It seems to me that the article does not correctly define who this law targets. The actual regulation is about [1]:
- computers and operating systems
- ATMs, ticketing and check-in machines
- smartphones
- TV equipment related to digital television services
- telephony services and related equipment
- access to audio-visual media services such as television broadcast and related consumer equipment
- services related to air, bus, rail and waterborne passenger transport
- banking services
- e-books
- e-commerce
For my part, I would dream of this regulation mandating backward support for browsers at least seven years back to stop the nowadays framework madness. As a great example, my bank login page is 10MB.
I never thought to check my banks login pages, as I never had an issue with the loading speed. I had other issues (related to bad bank related service) so I changed a couple of banks.
Current banks login pages are a bit below 3 MB.
I see it as a prioritization issue. Are you happy with your bank services except the size of the (login) pages? Probably they focus on what they should as there would be more customers switching due to bad service than to page sizes. There are probably few scenarios where 10 MB is a problem - most of it should get cached anyhow after the first load.
The bank that we use (and are unable to change due to the B2B nature of our operations) sucks in every aspect of relations. Both offline and online.
I think it's absolutely normal to be an expert (in web development) and measure businesses based on their web apps. And yes, if an organization where online is a critical point, such as banks nowadays, ignores the problems with their code, this is most probably a sign that the entire organization is broken.
In my case this is a 100% match.
Well, I had never looked at how much our login page weighs, but it's 65KB [1].
It will be 150mb when accessible due to even more frameworks.
Just on the contrary, critical applications such as government services or banking could provide a light version that just works, maybe a simple HTML/CSS frontend without heavy frameworks to ensure that the service is deliverable.
Once I faced an issue with the SBB ticket system (Swiss rail tickets) that was not working on my iPhone (maybe 8), not in Safari on macOS, and I needed to buy a ticket on the train as in this particular place there was no offline ticket service.
Such services indeed must have a minimal requirements version.
less javascript + less dynamically loaded/changed content is the solution to web accessibility
Tell that to the developers that are 5 years, 1 million lines and 500 TODOs deep into their legacy React banking frontend. Adding stuff on top of your existing hacks is easy, taking unnecessary code away is hard. Especially if all your training on web accessibility was a one-day workshop where you never actually learned how to do anything, only why you need to do it.
Source: I used a frontend developer working on a big bank frontend. The existing UI stack was horrendous and deadlines and bank politics wouldn’t allow you to refactor anything. Just build shit on top and hope that Jenga tower of a web application doesn’t fall apart halfway there.
Thank you so much for sharing this! This is absolutely exactly how it feels.
I believe the most important point here is the internal business politics that allows such an approach in development. Once I was curious and tried to find out how private banks' front ends look, and I was surprised to learn that they used minimal frameworks (sometimes none) and obviously zero external resources.
One thing is clear: if the business structure allows 10MB for a login page, this is not only about the front-end, this could be about all services and could spread much wider.
BTW, the bank that we use (with the 10MB login page) totally sucks in every aspect of business relations as well.
This is unhinged FUD. I have some websites, that needs to adhere to the new rules. It was fairly easy to do. One of them is a react app with mantine components. I was done in less than a day and have not changed the asset size at all.
is that not mostly defined in the HTML part?
I'm sure this will freak out many indie developers, but relax this doesn't affect you.
Just yesterday I stumbled upon a developer video from Germany who was trying to build some AI RAG SaaS for small businesses and was completely overwhelmed with the EU Privacy and data protection regulations and was stuttering when was talking about going to jail for using OpenAI API the wrong way.
Just Wow. These things are not for you, nobody is going to jail for their app or paying life ruining fines in Europe as long as they don't actually cause real harm. All those rules and regulations are intended for large companies who abuse their power or harm large parts of the society by ignoring stuff when not making them profit.
The directive contains lighter requirements for microenterprises, in some cases going as far as not even asking them to make a paper trail and just trust their word for it. Of course it's going to hit micro companies less than big companies, who's going to sue a micro enterprise because the atm isn't designed with accessibility in mind
US-centric view here. There's a whole cottage industry of people who look for micro-accessibility-infractions and milk it for everything they can get. Nobody's too small to be sued, and nobody's too small to file a suit.
Maybe that's my next get-rich scheme? I could be filing ADA lawsuits against all websites because they don't have a functional speech recognition interface using the speech recognition environment I am paying for.
But what would the benefit be to suing someone small in the EU? It's not like you get money from it.
Any examples of people who got sued?
Yes and No. EU acts are only guidelines and minimal requirements to be implemented by member country governments. There is a problem of gold-plating, overregulation of laws in some countries. In worst cases once you are targeted by audit of law enforcement which may burn all you focus and time, you only dream to close your small business and leave the country.
True, it all depends on the implementation in each country. Any examples of this happening to small developers?
No, this is a directive - they are not being interpreted.
Sorry but this line of "don't worry buddy, nobody cares about your small company" reasoning is dangerous. No reputable company wants to operate in a legal grey zone. Or do these directives and the corresponding laws explicitly only apply to large corporations?
Edit: I'm not complaining about the regulations in this comment, I'm saying that it's bad advice to ignore them just because you're a small business unless there is an exception for them. As it happens, exceptions for small business are planned.
Any examples of indie devs burned by that danger? Don't do shady stuff and you will be fine and if you do shady stuff and push for edge cases and interpretation ambiguities to run your business then study the laws in details and lawyer up.
The basics are simple enough to run a legit business. There are some obvious and basic data protection requirements but I wouldn't call a gray zone unless pushing for it. Also, there's no EU police checking apps for violations etc. You don't just get sued the moment your app hits the App Store.
There is no legal grey zone. Just read the law. In Germany it's the BFSG (Barrierefreiheitsstärkungsgesetz) and it is much more pleasant than this monster of a word let's you assume.
