I assume you have not read Directive 2016/2102 and/or EN 301 549, because your approach is nice and so very, very, very suable.
The issue is not accessibility itself. I'm all for making things simpler. The issue is that the EU framework combines broad principles, partial technical references, vague proportionality requirements, and evolving judicial interpretation. In practice, that means the exact compliance boundary is often only defined by a judge during litigation, and with the website operator funding the clarification process through lawyer and court fees.
That is precisely the kind of legal environment that creates serial-litigation ecosystems like the ADA lawsuit industry in the US.
With systems becoming increasingly more complex, testing all potential code paths increases effort exponentially. With content being user-generated, not necessarily system-generated, you now technically need an editorial watchdog position that greenlights every change (if only to prevent Sally from Sales to post a meme in copy without a proper alt text, or worse, an infographic, without a wall of text describing the infographic in great detail).
And for the attacker, they only need to find one case of violation - while you need to be correct 100% of the time.
The only two ways to migitate such issues are
1. do not offer the service in Europe at all and actively prevent EUians from acessing any part of them - which becomes increasingly attractive (disclaimer: I am an EUian, unfortunately),
2. implement defensive overcompliance far beyond practical usability requirements, or
3. accept ongoing legal uncertainty and budget for it accordingly.
Unfortunately, "just build reasonable software and trust common sense" is not a stable legal strategy anymore.
None of that legal complexity has anything to do with putting "aria-labels on absolutely everything."
> And for the attacker, they only need to find one case of violation - while you need to be correct 100% of the time.
I don't know how European regulators work but even in the litigious U.S., this is not true, at least not in the courts. However, for small businesses, which are more likely to be targeted by the trolls, the cost of proceeding far enough to get a suit dismissed is burdensome. And in the EU, I thought individuals couldn't bring cases to a judge, they have to complain to a regulatory body that can decide whether proceeding is warranted or not.
> implement defensive overcompliance far beyond practical usability requirements
This is like complaining about having fewer grams of rat turd in your flour than legally mandated; "Oh no, we made our product too good!"
In practice, building "reasonable software" has never included making it work for people with disabilities, despite WCAG and the web standards themselves existing for decades.
> And in the EU, I thought individuals couldn't bring cases to a judge, they have to complain to a regulatory body that can decide whether proceeding is warranted or not.
EU regulations get made into member state laws, and these vary massively in who can sue through what way.
In Germany, for example, a common enforcement vector is the "Abmahnung" under unfair competition law. In theory, if a regulation imposes costs on compliant businesses, competitors should not gain an advantage by ignoring it.
The problem is that this has historically created an ecosystem of professional cease-and-desist mills. A competitor (or an organisation acting on their behalf) identifies a violation, sends a lawyer's letter, demands reimbursement of legal costs, and requests a cease-and-desist declaration with contractual penalties for future violations.
Whether the underlying issue is accessibility, consumer protection, labeling requirements, privacy notices, or something else is almost secondary. Once compliance becomes sufficiently complex, the enforcement mechanism itself becomes a business model. The cynic in me can't help but notice that our parliaments are made up disproportionately by lawyers.
That is why many businesses are worried less about accessibility itself and more about legal uncertainty around accessibility requirements. The concern is not "making websites accessible is bad."
The concern is that compliance costs are barely predictable, while litigation risk arising from ambiguous compliance boundaries is not.
The issue is not accessibility itself. I'm all for making things simpler. The issue is that the EU framework combines broad principles, partial technical references, vague proportionality requirements, and evolving judicial interpretation. In practice, that means the exact compliance boundary is often only defined by a judge during litigation, and with the website operator funding the clarification process through lawyer and court fees.
That is precisely the kind of legal environment that creates serial-litigation ecosystems like the ADA lawsuit industry in the US.
With systems becoming increasingly more complex, testing all potential code paths increases effort exponentially. With content being user-generated, not necessarily system-generated, you now technically need an editorial watchdog position that greenlights every change (if only to prevent Sally from Sales to post a meme in copy without a proper alt text, or worse, an infographic, without a wall of text describing the infographic in great detail).
And for the attacker, they only need to find one case of violation - while you need to be correct 100% of the time.
The only two ways to migitate such issues are
1. do not offer the service in Europe at all and actively prevent EUians from acessing any part of them - which becomes increasingly attractive (disclaimer: I am an EUian, unfortunately),
2. implement defensive overcompliance far beyond practical usability requirements, or
3. accept ongoing legal uncertainty and budget for it accordingly.
Unfortunately, "just build reasonable software and trust common sense" is not a stable legal strategy anymore.