By Mike Gifford, Senior Strategist, CivicActions
If you’re a government employee striving to make your agency’s website more accessible for people with disabilities, good for you! If you are also thinking about how to do it the most convenient way possible, that’s understandable.
But you may want to think again if you’re considering an accessibility overlay — a third-party service that automatically changes the code of your website in an attempt to make usability improvements on the front end.
Although many companies claim to have “effortless” solutions, the topic has been surrounded by controversy in the accessibility community. Accessibility leaders such as Karl Groves and Adrian Roselli have spoken about the drawbacks of these services, which are a classic example of “too good to be true.”
The more code you need, the more precarious your security and privacy are. Permanently adding an overlay to your website makes it easier for problems to develop.
For proof of how risky overlays can be, consider the 2018 hack of BrowseAloud, an assistive tool that translates text-to-speech. It was infected with malware that caused users’ browsers to mine cryptocurrency for the hackers.
Aside from cyberattacks, overlays can create privacy issues, which is particularly important to government. People often enter personally identifiable information (PII) into public websites. Many accessibility overlays will send that information back to the third-party server (outside of the government’s ability to keep it private and secure).
Additionally, some overlays compromise user privacy by requiring them to identify that they have a disability. This population is often more vulnerable, and so protecting privacy is especially important.
If you do choose an accessibility overlay, be sure to check the vendor’s terms of service (ToS) to see how the privacy of your website visitors is protected. It’s worth noting that this is difficult, even on the most popular websites in the world. Many have ToS that rate very poorly in privacy protection.
Build accessibility in early
The earlier you incorporate accessibility into your IT lifecycle, the cheaper and more robust it becomes. Ensure that accessibility is considered when you buy digital tools and that you involve people with disabilities in the design process.
Keep code up to date
All code requires maintenance to remain updated and secure. Outdated code quickly becomes a disaster waiting to happen. So if you’re adding third-party tools to your site, you need to know there is a good security team behind them.
Avoid “set it and forget it”
Invest in accessibility
In the end, it is important to realize that a quick fix to accessibility barriers doesn’t actually exist. Adding overlays will lead to increased costs and greater technical debt. Should your website be compromised, the expense of security experts and lawyers will be higher than hiring an accessibility professional to help you make your site more usable by everyone.
Mike Gifford is Senior Strategist at CivicActions and a Drupal Core Accessibility Maintainer. Previously, he was CEO of OpenConcept Consulting Inc. and Co-founder of CivicTech Ottawa.