0
Top Privacy and Cybersecurity Trends of 2021Year in Review: 2021’s Top Privacy and Cybersecurity Trends

Year in Review: 2021’s Top Privacy and Cybersecurity Trends

Despite the ongoing COVID-19 pandemic, 2021 proved to be another incredibly busy year for consumer privacy and cybersecurity. In this blog post, we revisit some of the most important domestic and international privacy and cybersecurity trends of the past year. 

 

New State Consumer Privacy Laws 

On the heels of the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), Virginia and Colorado became the next two states to enact comprehensive consumer privacy laws. Signed into law by Governor Ralph Northam back in March, the Virginia Consumer Data Protection Act (VCDPA) becomes effective on January 1, 2023 and applies to all companies who operate a business or produce products or services that are targeted to residents of Virginia and meet certain thresholds. Months later in July, Governor Jared Polis signed the Colorado Privacy Act (CPA) into law. Set to go into effect on July 1, 2023, the CPA applies to controllers that conduct business in Colorado or produce or deliver commercial products or services that are intentionally targeted to residents of Colorado and meet certain thresholds. Both the VCDPA and the CPA carve out several exemptions for entities that are already covered under the privacy and security requirements of other federal laws. Unlike the CCPA and the VCDPA, however, the CPA does not provide an exemption for non-profit organizations. Furthermore, neither the VCDPA nor the CPA offer a private right of action. 

Other notable state privacy developments include New York’s new rules on employee electronic monitoring as well as Nevada’s SB260 amendment, which expanded the right to opt-out of sales and created new requirements for “data brokers”. 

As we head into 2022, we anticipate that the patchwork of state consumer privacy laws will continue to grow. Beckage recommends that businesses take proactive steps to first evaluate what laws and regulations apply to their business and then develop a comprehensive roadmap and plan to mature their data privacy and security posture both internally and externally.   

 

Continued Focus on Cybersecurity 

Threat actors in 2021 continued to launch increasingly sophisticated ransomware and cyberattacks against businesses of all sizes and in all industries. In the wake of highly disruptive attacks such as SolarWinds and the Colonial Pipeline ransomware attack, both the federal government and also state governments sought to increase their focus on cybersecurity standards. For example, the New York State Department of Financial Services (NYDFS) issued guidance to cyber insurers in the form of the Cyber Insurance Risk Framework. The Cybersecurity and Infrastructure Security Agency (CISA) also regularly issued advisories informing businesses of vulnerabilities. In an effort to secure critical infrastructure, President Biden signed an Executive Order on “Improving the Nation’s Cybersecurity” in May. The new Civil Cyber-Fraud Initiative announced by the Department of Justice back in October further indicates the increasing importance of developing and maintaining resilient cybersecurity protocols.  

The federal government’s response to this year’s exponential increase in ransomware attacks has led several high-profile threat actors – such as DarkSide, REvil, and Black Matter – to take their dark web platforms offline.  At the same time, however, new variants of ransomware are constantly emerging and there is significant evidence that experienced cyber criminals are rebranding to evade law enforcement rather than shutting down their operations.   

In this complex threat landscape, companies across industries are wisely seeking to secure or renew cyber liability coverage in an increasingly competitive market.  Insurers are asking meaningful questions about applicants’ security programs and expecting strong safeguards in place.  For organizations of all sizes, the past year has shown that cybersecurity incidents are now a question of when rather than if.  

Beckage’s Incident Response Team urges businesses to develop plans and procedures to mitigate cyber and legal risk. Beckage recommends businesses continue to dedicate internal resources to refining compliance programs and testing incident response plans through tabletop training exercises. 

 

Health Privacy and Compliance Challenges 

Our lives have become increasingly digitized, and 2021 was no different – especially with the COVID-19 pandemic. The proliferation of apps and technologies handling personal health data led the FTC to confirm back in September that the requirements contained in the agency’s Health Breach Notification Rule extend to health apps and connected device companies. And as the world continued to operate under the shadow of the COVID-19 pandemic, businesses faced – and will continue to face – uncertainty regarding new federal vaccination and testing policies. Beckage’s Data Security and Privacy Compliance and Health Law Teams recommend businesses take stock of their employee data collection practices in their efforts to prevent the spread of COVID-19. 