It mainly boils down to: write ARIA tags and adhere to WCAG version 2.1 level AA.
I have no idea why you're replying to my comment, I wasn't insinuating that these regulations are hard to follow, I was replying to someone who suggested that small companies don't need to care about them because these laws are intended for large corporations only and won't be enforced on small business. IANAL but that's advice to operate in a legal grey zone and generally not recommended unless the respective laws explicitly make exceptions for small businesses - which they happen to make but OP failed to mention this.
I don’t know the exact wording, but from the GDPR and accessibility trainings I had to sit through at the enterprises I used to work at, I believe there is a certain size of company under which the regulations don’t apply. That was somewhere in the millions in revenue each year, so if you’re actually an indie-hacker, this should not apply to you.
I’ll check if I can find a source for that claim though.
There are some parts of GDPR that are non-negotiable however, even for indie hackers. If you collect personally identifiable info, you NEED a privacy policy, a process for users to get their data deleted if they request it, for example.
I read the article and I feel unseen, invisible. It is yet another accessibility initiative that assumes users fit into the 'blind' or 'not blind' categories. There's never a mention of people needing speech recognition or any other physical mobility aid. Keyboard shortcuts are not enough.
I should be able to navigate a webpage completely by speech. The actual speech UI would take some thinking. You want both absolute by name and relative references, as in "follow that link," "third link back," "follow threads", and " follow new," as a bare minimum.
First good way to improve accessibility is to remove cookie banners, especially those that pop out after a while after website loads.
I'm all for making the apps / websites that are essential for disabled people accessible.
But for smaller companies, getting the website/app up to the rules for European Accessibility act can be over their limits, cause it's not an easy task, depending on the type of UI your app is using.
So their only option is just to avoid Europen market, if they don't want to go to jail.
And European Software marked will be left behind even more.
Europe has 0 power in online world and they keep it like that by making dumb rules everyday.
Don't know what you define as small but when you have two million per year turnover and ten employees you should think about complying to the available laws. Since those are the cutoff numbers where below it does not apply.
A 15-people business is most definitely a small business.
> complying to the available laws.
That's why Europe has gotten into its present sorry state when it comes to IT. They're winning all the law-related battles but they've lost the big war, just look of how all of Europe is a slave to the American IT industry (after all, we're having this conversation on a an American-run forum, even though I presume that we're both EU citizens).
Well-capitalized American consumer software companies have been able to outcompete European competitors by taking a product developed for the US and offering it in the EU market at zero marginal cost. In areas of IT where zero-marginal-cost expansion is not so easy (e.g. industrial control software that comes bundled with the equipment it is controlling) there doesn't seem to be much of an American advantage.
Stringent regulations that American companies won't be compliant with without extra effort can be expected to increase the relative competitiveness of European companies in the EU.
That might be true, but it’s also the reason we don’t have a Zuckerberg or Musk taking charge of EU politics. There’s a balance to be struck here, and I prefer this over being a slave to American big tech.
No. It's von der Meyer and other plutocrats, making every country lose sovereignty in ever expanding ways. We went from better trade and transport to a bureocratic unaccountable beast that eats money at insane speed and becomes more censorious, pro war and power hungry with each year that passes.
There's benefits, but there's a LOT of cons that people refuse to admit, and this is not saying "brexit was better", just that EU politics are riddled with corruption and pretending we're good because we try to compare ourselves to a different context in the USA is just pointless.
> But for smaller companies, getting the website/app up to the rules for European Accessibility act can be over their limits, cause it's not an easy task, depending on the type of UI your app is using.
If this leads to better accessibility in the common frameworks or the emergence of more accessible frameworks, it will be a win for every Internet user in the world, though. This is a technical issue that can be fixed.
The opposite, the directive is posed to harmonize a situation introducing a common ground for the states to legiferate in a similar way, helping companies have less work to do to adapt one product to another state laws, I'm quoting the first points of the directive:
The purpose of this Directive is to contribute to the proper functioning of the internal market by approximating laws, regulations and administrative provisions of the Member States as regards accessibility requirements for certain products and services by, in particular, eliminating and preventing barriers to the free movement of certain accessible products and services arising from divergent accessibility requirements in the Member States. This would increase the availability of accessible products and services in the internal market and improve the accessibility of relevant information.
Due to the differences in national accessibility requirements, individual professionals, SMEs and microenterprises in particular are discouraged from entering into business ventures outside their own domestic markets. The national, or even regional or local, accessibility requirements that Member States have put in place currently differ as regards both coverage and level of detail. Those differences negatively affect competitiveness and growth, due to the additional costs incurred in the development and marketing of accessible products and services for each national market.
The approximation of national measures at Union level is therefore necessary for the proper functioning of the internal market in order to put an end to fragmentation in the market of accessible products and services, to create economies of scale, to facilitate cross-border trade and mobility, as well as to help economic operators to concentrate resources on innovation instead of using those resources to cover expenses arising from fragmented legislation across the Union.
I was once talking with the cto of an Ai law startup who made a presentation in university, and he noted that one of the main issue to move to other countries would have been different laws. Of course for the whole law sector that's impossible to harmonize (at least for the time being), but if for some things there can be harmonization, it's a win win for everything
Smaller companies are exempt from those things. In Germany the rule is less than 10 employees or less than 2 million in sales.
I think this is reasonable. What you are writing feels less reasonable.
The part that you may be missing here is that Europe puts people first. America (in particular, but not exclusively) puts business (or money) first.
The thing of the smaller people always comes up when digital regulations are to be, yet on other industries everyone copes, including street vendors, granted in some countries there is a gray zone in following laws, but still they usually come up.
Also we can follow China's leadership and get our own digital wall.
> Europe has 0 power in online world
The annoying cookie banners prove you wrong.
