- From: EA Draffan <ead@ecs.soton.ac.uk>
- Date: Fri, 21 Oct 2016 09:18:26 +0000
- To: "lisa.seeman" <lisa.seeman@zoho.com>
- CC: public-cognitive-a11y-tf <public-cognitive-a11y-tf@w3.org>
I am just wondering how one can cope with the issue of a site being hacked, such as an event booking and the malicious software is downloaded? This may be out of scope but testability is an issue as I am not sure this would show up unless one tested the download? I agree with the concept that this success criteria should not just cover seizures. Best wishes E.A. Sent from my mobile phone On 21 Oct 2016, at 08:39, lisa.seeman <lisa.seeman@zoho.com<mailto:lisa.seeman@zoho.com>> wrote: As per yesterdays call there have been some small changes to the safety success cryteria The changes are in bold with an + sign Please respond with any objections over the next 48 hours or we will assume it is approved -------------------- SC Text Do not automatically choose +non-typical+ options that may disadvantage users without their approval, or add mechanisms that are likely to confuse users in a way that may do them harm. Note that this does not include selling products known to be harmful. Suggestion for Priority Level Priority Level A Related Glossary additions or changes non-typical options: An option that is typicaly selected by less then 50% of users, in at least one focus group study +harm: Loss of or damage to a person's right, property, or physical or mental well-being. Where it is unclear if something is a damage we consider a test to be that over 80% of random people asked would consider it to be a damage as defined above. + What Principle and Guideline the SC falls within. Principle 2: Operable. Current: Guideline 2.3 "Do not design content in a way that is known to cause seizures." Proposed: Guideline 2.3 "Do not create mechanisms that are known to potentially harm the user." Exclusion: Mechanisms known to potentially harm do not include selling products known to be harmful. Description This success criterion prevents people from tricking users in a way that specifically targets people with cognitive disabilities; and claiming they are conforming to specifications for accessibility and inclusion. For example, some eCommerce sites automatically increment the number of items a user selects without warning the user. For example, most users will notice that they have ordered two bikes, and that the final price is double the anticipated price. However someone with a disability, such as dementia or severe dyscalculia, is often unable to notice such a change. Having been subject to these tricks, users lose confidence in their ability to perform tasks online. The cumulative effect of this type of behavior is that many users, who need access to eCommerce, will be the least likely to be able to use it. There are also other ways that people can add mechanisms that confuse the user and cause harm such as: * they accept a misleading option that could do them harm by exposing private information or, * downloading software that have harmful effects that were not made clear to the user. Sites that include these bad practices should not be able to conform to WCAG. It is worth noting that a COGA task force member has downloaded malicious software during the booking process to a disability event. All the best Lisa Seeman LinkedIn<http://il.linkedin.com/in/lisaseeman/>, Twitter<https://twitter.com/SeemanLisa>
Received on Friday, 21 October 2016 09:18:56 UTC