 

Biometrics Class Actions, BIPA Claims Accrual, and Statute of Limitations 

In 2021, litigation under Illinois’ Biometric Information Privacy Act (BIPA) remained at the forefront of the data privacy landscape. As we noted back in JanuaryMarch, and April, BIPA’s private right of action has contributed in part to an increase in the number of class actions. In September, the First District of the Illinois Appellate Court found that the statute of limitations period could range from one year to as much as five years depending on the nature of the alleged violation. But as the year closed out, Illinois courts continued to wrestle with the issues of BIPA claims accrual and statute of limitations. As this blog post goes to press, the U.S. Court of Appeals for the Seventh Circuit had just issued its decision in Cothron v. White Castle, certifying the issue of BIPA claims accrual to the Illinois Supreme Court.  

 

Website Accessibility Litigation and What Counts as a Place of Public Accommodation 

The Beckage Accessibility Team continues to see a drastic increase in litigation filed under Title III of the Americans with Disabilities Act (ADA) as well as the rapidly evolving caselaw surrounding website accessibility claims. 2021 is set to be a record-breaking year, with approximately of 4,000 new lawsuits filed this year alone, with most of these cases filed against small to medium sized businesses. The issue of whether websites qualify as places of public accommodates under the ADA continued to take shape in 2021. For example, in May the Eleventh Circuit Court of Appeals held in Gil v. Winn-Dixie Stores that a website is not a “place of public accommodation” under Title III of the ADA, creating a clear conflict with 9th Circuit authority that has held a website is a place of public accommodation if there is a nexus to a brick and mortar location. In September, the United States District Court for the Eastern District of New York issued a decision in Winegard v Newsday LLC, which also concluded that a website is not a “place of public accommodation” under Title III of the ADA. Despite this unsettled landscape, we anticipate more litigation to come around the specific statutory definition of what constitutes a “public accommodation.” 

Nevertheless, there is no end in sight for companies facing lawsuits under the ADA. Accordingly, Beckage recommends that businesses with any online presence or mobile application take proactive steps and prioritize accessibility internally. Minimizing legal risk through a digital accessibility compliance buildout that includes both a full scale audit of digital assets and internal and external policy development is recommended for all businesses looking ahead in to 2022.  

 

Telephone Consumer Protection Act (TCPA) 

TCPA class actions are numerous. Beckage’s TCPA team has charted the complex legal landscape surrounding text message marketing and telemarketing throughout the course of 2021. In April, we covered the decision by the Supreme Court of the United States in Facebook v. Duguid et al., which narrowed the scope of the TCPA down to systems that utilize random number generators. In November, we covered Florida’s new telemarketer requirements. As we head into 2022, TCPA compliance will continue to be an important area of focus for businesses. Businesses that leverage text messaging marketing as part of their consumer outreach should evaluate compliance initiatives and stay up to date on this fast moving area of the law. 

 

More Global Privacy and Cybersecurity Developments 

Privacy and cybersecurity continued to be areas of significant focus on an international scale. For example, China’s new Data Security Law (DSL) and new Personal Information Protection Law (PIPL) became effective on September 1 and November 1, respectively. Along with the Cybersecurity Law (CSL) of 2017, these two new laws have added a set of new cross-border requirements for international companies seeking to do business in China. Furthermore, following the Schrems II decision, which invalidated the EU-US Privacy Shield, the EU Commission released new standard contractual clauses (SCCs) intended to provide more flexibility and options for cross-border data exchange. The new SCCs are applicable for all new contracts entered into as of September 27, and businesses have until December 27, 2022 to transition all contracts using the older SCCs to ones with the new SCCs. Additionally, Québec’s Bill 64, which received royal assent a few months ago, has a series of new requirements coming into effect within the next couple of years for businesses both within and outside the province. 

On the global data privacy class action front, the UK Supreme Court’s recent decision in Lloyd v. Google suggests that opt-out class action cases for data privacy claims will be very difficult to bring. 

