SC Shortname: Safety

SC Text

Do not automatically choose non-typical options that may disadvantage users without their approval, or add mechanisms that are likely to confuse users in a way that may do them harm.

 

Note that this does not include selling clearly-labeled and identified products known to be harmful, such as cigarettes.

Suggestion for Priority Level

Priority Level A

Related Glossary additions or changes

non-typical options: An option that is typicaly selected by less then 50% of users, in at least one focus group study

harm: Loss of or damage to a person's right, property, or physical or mental well-being. Where it is unclear if something is a damage we consider a test to be that over 80% of random people asked would consider it to be a damage as defined above.

 

What Principle and Guideline the SC falls within.

Principle 2: Operable.

Current:

Guideline 2.3 "Do not design content in a way that is known to cause seizures."

Proposed:

Guideline 2.3 "Do not create mechanisms that are known to potentially harm a user."

 

Description

This success criterion prevents people from:

  • tricking users in a way that specifically targets people with cognitive disabilities; and then
  • claiming they conform to specifications for accessibility and inclusion.

For example, some commerce sites automatically increment the number of items selected without warning the user. Most users will notice that they have ordered two bicycles, or that the price is double the anticipated price. However, someone with a disability, such as dementia or severe dyscalculia, may be unable to notice the change. Indeed, many of these scams are targeting people who have a cognitive disability, the aging, and new-Internet users.

Having been subject to these tricks, users lose confidence in their ability to perform tasks online. The cumulative effects of this type of behavior is that many users, who need access to commerce, will be the least likely to be able to use it.

This success criterion prevents people from tricking users in a way that specifically targets people with cognitive disabilities; and claiming they are conforming to specifications for accessibility and inclusion.

 

There are also other ways that people can add mechanisms that confuse the user and cause harm such as:
  • they accept a misleading option that could do them harm by exposing private information or, 
  • downloading software that have harmful effects that were not made clear to the user.
 Sites that include these bad practices should not be able to conform to WCAG. 

It is worth noting that a COGA task force member has downloaded malicious software during the booking process to a disability event.

 

Benefits

The benefit of this success criterion is that users can be safe online, and will be able to participate in the Internet community.

 

The need of this success criterion is more fully discussed at Online Safety Issue Paper and user needs table 1: Authentication and Safety.

Testability

Procedure

  1. Are there any automatic choices or decisions made for the user, such as options being selections?
  2. If the answer to step 1 is yes, confirm that they cannot harm users, or the relevent techniques listed in the sufficient techniques section are used to protect users.
  3. Check if other failure techniques occur on the page.

Pass Outcomes

  1. No to steps one and three; or
  2. YES to step one and YES to step two, and NO to step three.

 

Techniques

  • Avoiding automatic changes or selections that can result in unwanted financial charges or subscriptions.

  • Marking advertisements and paid articles to indicate it is third-party content not generated by the web site

  • Notifying the user before leaving the site or task where it may cause unwanted consequences.  Note, an example for a health care site, when looking for one drug, and an advertisement takes the user to a different drug.

  • Indicating when a site contains or offers sexual content, or is intended for chats of a sexual nature

  • Setting up bill payments that are easy to understand (like set up recurring payments vs. one-time payments - don’t hide the options and don’t reset the options if you get an additional account - show similar payment options to what they have on other accounts and ask the user if that’s OK).
  • Making it as easy to unsubscribe for something as it was to subscribe. (Mmany subscriptions are very difficult to stop - they require a telephone call, contact information is well hidden, etc.)
Failures
  • Failure of Success Criterion 2.3.x (@@ change ‘x’ to the SC number once known) for adding automatically-incrementing numbers of selected items without warning
  • Failure of Success Criterion 2.3.x (@@ change ‘x’ to the SC number once known) for not clearly identifying sexually explicit content on a web site
  • Failure of Success Criterion 2.3.x (@@ change ‘x’ to the SC number once known) for not explaining potential scams that could be accessed using third party content appearing on the web site Adding automatically-incrementing numbers of selected items without warning users.
  • Failure of Success Criterion 2.3.x for showing products of other brands not asked for
  • Failure of Success Criterion 2.3.x for having an obtuse payments plan
  • Failure of Success Criterion 2.3.x for having a multi step unsubscribe

working groups notes (optional)