Most smaller companies aren't in the markets this legislation is written for anyway. This primarily places demands on four types of software/digital products (not a lawyer):
* Banks
* Webshops
* Operating Systems
* Software designed for Communication
The rest is all hardware devices (ATMs n such), public government services (the public transport schedule), relates to TV or isn't software in the first place (ebooks).
Banks and OSes are markets with only a few players and none of them are small. It'll be interesting to see if this on a technical level will demand changes for Wayland, afaik it's story on accessibility is pretty shit still.
Webshops overwhelmingly either use larger third parties as intermediaries (ie. Etsy) or stuff like woocommerce, an off the shelf solution developed by Automattic (who will obviously have to accommodate by updating woocommerce, which they probably will since iirc they offer a commercial solution for woocommerce themselves).
And communication software really is the big one, but most people aren't making new ones of those either. That's gonna be a pain for Slack/Salesforce, Meta, Reddit and so on, but they'll have legal pressure to comply (which opens up a lot more room to accelerate and give money to that sort of thing). If you start out in this market in particular, it'll probably be easy to comply with this regulation "from the ground up", just like how it's pretty easy to not build a data slurper from scratch after the GDPR got passed into law.
The thing they all have in common is that there's relatively few actual competing products.
ADA lawsuits in the US are frequent and often somewhat frivolous, and they probably cost way more than European fines, so I don't think the regulation puts the European software market at a disadvantage. I admit it's bad for small companies, though, when they want to or need to use alternative GUI frameworks (usually, for technical or licensing-related reasons). For instance, I was planning to use Fyne with Go for some small apps, but it has zero accessibility support and is therefore out of question.
[dead]
There's a German version that has nice FAQ and is written in a more human friendly way going into all the details. You can use Google translate https://bfsg-gesetz.de/#faq
I'm very interested in how they've implemented Google Analytics. No external JS is loaded, just 9KB of packed JS embedded implementing a minimal call... and then it is being sent to their own script analytics4.php which acts like MITM. Does anyone know the name of the plugin or package they are using?
These rules don't apply to businesses that make less than 2.000.000€ a year and have less than 10 employees and don't create physical products.
Punishing groups for failing to implement accessability seems drastic, isn't there some to spurn them to action with incentivization instead? You catch more flies with honey..
If a shopping mall refused to build a wheelchair ramp, would you be fine with them not receiving any kind of penalty?
Sometimes you just have to remind people what it means to be a part of a civilized culture with a properly sized stick. Special circumstances.
The honey is that being accessible could increase your possible market up to 10%.
Uhm hasn't this been the case since 2019-2022 or somewhere close to those years?
In Denmark we had a year to make government/public apps fully accessible and the same for websites and documents presented on websites.
We also had to create accessibility certificates and dedicated pages on the websites to prove and clarify the state of the accessibility (or lack of, together with a statement of what's being done to remedy the issues).
Are these "new" EU laws for a different sector (private?) or something else? I can't find any references in the article. I may be blind (pun intended).
I do build websites for public sector in Denmark and we are only starting now with accessibility :( I don't know the actual law, but I would be surprised if multiple regions would just ignore them for this long.
And yes, these new laws seems to be aimed for private sector as well.
> If companies fail to comply with the European Accessibility Act they could be hit with fines and even prison sentences for senior staff.
That seems extremely excessive. A prime example of regulatory overreach.
That depends. I'm perfectly happy as a European business owner that it is made very clear that accessible software is not optional, and even if you think it is expensive, that you can't just sit around and wait for the fine to hit.
The reality is that if you're ignoring this stuff, you are effectively eliminating a significant chunk of the population from participating in public life. It's about as bad as not having wheelchair ramps in public places, except the same software runs everywhere, so it's not the one virtual 'building' missing it, but all buildings made by the same architect.
These penalties are essential to counterbalance the financial trade-off companies often make by deprioritising accessibility. Without serious consequences, it’s rational for executives to cut costs at the expense of inclusion. This ensures accountability at the level where those decisions are made.
> These penalties are essential to counterbalance the financial trade-off companies often make by deprioritising accessibility. Without serious consequences, it’s rational for executives to cut costs at the expense of inclusion. This ensures accountability at the level where those decisions are made.
You can impose arbitrarily high financial penalties, or even shut down the business, and that's plenty enough for the incentives to tilt in the correct direction. But prison? How the heck is that necessary for this?
This is likely just you who are not too familiar with how law is practiced in the EU.
In the EU the directives define a max range. Eg. 10% of global revenue or 20 million EUR whichever is higher.
Then the court figures out to what extend the company broke the law.
This system is needed to make sure that there are not some member states that are more forgiving and provides a competitive edge for companies to move there.
A prison sentence for not providing captions on an OF video isn’t overreach? I’m not sure if I’m being hyperbolic or not, the article didn’t go into any meaningful depth.
I bet you a beer nobody will go to jail for not captioning an onlyfans video, because that is not how regulations work.
There is a range of fines, and a minor non-repeat infringement will obviously not get you the maximum penalty.
But consider the case where a person cannot book a medical appointment, or ask a refund, or claim insurance. The company will be fined, and if the offense does not get fixed than _at some point_ the responsible person may face jail time.
To given an idea, one of the more relevant lawsuits on the GDPR was about linking to Google Fonts/Google CDN resources on a blog.
The judge in that case held that doing so is a privacy violation since the webpage now connects to Google without the users' consent. Total fine? €150. An extremely token amount because the blog owner obviously didn't intend to break the law. Quite the contrast to the million dollar fines you hear about for big tech companies.
This is the first time I've heard about these new rules on EU digital accessibility and yet I am absolutely sure that you are being hyperbolic about "a prison sentence for not providing captions on an OF video". Assume good faith.