 

Conclusion and Key Takeaways 

In the midst of the ongoing COVID-19 pandemic and a rise in sophisticated cyberattacks, 2021 saw many privacy and cybersecurity trends and developments. There were new laws and regulations on both a domestic and an international scale. Case law in relevant areas developed rapidly, with some issues still unresolved as we embark on 2022. Things do not seem to be slowing down at all in the realm of privacy and cybersecurity. Beckage’s team of attorneys and technologists work with businesses of all sizes and industries to develop comprehensive scalable data security and privacy infrastructures to navigate this fast moving area. 

*Attorney Advertising. Prior results do not guarantee similar outcomes. 

Subscribe to our newsletter. 

Website AccessibilityEastern District of New York Holds a Website By Itself is Not Place of Public Accommodation

Eastern District of New York Holds a Website By Itself is Not Place of Public Accommodation

Website class actions alleging violations of the Americans with Disabilities Act (“ADA”) continue to dominate the court systems. These lawsuits are indiscriminate involving businesses of all sizes across a myriad of industries. Commonly, these lawsuits involve a plaintiff who suffers from a disability and attempted to access a business’s website, alleging that the website itself should be considered a place of public accommodation, but their disability hindered their enjoyment of the business’s services. Nevertheless, a court in the Eastern District of New York has unequivocally concluded that a website is not a “place of public accommodation” within the meaning of Title III of the ADA.

Winegard v. Newsday LLC

On July 31, 2019, Plaintiff Jay Winegard, a legally deaf individual residing in Queens, New York, filed an action in the Eastern District of New York against the news service provider Newsday. Winegard alleged that Newsday violated the Americans with Disabilities Act, the New York State Human Rights law, and the New York State Civil Rights Law, and the New York City Human Rights Law in failing to provide closed captioning on two of the videos it hosted on its website.

On May 1, 2020, Newsday filed a Motion to Dismiss, arguing, in relevant part, that Newsday is not a place of public accommodation within the meaning of Title III of the ADA.

On August 16, 2021, while initially observing that the Second Circuit has not squarely resolved whether a website itself is a place of public accommodation, the Eastern District of New York concluded that “the ADA excludes, by its plain language, the websites of businesses with no public-facing, physical retail operations from the definition of” places of public accommodation. In reaching its conclusion, the court relied heavily upon the text of the ADA, noting that the ADA’s definition of places of public accommodation were overwhelmingly comprised of physical locations.

Echoing the recent Eleventh Circuit holding in Gil v. Winn-Dixie, the court further called upon Congress to clarify whether the places of public accommodation include websites and further remarked that in the thirty-one years since the passage of the ADA, Congress has failed to add non-physical places to the definition of places of public accommodation.

Finally, the court in Winegard concluded that previous Second Circuit reliance on Pallozzi v. Allstate Life Insurance Co. is misplaced, as that matter dealt with the enjoyment of insurance services which still had to procured at a physical location.

What does this mean going forward?

Whereas the Court’s decision in Winegard may not initially upend all website-based ADA claims in the Second Circuit, it is yet another example of the eroding argument that websites are automatically places of public accommodation. To that end, it is important that companies are proactive and prioritize accessibility to put themselves into a legally defensible position.

At Beckage, we have a team of highly skilled attorneys and technologists who are uniquely situated to help clients navigate website accessibility and work towards national and international standards with other privacy and security laws. Beckage works with clients at all stages of accessibility analysis and is here to help make your company ADA compliant and help ensure your company has the right tools in place to mitigate risk.

Subscribe to our newsletter.

*Attorney Advertising; prior results do not guarantee similar outcomes.  

Website AccessibilityWhy Companies Should Take A Holistic Approach to Digital Accessibility

Why Companies Should Take A Holistic Approach to Digital Accessibility

Over the past several years, there has been a tremendous increase in the prevalence of digital tools, online businesses, and mobile applications.  This has led to a spike of litigation in both federal court, under Title III of the Americans with Disabilities Act (ADA), and similar state statutes, such as New York Human Rights Law and California’s Unruh Act, as users with a variety of disabilities allege challenges in accessing various components of a company’s online business.  

