In recent years, with the arrival of GDPR first and the European Accessibility Act shortly after, a market of vendors has exploded promising to solve everything in one go: Privacy, legal documents, accessibility. One subscription, one widget, one plugin, and you're compliant.
If you're evaluating one of these services - or worse, if you've already adopted them - this article is for you.
The problem: compliance is not a boxed product
The message from these vendors is reassuring. The result, more often than not, is not.
Compliance is not a product you install. It's a process. It requires analysis, deliberate design, periodic reviews, and - above all - the awareness that every website is different from the next. Anyone selling you the definitive solution with one click is almost certainly selling you the illusion of compliance, not compliance itself.
A doctor who prescribes the same treatment to every patient without examining them is not a doctor. They're a public danger.
Do you know what that widget is really doing on your site?
Let's start with accessibility, which is where these "all-in-one" promises become most dangerous. Since 28 June 2025, the European Accessibility Act has been fully in force, transposed into Italian law through Legislative Decree 82/2022. Websites offering services to consumers must comply with WCAG 2.1/2.2 Level AA standards.
Dozens of vendors immediately appeared on the market with the most convenient solution: an accessibility overlay, a third-party JavaScript widget. One line of code on your site, and the problem - according to them - is solved.
It is not solved. It is hidden. And hiding it exposes you to a double risk.
The widget can track people with disabilities. And it's illegal.
The AgID Guidelines on the accessibility of services, adopted in March 2026, contain a passage that few have read - and that changes everything. In chapter 5.1, concerning the obligations of service providers, it states:
«In order to reduce the risks to the rights and freedoms of disabled individuals who use - including through the use of specific assistive technologies - the services made available by providers, the latter must adopt appropriate measures to prevent the tracking, whether through their own systems or through third-party systems, of the tools and solutions, both hardware and software, as well as the usage settings that help people with disabilities access digital information and services. This refers in particular to web tracking techniques, such as cookies and browser fingerprinting, which are used to collect data relating to system settings and configurations and which, specifically, could contain information from which a disability status of the user may be inferred.
To this end, service providers must declare, among the mandatory information referred to in Article 12, paragraph 2 of the decree, that they do not use web tracking techniques from which any disability condition of the user may be inferred.»
It is worth emphasising that these guidelines are not a local measure of limited scope. Italy is today among the first countries in Europe to have transposed and operationally detailed the European Accessibility Act with such specific provisions on the subject of tracking. It is reasonable to expect that this approach will become a reference point for other Member States as they implement the directive: those who align with Italian standards today are already positioning themselves ahead of the European regulatory curve.
Practical translation: if the widget you have installed detects that one of your users is using a screen reader, a magnifier, or high contrast mode - and sends that data to external servers - you are tracking their disability without consent. This is not a technical detail. It is a violation of GDPR Article 9, which treats this data as a special category of personal data relating to health.
As Roberto Scano documents on Webaccessibile.org, one of the leading experts in accessibility, the vast majority of overlays:
- install third-party scripts that actively detect assistive technologies
- send data to the provider's servers, often outside the EU
- use cookies or fingerprinting to store accessibility preferences
- can infer - and transmit - sensitive information about the user's disability
You thought you were protecting your users. You were surveilling their disabilities.
The widget doesn't even work technically
The problem is not only legal. It is also practical, and on this point the international community of accessibility experts is unanimous. The Overlay Fact Sheet - signed by contributors to the WCAG, ARIA and HTML specifications, and by professionals from Google, Microsoft, Apple, BBC, Shopify and dozens of other companies - states clearly:
«No overlay product on the market can cause a website to become fully compliant with any existing accessibility standard and therefore cannot eliminate legal risk.»
No overlay. None, without exception.
Why? Because someone using a screen reader already has their screen reader on their device. The widget adds nothing - at best it is redundant, at worst it interferes. Automatic management of form labels, keyboard navigation, text alternatives for images, dynamic JavaScript components: none of this can be reliably fixed from the outside.
Users with disabilities know this very well. Many have started actively blocking these overlays, because they make websites even harder to use.
An overlay that simulates accessibility instead of building it treats the symptom, not the disease.
The solution: accessibility is designed, not installed
There is no shortcut. But there is the right path, and it is more accessible than you might think - in the most literal sense of the word.
Start with an honest assessment
Before any intervention, you need to know where your site stands today. You don't need to pay anyone to find out: there are free tools, accurate and used by industry professionals.
WAVE (Web Accessibility Evaluation Tool) is an extension for Chrome and Firefox that analyses any web page in real time, directly in the browser. It displays structural errors overlaid on the page itself - missing labels, contrast issues, incorrect navigation order, elements without alternative text - making it immediately clear where and why something isn't working. It is the ideal starting point for anyone who wants a quick, readable picture of their situation.
Accessibility Insights for Web is an extension developed by Microsoft, also available for Chrome and Edge. Compared to WAVE, it offers a more guided and methodical approach: the FastPass feature runs an automated check of the most common issues in a matter of seconds, while the Assessment mode walks you step by step through a structured checklist to evaluate full compliance with WCAG 2.1 Level AA. It is particularly useful when you want not only to identify problems, but to document and track the remediation process.
Using them together means having both an immediate view of the most obvious errors and a systematic map of everything that still needs to be verified.
Fix the code, not the surface
Making a website accessible means working on the semantic structure of the HTML, on the contrast between text and background, on form labels, on keyboard navigability, on alternative text for images. It means your theme, your template, your pages need to be built well - not painted over with a layer of external JavaScript.
Accessibility is not a coat you put over a crumbling building. It is the soundness of the building itself.
Our guide European Accessibility Act: what really changes for your website? walks you through it step by step: what applies to your site, what the concrete requirements are, how to approach them without panic - and without relying on magic solutions.
A final word on "all-in-one" vendors
If a vendor offers you Privacy, legal support and accessibility in a single affordable subscription, the right question is not "how much does it cost?" but "what's actually inside?".
Privacy requires a certified Consent Management Platform, correctly configured and integrated with the tracking tools present on your site. It is not an automatically generated PDF document.
Accessibility requires intervention on the site's code, verified with real tools. It is not an overlay that tracks your users' disabilities.
At My Agile Privacy® we focus on what we do well: consent management, Privacy compliance, integration with Google Consent Mode, IAB TCF 2.3, Microsoft Consent Mode. We do it with verifiable certifications and full transparency about our product.
For accessibility, our advice is simple and concrete:
- Read our guide on the European Accessibility Act to understand what actually applies to your site
- Run an assessment with free tools like WAVE and Accessibility Insights for Web
- Make changes to the site's code, not on top of it
The market is full of vendors selling illusions instead of solutions. Be wary of anyone promising compliance with a single line of code.
You could end up paying to remain non-compliant.
Sources:
Daniele Bianco
CEO - CTO My Agile Privacy®