Never assume good faith when it comes to the EU. I say that as a EU citizen.
Do you understand how laws work?
Laws are not computer code. They're not run, unthinkingly, by a judge acting as a CPU.
We have humans (like juries) looking to see whether an offence was committed. Are they going to find someone guilty of an offence like this?
Then we have judges who look at the whole facts of a case to determine a sentence[0]. Would they think it proportionate for a first-time offender to be imprisoned for this?
On the other hand, if a large content creator has been repeatedly warned not to break the law and they've ignored those warnings, why shouldn't they be punished?
[0] Yes, some jurisdictions have sentencing guidelines and mandatory minimums.
According to you blind people have no right to a bank account?
What makes you think that exact scenario would result in a prison sentence?
Again, it seems like you don't understand how this stuff works.
"providing captions on an OF video" likely will not lead to full non-compliance.
Anywho, to what extend I agree with stuff like this is another conversation. Just don't misrepresent how the legal system works.
The possibility of jail-time only exists in Ireland, no other country in the EU. Even there, prison-time is the maximum, not a guarantee. Courts may opt for fines, suspended sentences, or probation, I don't think at any point will anyone go to jail for this, especially considering this is only a possibility after a conviction and repeated non-compliance in important sectors like healthcare, banking or transport.
Is it because it's digital? For example if a shopping mall would refuse to build a wheelchair ramp / elevator, would you still consider it being excessive?
It's discrimination, e.g. the web is perfectly suited to be used with keyboard only, yet companies make it impossible.
it's not overreach, it's deliberate racketeering. fining American companies is a non-insignificant chunk of EU budget at this point, so new nebulous laws and rules need to be invented to keep the racket up.
I rather have this than capitalism takes everything.
On the contrary, the history of the last 20 years of capitalism has been that of nobody in charge going to jail no matter what they do. 2008 meltdown, billions of people suffered but not one administrator, trader, or CEO went to jail. Big companies from oil to tech also routinely get caught in fraud or anticompetitive behaviour and—again—nobody gets jailed, the company merely gets fined a fraction of what they earned due to their behaviour, which obviously is no deterrent.
Do adult websites also need to implement this?
For example, captions on videos?
> - access to audio-visual media services such as television broadcast and related consumer equipment
But only if your adult website makes more than 2 million EUR in profit.
I'm guessing it's a joke because good luck trying to regulate these websites, even the bigger ones. France, and maybe other countries is trying to but fails to protect minors from these websites.
Can AI make inaccessible websites accessible from a consumer end? Why or why not?
I wouldn’t even use AI to generate image descriptions (because it doesn’t have enough context to convey the meaning, aside from being wrong many times). Designers and developers should see it as part of their trade to build inclusive products, not try to patch it up as an afterthought with Accessibility overlays or AI-based “fixes”.
You can certainly use AI to tick boxes.
Need a caption on an image or video? AI will generte it for you! But the quality is a different question. Is the caption correct? Is the caption usefull? In my test with images it was roughly 60/40 on the correctness.
On the other hand. If you force a company to provide those captions. They might use the cheapest provider. If they do a better job is anyones guess.
First thought that comes to mind, the AI will modify the content, do what the user sees is not the same as what others see. So how can you garantee that the AI does not mess up on some part of content ?
It can definetly help, like with describing images that have no description. But I doubt it can deliver good and consistent results to make whole websites accessible where developer have paid no attention to this topic at all.
From an efficiency standpoint it would be way better when devs run this once and not every visitor.
Whether AI would be a good solution or not, it then pushes the cost to the consumer which would be unfair and create disparities.
Automated caption for videos is probably something that .. somewhat works.
I'm blind - ai can help with some stuff, not with other. my favorite is the lack of labels on buttons or text that is supposed to be a table but is not marked as such. the ai should be able to get inside the page code and rewrite it into something usable which is let's say a heavy ask for most ai-s nowadays. the thing must get an enormous context of react js and apply surgical changes on the regular. maybe possible, but heavy, slow, and expensive, and every blind person will have to do it separately.
The better option is for the ai to review the code during development and suggest suitable accessibility measures compared to the spec and common guidelines.
Do adult websites also need to implement this? For example, captions on adult videos?
[flagged]
None of the penalties are jail time and microenterprises (<10 employees) are exempt.
There’s also a disproportionate burden clause that would also probably exempt you.
Thanks for clarifying!
Are you making more than 2 million EUR in profit?
And I also don't see anything related to music, the closes I can see is "audio-visual media services such as television broadcast"
What are you on about? This is target against big cooperation, so a blind person can buy a bus ticket online.
I wrote the website my music is hosted on (an audio visual media service) using Godot.
How am I supposed to make that accessible?
But I didn't know about the limits, which would make it okay in my case.
This is also FUD. Please stop it. The law is for disabled people who need to use important tools online. It is not about some guy who tries to sell his music.
Thanks for the clarifications, I hope you are right and this won't be abused.
I recall a website pushing pictures into the "license free" section of google images and then suing other websites reusing them for copyright infringement.
Isn't it the job of the User Agent to ensure the User can interact with the content?
It's a bit odd you could get sent to prison if your website can't be used by e.g. a blind person, but it's perfectly fine if it can't be used by someone without disabilities.
Who or what is the User Agent in this context? The browser for websites?
I'm not sure I quite understand what you are getting at. If you are company with more then 2 million EUR in profit, and you build a website for Transportation tickets, just add proper HTML tags so screenreads work. That is the gist if it.
The browser is the user agent. However browsers are lacking in the accessibility department, so instead we have to do all these weird hacks to make it work for them.