The Beckage Website Accessibility Team, made up of lawyers who are also web developers and web design business owners, continues to monitor federal and state filings under the ADA, which have more than quadrupled in the past seven years. While no industry is immune, we have noticed a trend of lawsuits targeting the retail and restaurant sector, as more individuals with disabilities are seeking out websites over brick-and-mortar stores, creating higher risk for online businesses with accessibility issues.

Part of the surge in litigation over the past handful of years is caused from the lack of clarity from the Department of Justice, the federal agency responsible for enforcement of the ADA. In 2017, the DOJ declined to issue clarifying regulations, contributing to continued uncertainty on clarity on what digital accessibility entailed. Hence a waive of litigation ensued and shows no signs of letting up. Thus, absent any legislation or guidance from the DOJ, now is the time for organizations for organizations to take a holistic approach to digital accessibility, taking proactive steps to make their digital platforms accessible for users with a variety of disabilities. But what does that look like in practice and why should your organization make accessibility a priority in 2021?

Current Legal Landscape

As any good business understands, it is crucial to always keep the consumer top-of-mind, and your online presence is certainly no exception. Creating a digital platform that can be used by the greatest number of consumers possible should always be the goal, and that number needs to include the 1 in 5 Americans who have a disability.

However, deciphering what exactly it means for an online business to be considered accessible under Title III of the ADA has been a constant challenge for companies, web designers, and attorneys working in the accessibility space. Despite the DOJ’s lack of clarity on this issue, the Web Content Accessibility Guidelines (WCAG) 2.1, private industry standards promulgated by the World Wide Web Consortium (W3C), are widely accepted by the industry and courts for measuring accessibility.  The WCAG standards are broken down into three “levels” of acceptability: Level A, Level AA, and Level AAA.  Level A and Level AA are where most common barriers for disabled users exist and are thus the accepted standards to achieve website accessibility.  

It is also important to note how Title III of the ADA intersects with privacy regulations. For example, while there is currently no federal data privacy law, the California Consumer Protection Act (CCPA) requires that website Privacy Policies be “reasonably” accessible to individuals using screen-reading software and other tools to access a website. This is an important piece of this comprehensive data privacy legislation and while it doesn’t address the accessibility of the rest of a business’s website, making sure your digital tools, such as web forms for data subject rights, cookie consent banners, and other similar tools on your website, are accessible to the greatest number of users makes wise sense in the spirit of this regulation.  Additionally, with a new administration in the White House, anticipate that we may see federal legislation that clarifies clarify both data privacy and accessibility standards on a national level, which would make working towards compliance and avoiding predatory lawsuits easier for companies with an online presence.

What We’ve Learned About ADA Accessibility Claims

Practically speaking, it remains unclear what having an “accessible” website means. For this reason, a very high number of ADA cases filed against online businesses are quickly settled outside of court to avoid the expense of litigating in such uncertain terrain.   

Website and mobile app accessibility claims against businesses in a variety of sectors have become a familiar occurrence.  Most of these cases have similar allegations; a disabled individual argues that they encountered multiple access barriers that denied him/her full and equal access to the goods and services offered online by a company. In most of these cases, the plaintiff has attempted to leverage screen-reading software to access the website or mobile application and claims the platform is incompatible with the assistive technology they are using. 

Other commonly made claims include improperly labeled links and pages, inconsistent placement of on-page elements, like the shopping cart, and lack of image alt-text, title elements, and other features that help blind users navigate a website. Thus, the plaintiff argues, the business has violated Title III of the ADA and related state statute, entitling the plaintiff, among other things, to injunctive relief and attorneys’ fees.   

