance costs are barely predictable, while litigation risk arising from ambiguous compliance boundaries is not.