It seems to me that the article does not correctly define who this law targets. The actual regulation is about [1]:
- computers and operating systems
- ATMs, ticketing and check-in machines
- smartphones
- TV equipment related to digital television services
- telephony services and related equipment
- access to audio-visual media services such as television broadcast and related consumer equipment
- services related to air, bus, rail and waterborne passenger transport
- banking services
- e-books
- e-commerce
For my part, I would dream of this regulation mandating backward support for browsers at least seven years back to stop the nowadays framework madness. As a great example, my bank login page is 10MB.
[1] https://commission.europa.eu/strategy-and-policy/policies/ju...
I never thought to check my banks login pages, as I never had an issue with the loading speed. I had other issues (related to bad bank related service) so I changed a couple of banks.
Current banks login pages are a bit below 3 MB.
I see it as a prioritization issue. Are you happy with your bank services except the size of the (login) pages? Probably they focus on what they should as there would be more customers switching due to bad service than to page sizes. There are probably few scenarios where 10 MB is a problem - most of it should get cached anyhow after the first load.
The bank that we use (and are unable to change due to the B2B nature of our operations) sucks in every aspect of relations. Both offline and online.
I think it's absolutely normal to be an expert (in web development) and measure businesses based on their web apps. And yes, if an organization where online is a critical point, such as banks nowadays, ignores the problems with their code, this is most probably a sign that the entire organization is broken.
In my case this is a 100% match.
Well, I had never looked at how much our login page weighs, but it's 65KB [1].
Please shoot me if it gets over 1MB!
[1] https://play.tirreno.com/login
It will be 150mb when accessible due to even more frameworks.
Just on the contrary, critical applications such as government services or banking could provide a light version that just works, maybe a simple HTML/CSS frontend without heavy frameworks to ensure that the service is deliverable.
Once I faced an issue with the SBB ticket system (Swiss rail tickets) that was not working on my iPhone (maybe 8), not in Safari on macOS, and I needed to buy a ticket on the train as in this particular place there was no offline ticket service.
Such services indeed must have a minimal requirements version.
less javascript + less dynamically loaded/changed content is the solution to web accessibility
Tell that to the developers that are 5 years, 1 million lines and 500 TODOs deep into their legacy React banking frontend. Adding stuff on top of your existing hacks is easy, taking unnecessary code away is hard. Especially if all your training on web accessibility was a one-day workshop where you never actually learned how to do anything, only why you need to do it.
Source: I used a frontend developer working on a big bank frontend. The existing UI stack was horrendous and deadlines and bank politics wouldn’t allow you to refactor anything. Just build shit on top and hope that Jenga tower of a web application doesn’t fall apart halfway there.
Thank you so much for sharing this! This is absolutely exactly how it feels.
I believe the most important point here is the internal business politics that allows such an approach in development. Once I was curious and tried to find out how private banks' front ends look, and I was surprised to learn that they used minimal frameworks (sometimes none) and obviously zero external resources.
One thing is clear: if the business structure allows 10MB for a login page, this is not only about the front-end, this could be about all services and could spread much wider.
BTW, the bank that we use (with the 10MB login page) totally sucks in every aspect of business relations as well.
This is unhinged FUD. I have some websites, that needs to adhere to the new rules. It was fairly easy to do. One of them is a react app with mantine components. I was done in less than a day and have not changed the asset size at all.
is that not mostly defined in the HTML part?
I'm sure this will freak out many indie developers, but relax this doesn't affect you.
Just yesterday I stumbled upon a developer video from Germany who was trying to build some AI RAG SaaS for small businesses and was completely overwhelmed with the EU Privacy and data protection regulations and was stuttering when was talking about going to jail for using OpenAI API the wrong way.
Just Wow. These things are not for you, nobody is going to jail for their app or paying life ruining fines in Europe as long as they don't actually cause real harm. All those rules and regulations are intended for large companies who abuse their power or harm large parts of the society by ignoring stuff when not making them profit.
The directive contains lighter requirements for microenterprises, in some cases going as far as not even asking them to make a paper trail and just trust their word for it. Of course it's going to hit micro companies less than big companies, who's going to sue a micro enterprise because the atm isn't designed with accessibility in mind
US-centric view here. There's a whole cottage industry of people who look for micro-accessibility-infractions and milk it for everything they can get. Nobody's too small to be sued, and nobody's too small to file a suit.
Maybe that's my next get-rich scheme? I could be filing ADA lawsuits against all websites because they don't have a functional speech recognition interface using the speech recognition environment I am paying for.
But what would the benefit be to suing someone small in the EU? It's not like you get money from it.
Any examples of people who got sued?
Yes and No. EU acts are only guidelines and minimal requirements to be implemented by member country governments. There is a problem of gold-plating, overregulation of laws in some countries. In worst cases once you are targeted by audit of law enforcement which may burn all you focus and time, you only dream to close your small business and leave the country.
True, it all depends on the implementation in each country. Any examples of this happening to small developers?
No, this is a directive - they are not being interpreted.
Sorry but this line of "don't worry buddy, nobody cares about your small company" reasoning is dangerous. No reputable company wants to operate in a legal grey zone. Or do these directives and the corresponding laws explicitly only apply to large corporations?
Edit: I'm not complaining about the regulations in this comment, I'm saying that it's bad advice to ignore them just because you're a small business unless there is an exception for them. As it happens, exceptions for small business are planned.
Any examples of indie devs burned by that danger? Don't do shady stuff and you will be fine and if you do shady stuff and push for edge cases and interpretation ambiguities to run your business then study the laws in details and lawyer up.
The basics are simple enough to run a legit business. There are some obvious and basic data protection requirements but I wouldn't call a gray zone unless pushing for it. Also, there's no EU police checking apps for violations etc. You don't just get sued the moment your app hits the App Store.
There is no legal grey zone. Just read the law. In Germany it's the BFSG (Barrierefreiheitsstärkungsgesetz) and it is much more pleasant than this monster of a word let's you assume.