Practical Steps for Businesses

The sheer volume of settlement agreements and cases Beckage has worked on has exposed some common themes and provided valuable insights into how online businesses can proactively address website accessibility and minimize legal risk.  We recommend the following four-prong approach:  

  1. Consult with legal tech counsel, like Beckage, to evaluate litigation risk and regulatory compliance;
  2. Have your website or mobile app audited with the protection of attorney-client privilege or with a trusted third party vendor against the WCAG Level A and Level AA standards to determine what remediation is necessary to address any existing barriers and test your website using assistive technology, such as a screen reader, to be sure all barriers have been remedied.
  3. Publish a legally-reviewed Accessibility Statement on the forward-facing website and mobile application, and work to develop internal policies, procedures, and a training program that implement regular audit and assessment of accessibility; and
  4. Operationalize accessibility within your organization, prioritizing a top-down, multi-department approach throughout your organization to building accessibility.

Keeping in mind the end goals of improving usability for individuals with disabilities and avoiding frivolous lawsuits, businesses can arm themselves with a proper plan to address their online platforms’ accessibility. From our experience, a holistic approach to digital accessibility that understands how to bring together various stakeholders and decisions makers from throughout the organization as accessibility champions is the best way to operationalize accessibility.

With former web developers and technologists on staff, Beckage is well-suited to help businesses from all sectors and industries navigate the uncertain legal landscape surrounding website accessibility. Through collaborating with in-house technologists, outside vendors, members of the disability community, and internal assistive technologies, Beckage attorneys work under privilege to conduct internal and remedial audits of client websites and mobile applications, evaluate platform compatibility, and oversee implementation of recommended remedial or accessibility-enhancement measures.  Our team can help you develop and implement a sustainable accessibility program that contemplates compliance with the WCAG guidelines and other current and future website accessibility standards and best practices.

Subscribe to our newsletter.

*Attorney Advertising. Prior results do not guarantee similar outcomes.

2020Looking Back on 2020’s Top Privacy and Cybersecurity Trends

Looking Back on 2020’s Top Privacy and Cybersecurity Trends

As 2020 comes to a close, Beckage looks back on the ways this difficult and unprecedented year impacted the data privacy and cybersecurity landscape both domestically and across the globe.

Enhanced Privacy Challenges and Concerns Due to Covid-19

In response to the COVID-19 pandemic, businesses around the globe made a major pivot to online or virtual operations early this year. An intentional focus on data protection and a solid understanding of the regulatory landscape is a legal requirement that demands the integration of data protection up front in any network design or business practice. The increase in exposure of company assets made it necessary to implement a variety of technical safeguards. Companies still had to meet the compliance milestones of the NY SHIELD Act and California’s Consumer Protection Act (CCPA) while dealing with new privacy challenges caused by a distributed workforce and a global health pandemic. Beckage reminds organizations of the importance of revisiting their readiness through business continuity, incident response, and more expansive administrative, technical, and physical safeguards when shifting to a work-from-home model and recommends continued assessment of your company’s privacy pitfalls in this ever-shifting legal landscape.

Increased Ransomware and Cyberattacks

With rapid changes in organizational operations caused by the COVID-19 pandemic, attackers became more sophisticated in their strategies and unleashed several unrelenting, simultaneous attacks on service providers and the organizations they serve in 2020. Victims of recent cyber attacks, such as the SolarWinds campaign carried out in December, include government agencies, healthcare providers, consulting agencies, and , technology, telecom, and oil and gas companies. In many of these campaigns, attackers were able to gain access and move freely throughout an organization’s server, installing additional software, creating new accounts, and accessing sensitive data and valuable resources while remaining largely undetected. In response to the uptick in data incidents this year, the Beckage Incident Response Team recommends organizations implement several preventative steps to safeguard their organization to help minimize legal risk.

Patient Access Rights and Interoperability

Recent developments in 2020 concerning patients’ right to access health information to implement interoperability and record access requirements intend to help patients obtain access to health records and payment data to make informed decisions about their healthcare. The CMS Proposed Rule and the OCR Proposed Rule represent a complete overhaul of well-established standards and an introduction of new and highly technical requirements with healthcare compliance. The experienced Health Law Team at Beckage can help to distill these lengthy and complicated rules so organizations can understand practical implications on daily operations.

Increased International Focus on Consumer Privacy

On the heels of EU’s General Data Protection Regulation (GDPR), many countries followed suit by establishing legal frameworks for governing how organizations collect, use, and store their citizens’ personal data. One example is Brazil’s Lei Geral de Proteção de Dados (LGPD), which went into effect in August of 2020. This general data protection law, which closely mimics the GDPR, places strict requirements on organizations that process Brazilian citizen’s personal data.

At the same time, Europe continued to elevate its enforcement of the GDPR, with major decisions from various member state Data Protection Authorities, the European Court of Justice (ECJ), and the European Data Protection Board (EDBP). The most impactful for businesses across the globe was the ECJ’s decision in Schrems II, which invalidated the EU-US Privacy Shield and called into question the long-term viability of the Standard Contractual Clauses (SCCs) to transfer data from the EU to the US. In 2021, companies should closely monitor the evolving guidance on international data transfers and be prepared to mitigate risk of global data transfers.

Beckage’s Global Data Privacy Team expects continued adoption of data protection regulations across many regions, and an emphasis on creating global security and privacy compliance programs in the year ahead.

Uptick in ADA Litigation

This past year, the Beckage Accessibility Team has witnessed a drastic increase in litigation under Title III of the Americans with Disabilities Act. On average, about eight new lawsuits are filed a day by disabled individuals alleging unequal access to goods and services provided on a company’s digital platforms. While the Department of Justice (DOJ) has consistently held that the ADA applies to websites and mobile apps, they have failed to clarify the precise requirements for a business to be deemed compliant. This has prompted a wave of litigation by plaintiffs’ who claim a website or mobile app’s incompatibility with assistive technology, like screen-reading software, has denied them full access to and equal enjoyment of the goods, services, and accommodations of the website, therefore violating the ADA. Most of these lawsuits are settled quickly out of court to avoid litigating in such uncertain legal terrain.

Beckage handles the defense of website accessibility lawsuits as well as assists companies in navigate pre and post-suit settlement agreements for this unique area of the law.  Beckage also works with clients under privilege to conduct internal and remedial audits of client websites and mobile applications, evaluate platform compatibility and oversee implementation of recommended remedial or accessibility-enhancement measures.

California Consumer Protection Act (CCPA)  

Enforcement of California’s comprehensive California Consumer Privacy Act (CCPA) began on July 1, 2020 and has brought a range of plaintiff related lawsuits under its private right of action provision expanding California breach laws. For a data breach to be actionable, the information accessed must be identified as personal information, as narrowly defined by California’s data breach notification law. Recently, in November 2020, the Consumer Right To Privacy Act (CRPA) ballot initiative was passed, creating additional privacy rights and obligations pertaining to sensitive personal information that will go into effect. CPRA also expands data breach liability created by the CCPA, adds a private right of action for unauthorized access that permits access to an account if the business failed to maintain reasonable security, and imposes data protection obligations directly on service providers, contractors, and third parties. Beckage urges businesses who operate in or serve California citizens to continue to follow CCPA developments and carefully monitor related litigation in the coming months.

Emerging Technologies

The recent expansion of the Illinois Biometric Information Privacy Act (BIPA) has resulted in numerous class actions suits against organizations alleged to have collected plaintiffs’ biometric data. With the expanding use of biometric equipment, these claims often allege defendants obtained plaintiffs’ biometric data without complying with the BIPA’s notification and consent requirements. Upcoming class suits may address the issue of BIPA having an extraterritorial effect when bringing claims against out of state vendors.

Similarly, computers that manipulate the media, known as deep fakes, advance the dangers of influenced perceptions. The advancements of deep fakes are giving rise to laws regarding defamation, trade libel, false light, violation of right of publicity, or intentional infliction of emotional distress. Sophisticated tech lawyers can assist in determining rights and technological solutions to mitigate harm. As former tech business owners, Beckage lawyers want to drive innovation with use of these new and emerging technologies while understanding standards and laws that may impact such development. Beckage recommends that companies proactively mitigate the risks associated with collecting biometric information and deep fakes to prevent legal repercussions and defamation. 