It mainly boils down to: write ARIA tags and adhere to WCAG version 2.1 level AA.
I have no idea why you're replying to my comment, I wasn't insinuating that these regulations are hard to follow, I was replying to someone who suggested that small companies don't need to care about them because these laws are intended for large corporations only and won't be enforced on small business. IANAL but that's advice to operate in a legal grey zone and generally not recommended unless the respective laws explicitly make exceptions for small businesses - which they happen to make but OP failed to mention this.
I don’t know the exact wording, but from the GDPR and accessibility trainings I had to sit through at the enterprises I used to work at, I believe there is a certain size of company under which the regulations don’t apply. That was somewhere in the millions in revenue each year, so if you’re actually an indie-hacker, this should not apply to you. I’ll check if I can find a source for that claim though.
There are some parts of GDPR that are non-negotiable however, even for indie hackers. If you collect personally identifiable info, you NEED a privacy policy, a process for users to get their data deleted if they request it, for example.
I read the article and I feel unseen, invisible. It is yet another accessibility initiative that assumes users fit into the 'blind' or 'not blind' categories. There's never a mention of people needing speech recognition or any other physical mobility aid. Keyboard shortcuts are not enough.
I should be able to navigate a webpage completely by speech. The actual speech UI would take some thinking. You want both absolute by name and relative references, as in "follow that link," "third link back," "follow threads", and " follow new," as a bare minimum.
First good way to improve accessibility is to remove cookie banners, especially those that pop out after a while after website loads.
I'm all for making the apps / websites that are essential for disabled people accessible.
But for smaller companies, getting the website/app up to the rules for European Accessibility act can be over their limits, cause it's not an easy task, depending on the type of UI your app is using.
So their only option is just to avoid Europen market, if they don't want to go to jail.
And European Software marked will be left behind even more.
Europe has 0 power in online world and they keep it like that by making dumb rules everyday.
Don't know what you define as small but when you have two million per year turnover and ten employees you should think about complying to the available laws. Since those are the cutoff numbers where below it does not apply.
A 15-people business is most definitely a small business.
> complying to the available laws.
That's why Europe has gotten into its present sorry state when it comes to IT. They're winning all the law-related battles but they've lost the big war, just look of how all of Europe is a slave to the American IT industry (after all, we're having this conversation on a an American-run forum, even though I presume that we're both EU citizens).
Well-capitalized American consumer software companies have been able to outcompete European competitors by taking a product developed for the US and offering it in the EU market at zero marginal cost. In areas of IT where zero-marginal-cost expansion is not so easy (e.g. industrial control software that comes bundled with the equipment it is controlling) there doesn't seem to be much of an American advantage.
Stringent regulations that American companies won't be compliant with without extra effort can be expected to increase the relative competitiveness of European companies in the EU.
That might be true, but it’s also the reason we don’t have a Zuckerberg or Musk taking charge of EU politics. There’s a balance to be struck here, and I prefer this over being a slave to American big tech.
No. It's von der Meyer and other plutocrats, making every country lose sovereignty in ever expanding ways. We went from better trade and transport to a bureocratic unaccountable beast that eats money at insane speed and becomes more censorious, pro war and power hungry with each year that passes.
There's benefits, but there's a LOT of cons that people refuse to admit, and this is not saying "brexit was better", just that EU politics are riddled with corruption and pretending we're good because we try to compare ourselves to a different context in the USA is just pointless.
> But for smaller companies, getting the website/app up to the rules for European Accessibility act can be over their limits, cause it's not an easy task, depending on the type of UI your app is using.
If this leads to better accessibility in the common frameworks or the emergence of more accessible frameworks, it will be a win for every Internet user in the world, though. This is a technical issue that can be fixed.
The opposite, the directive is posed to harmonize a situation introducing a common ground for the states to legiferate in a similar way, helping companies have less work to do to adapt one product to another state laws, I'm quoting the first points of the directive:
The purpose of this Directive is to contribute to the proper functioning of the internal market by approximating laws, regulations and administrative provisions of the Member States as regards accessibility requirements for certain products and services by, in particular, eliminating and preventing barriers to the free movement of certain accessible products and services arising from divergent accessibility requirements in the Member States. This would increase the availability of accessible products and services in the internal market and improve the accessibility of relevant information.
Due to the differences in national accessibility requirements, individual professionals, SMEs and microenterprises in particular are discouraged from entering into business ventures outside their own domestic markets. The national, or even regional or local, accessibility requirements that Member States have put in place currently differ as regards both coverage and level of detail. Those differences negatively affect competitiveness and growth, due to the additional costs incurred in the development and marketing of accessible products and services for each national market.
The approximation of national measures at Union level is therefore necessary for the proper functioning of the internal market in order to put an end to fragmentation in the market of accessible products and services, to create economies of scale, to facilitate cross-border trade and mobility, as well as to help economic operators to concentrate resources on innovation instead of using those resources to cover expenses arising from fragmented legislation across the Union.
I was once talking with the cto of an Ai law startup who made a presentation in university, and he noted that one of the main issue to move to other countries would have been different laws. Of course for the whole law sector that's impossible to harmonize (at least for the time being), but if for some things there can be harmonization, it's a win win for everything
Smaller companies are exempt from those things. In Germany the rule is less than 10 employees or less than 2 million in sales.
I think this is reasonable. What you are writing feels less reasonable.
The part that you may be missing here is that Europe puts people first. America (in particular, but not exclusively) puts business (or money) first.
The thing of the smaller people always comes up when digital regulations are to be, yet on other industries everyone copes, including street vendors, granted in some countries there is a gray zone in following laws, but still they usually come up.
Also we can follow China's leadership and get our own digital wall.
> Europe has 0 power in online world
The annoying cookie banners prove you wrong.
Most smaller companies aren't in the markets this legislation is written for anyway. This primarily places demands on four types of software/digital products (not a lawyer):
* Banks
* Webshops
* Operating Systems
* Software designed for Communication
The rest is all hardware devices (ATMs n such), public government services (the public transport schedule), relates to TV or isn't software in the first place (ebooks).
Banks and OSes are markets with only a few players and none of them are small. It'll be interesting to see if this on a technical level will demand changes for Wayland, afaik it's story on accessibility is pretty shit still.
Webshops overwhelmingly either use larger third parties as intermediaries (ie. Etsy) or stuff like woocommerce, an off the shelf solution developed by Automattic (who will obviously have to accommodate by updating woocommerce, which they probably will since iirc they offer a commercial solution for woocommerce themselves).
And communication software really is the big one, but most people aren't making new ones of those either. That's gonna be a pain for Slack/Salesforce, Meta, Reddit and so on, but they'll have legal pressure to comply (which opens up a lot more room to accelerate and give money to that sort of thing). If you start out in this market in particular, it'll probably be easy to comply with this regulation "from the ground up", just like how it's pretty easy to not build a data slurper from scratch after the GDPR got passed into law.
The thing they all have in common is that there's relatively few actual competing products.
ADA lawsuits in the US are frequent and often somewhat frivolous, and they probably cost way more than European fines, so I don't think the regulation puts the European software market at a disadvantage. I admit it's bad for small companies, though, when they want to or need to use alternative GUI frameworks (usually, for technical or licensing-related reasons). For instance, I was planning to use Fyne with Go for some small apps, but it has zero accessibility support and is therefore out of question.
[dead]
There's a German version that has nice FAQ and is written in a more human friendly way going into all the details. You can use Google translate https://bfsg-gesetz.de/#faq
I'm very interested in how they've implemented Google Analytics. No external JS is loaded, just 9KB of packed JS embedded implementing a minimal call... and then it is being sent to their own script analytics4.php which acts like MITM. Does anyone know the name of the plugin or package they are using?
These rules don't apply to businesses that make less than 2.000.000€ a year and have less than 10 employees and don't create physical products.
Punishing groups for failing to implement accessability seems drastic, isn't there some to spurn them to action with incentivization instead? You catch more flies with honey..
If a shopping mall refused to build a wheelchair ramp, would you be fine with them not receiving any kind of penalty?
Sometimes you just have to remind people what it means to be a part of a civilized culture with a properly sized stick. Special circumstances.
The honey is that being accessible could increase your possible market up to 10%.
Uhm hasn't this been the case since 2019-2022 or somewhere close to those years?
In Denmark we had a year to make government/public apps fully accessible and the same for websites and documents presented on websites.
We also had to create accessibility certificates and dedicated pages on the websites to prove and clarify the state of the accessibility (or lack of, together with a statement of what's being done to remedy the issues).
Are these "new" EU laws for a different sector (private?) or something else? I can't find any references in the article. I may be blind (pun intended).
I do build websites for public sector in Denmark and we are only starting now with accessibility :( I don't know the actual law, but I would be surprised if multiple regions would just ignore them for this long.
And yes, these new laws seems to be aimed for private sector as well.
> If companies fail to comply with the European Accessibility Act they could be hit with fines and even prison sentences for senior staff.
That seems extremely excessive. A prime example of regulatory overreach.
That depends. I'm perfectly happy as a European business owner that it is made very clear that accessible software is not optional, and even if you think it is expensive, that you can't just sit around and wait for the fine to hit.
The reality is that if you're ignoring this stuff, you are effectively eliminating a significant chunk of the population from participating in public life. It's about as bad as not having wheelchair ramps in public places, except the same software runs everywhere, so it's not the one virtual 'building' missing it, but all buildings made by the same architect.
These penalties are essential to counterbalance the financial trade-off companies often make by deprioritising accessibility. Without serious consequences, it’s rational for executives to cut costs at the expense of inclusion. This ensures accountability at the level where those decisions are made.
> These penalties are essential to counterbalance the financial trade-off companies often make by deprioritising accessibility. Without serious consequences, it’s rational for executives to cut costs at the expense of inclusion. This ensures accountability at the level where those decisions are made.
You can impose arbitrarily high financial penalties, or even shut down the business, and that's plenty enough for the incentives to tilt in the correct direction. But prison? How the heck is that necessary for this?
This is likely just you who are not too familiar with how law is practiced in the EU.
In the EU the directives define a max range. Eg. 10% of global revenue or 20 million EUR whichever is higher.
Then the court figures out to what extend the company broke the law.
This system is needed to make sure that there are not some member states that are more forgiving and provides a competitive edge for companies to move there.
A prison sentence for not providing captions on an OF video isn’t overreach? I’m not sure if I’m being hyperbolic or not, the article didn’t go into any meaningful depth.
I bet you a beer nobody will go to jail for not captioning an onlyfans video, because that is not how regulations work.
There is a range of fines, and a minor non-repeat infringement will obviously not get you the maximum penalty.
But consider the case where a person cannot book a medical appointment, or ask a refund, or claim insurance. The company will be fined, and if the offense does not get fixed than _at some point_ the responsible person may face jail time.
To given an idea, one of the more relevant lawsuits on the GDPR was about linking to Google Fonts/Google CDN resources on a blog.
The judge in that case held that doing so is a privacy violation since the webpage now connects to Google without the users' consent. Total fine? €150. An extremely token amount because the blog owner obviously didn't intend to break the law. Quite the contrast to the million dollar fines you hear about for big tech companies.
This is the first time I've heard about these new rules on EU digital accessibility and yet I am absolutely sure that you are being hyperbolic about "a prison sentence for not providing captions on an OF video". Assume good faith.
Never assume good faith when it comes to the EU. I say that as a EU citizen.