Key Takeaways

2020 proved to be an unpredictable year in more ways than one. The COVID-19 pandemic forced companies to rapidly adapt to new privacy and data security challenges caused by a distributed workforce, emerging technologies, and an increased focus on ecommerce with in-person shopping and events. As we move towards 2021 with no definitive end to the pandemic in sight, it is crucial for companies to prioritize data privacy and cybersecurity initiatives by consulting qualified legal tech experts who can help navigate the uncertainty next year will bring. Beckage attorneys can assist in creating, implementing, and evaluating robust data security and privacy infrastructures that will help put your business in a position to tackle all the challenges 2021 has in store.

*Attorney Advertising. Prior results do not guarantee similar outcomes.

Subscribe to our newsletter.

AccessibilityOnline Accessibility Act Seeks to Clarify Accessibility Guidelines for Private Businesses’ Digital Presence

Online Accessibility Act Seeks to Clarify Accessibility Guidelines for Private Businesses’ Digital Presence

The Beckage Accessibility Team is closely following bipartisan legislation introduced into the U.S. House of Representatives on October 2, 2020. The Online Accessibility Act, sponsored by Congressmen Lou Correa (D-CA) and Ted Budd (R-NC), would add language to the existing Americans with Disabilities Act (ADA) and provide much-needed clarity on the legal requirements for consumer-facing websites and mobile applications to be considered accessible to individuals with disabilities, particularly blind and visually-impaired persons.

If passed, this legislation would have clear benefits for both disabled individuals and online businesses that operate consumer websites, defined as “any website that is purposefully made accessible to the public for commercial purposes.” The Online Accessibility Act would limit the number of predatory lawsuits filed against business owners while helping them improve accessibility for their disabled customers.

Beckage continues to monitor the state and federal dockets daily and the number of lawsuits that are filed continue at record speed.  On average we see about eight new lawsuits a day. These website accessibility lawsuits are filed by plaintiffs alleging unequal access to services on companies’ digital platforms due to incompatibility with assistive technology, like screen-reading software. While the Department of Justice (DOJ) has consistently held that the ADA applies to websites and mobile apps, it has fallen short of clarifying the precise requirements, leaving businesses confused as to whether their digital platforms are compliant. As result, a very high number of these cases are settled out of court to avoid gambling with high litigation costs in such uncertain legal terrain.

“This bill solves the problem by providing guidance to businesses on how to bring their websites into compliance. If our bill is passed, job-creators will be able to avoid costly lawsuits and be given a roadmap for how to help their disabled customers access online content,” said Rep Budd in a statement about the Act.

“We are optimistic that this bill will provide some much-needed clarity in the ADA legal landscape,” says Beckage Accessibility Team Leader, Kara Hilburger. “It is so important to have universal standards for accessibility to level the playing field and help businesses best serve their customers while avoiding lawsuits.”

This legislation is coming at a crucial time given the rapid increase in online shopping due to the COVID-19 pandemic, as consumers choose to avoid brick-and-mortar stores in favor of e-commerce options. However, the future of the Online Accessibility Act is still uncertain given its introduction during a particularly polarized election season and an unpredictable political landscape hanging in the balance.

“Beckage continues to advise clients to be proactive when it comes to website accessibility,” Hilburger confirmed.  “There are many low-cost, high impact steps companies can take immediately, such as publishing an Accessibility Statement, that can place them in a legally defensible position while they work to implement accessibility by-design into their new online products and offerings.”   

Beckage remains hopeful that the Online Accessibility Act will gain traction and provide much needed relief for the business community.  Beckage works with businesses from all sectors and industries as they navigate the uncertain legal landscape surrounding website accessibility.  Through collaborating with in-house technologists, outside developers, members of the disability community, and internal assistive technologies, Beckage attorneys work under privilege to conduct internal and remedial audits of client websites and mobile applications, evaluate platform compatibility, and oversee implementation of recommended remedial or accessibility-enhancement measures.  Our team helps companies develop and implement a sustainable accessibility programs that contemplates compliance with the WCAG guidelines while monitoring the development of website accessibility standards and best practices that can protect your business.  

*Attorney Advertising. Prior results do not guarantee future outcomes.

Subscribe to our Newsletter.

1 2