Do you understand how laws work?
Laws are not computer code. They're not run, unthinkingly, by a judge acting as a CPU.
We have humans (like juries) looking to see whether an offence was committed. Are they going to find someone guilty of an offence like this?
Then we have judges who look at the whole facts of a case to determine a sentence[0]. Would they think it proportionate for a first-time offender to be imprisoned for this?
On the other hand, if a large content creator has been repeatedly warned not to break the law and they've ignored those warnings, why shouldn't they be punished?
[0] Yes, some jurisdictions have sentencing guidelines and mandatory minimums.
According to you blind people have no right to a bank account?
What makes you think that exact scenario would result in a prison sentence?
Again, it seems like you don't understand how this stuff works.
"providing captions on an OF video" likely will not lead to full non-compliance.
Anywho, to what extend I agree with stuff like this is another conversation. Just don't misrepresent how the legal system works.
The possibility of jail-time only exists in Ireland, no other country in the EU. Even there, prison-time is the maximum, not a guarantee. Courts may opt for fines, suspended sentences, or probation, I don't think at any point will anyone go to jail for this, especially considering this is only a possibility after a conviction and repeated non-compliance in important sectors like healthcare, banking or transport.
As far as I can understand the punishments are implemented in a per country basis, I've found only Ireland could put people in prison for that https://reciteme.com/news/european-accessibility-act-fines/
Is it because it's digital? For example if a shopping mall would refuse to build a wheelchair ramp / elevator, would you still consider it being excessive?
It's discrimination, e.g. the web is perfectly suited to be used with keyboard only, yet companies make it impossible.
it's not overreach, it's deliberate racketeering. fining American companies is a non-insignificant chunk of EU budget at this point, so new nebulous laws and rules need to be invented to keep the racket up.
I rather have this than capitalism takes everything.
On the contrary, the history of the last 20 years of capitalism has been that of nobody in charge going to jail no matter what they do. 2008 meltdown, billions of people suffered but not one administrator, trader, or CEO went to jail. Big companies from oil to tech also routinely get caught in fraud or anticompetitive behaviour and—again—nobody gets jailed, the company merely gets fined a fraction of what they earned due to their behaviour, which obviously is no deterrent.
Do adult websites also need to implement this? For example, captions on videos?
Mhhh, maybe? https://news.ycombinator.com/item?id=44394684
> - access to audio-visual media services such as television broadcast and related consumer equipment
But only if your adult website makes more than 2 million EUR in profit.
I'm guessing it's a joke because good luck trying to regulate these websites, even the bigger ones. France, and maybe other countries is trying to but fails to protect minors from these websites.
Can AI make inaccessible websites accessible from a consumer end? Why or why not?
I wouldn’t even use AI to generate image descriptions (because it doesn’t have enough context to convey the meaning, aside from being wrong many times). Designers and developers should see it as part of their trade to build inclusive products, not try to patch it up as an afterthought with Accessibility overlays or AI-based “fixes”.
You can certainly use AI to tick boxes.
Need a caption on an image or video? AI will generte it for you! But the quality is a different question. Is the caption correct? Is the caption usefull? In my test with images it was roughly 60/40 on the correctness.
On the other hand. If you force a company to provide those captions. They might use the cheapest provider. If they do a better job is anyones guess.
First thought that comes to mind, the AI will modify the content, do what the user sees is not the same as what others see. So how can you garantee that the AI does not mess up on some part of content ?
It can definetly help, like with describing images that have no description. But I doubt it can deliver good and consistent results to make whole websites accessible where developer have paid no attention to this topic at all.
From an efficiency standpoint it would be way better when devs run this once and not every visitor.
Whether AI would be a good solution or not, it then pushes the cost to the consumer which would be unfair and create disparities.
Automated caption for videos is probably something that .. somewhat works.
I'm blind - ai can help with some stuff, not with other. my favorite is the lack of labels on buttons or text that is supposed to be a table but is not marked as such. the ai should be able to get inside the page code and rewrite it into something usable which is let's say a heavy ask for most ai-s nowadays. the thing must get an enormous context of react js and apply surgical changes on the regular. maybe possible, but heavy, slow, and expensive, and every blind person will have to do it separately.
The better option is for the ai to review the code during development and suggest suitable accessibility measures compared to the spec and common guidelines.
Do adult websites also need to implement this? For example, captions on adult videos?
[flagged]
None of the penalties are jail time and microenterprises (<10 employees) are exempt. There’s also a disproportionate burden clause that would also probably exempt you.
Thanks for clarifying!
Are you making more than 2 million EUR in profit?
And I also don't see anything related to music, the closes I can see is "audio-visual media services such as television broadcast"
What are you on about? This is target against big cooperation, so a blind person can buy a bus ticket online.
I wrote the website my music is hosted on (an audio visual media service) using Godot. How am I supposed to make that accessible?
But I didn't know about the limits, which would make it okay in my case.
This is also FUD. Please stop it. The law is for disabled people who need to use important tools online. It is not about some guy who tries to sell his music.
Thanks for the clarifications, I hope you are right and this won't be abused.
I recall a website pushing pictures into the "license free" section of google images and then suing other websites reusing them for copyright infringement.
Isn't it the job of the User Agent to ensure the User can interact with the content?
It's a bit odd you could get sent to prison if your website can't be used by e.g. a blind person, but it's perfectly fine if it can't be used by someone without disabilities.
Who or what is the User Agent in this context? The browser for websites?
I'm not sure I quite understand what you are getting at. If you are company with more then 2 million EUR in profit, and you build a website for Transportation tickets, just add proper HTML tags so screenreads work. That is the gist if it.
The browser is the user agent. However browsers are lacking in the accessibility department, so instead we have to do all these weird hacks to make it work for them.