Frank McClung

Website compliance strategies in the midst of a pandemic, social justice movement and economic recession

I didn’t stay in a Holiday Inn Express last night. I’m not a lawyer and this email doesn’t constitute legal advice. This is all about website strategy, baby.

At the lowest strategic level, website compliance is about covering you or your organization’s azz–also known as “risk management” in more educated circles.

And that is what the first sentence in this newsletter did for me, and what most organization website’s do with their copyright notices, privacy policies, disclaimers, etc. It’s strictly a way to keep lawsuits from falling on your head. This is an admirable pursuit. If you have ever been involved in a lawsuit of any kind outside of small claims court, you’ll quickly realize how unpleasant and costly they are regardless of whether or not the outcome is in your favor.

Many professional services have specific industry mandated notices that must be published on a website in order to maintain a professional license, comply with regulators, and ensure federal privacy law is upheld (think real estate, financial services, health care providers, etc.) Don’t comply? Lose your license, get slapped with a fine, and/or potentially go to jail. Not too hard to figure out you must comply with these rules if you want to stay in business.

But what about a strategy for all those gray areas where no entity is actively enforcing compliance?

Things like the American Disabilities Act Section 508 and WCAG compliance or a privacy policy or GDPR notices. You’ve got options!

If you see website compliance like a trip to the dentist for a teeth cleaning and just want to get the thing over, then you can:

  • Identify your nearest benchmark competitor’s website and use their copy as a baseline for your own. If you chose to do a straight cut and paste changing only company names, at least take the time to read it word for word as you may find something you don’t understand or don’t intend for your organization. This is CYA 101.
  • Next level would be to have an attorney that specializes in compliance issues review and tweak your copied copy. Or better yet, have them write all your copy—you will sleep easier at night and hefty invoice from your attorney in the mail.
  • You could also use a third party subscription service like this one ( that generates somewhat generic terms and conditions, cookie policies, privacy policy, etc. for you. Or this pricey but useful service for ADA compliance: These services are low maintenance, lower than an attorney cost, and makes you feel 80% confident in case of a lawsuit.

However, if you want to take website compliance past the letter of the law and move toward fulfilling the spirit of the thing and even compliance as a brand and marketing tool to connect with your people, then you should consider strategies like:

  • Use simple, direct language to communicate your policies. Remove the legalese and save that for your written client contracts, not your website.
  • If you do have to post industry specific legal notices and documentation, try to preface the notice with an introductory paragraph in your own words summarizing the highlights for your visitors. Eddie Bauer does a good job of this on their website here:
  • Align your policies with your business goals and branding. For example, if you are a B Corporation, you might highlight your certification in your policy and what that means to your client, community, employees, and environment. Patagonia does a great job of this. And you might also check out consultant David C. Baker’s disclaimer and privacy policy (, which reads just like you were speaking with him personally.
  • Complying with ADA and Section 508 can be a complex and expensive proposition depending on which path you take to do so for your site, if you are able to make this compliance investment, make sure that you highlight and incorporate that commitment as part of your site marketing.

Keeping a broader, long term perspective about website compliance will help your organization maximize its digital investment in accessibility, privacy, security and policy issues. Compliance is not about overcoming government/industry mandated roadblocks or checking legal boxes.

Website compliance is ultimately about people—protecting and informing them about their rights and your usage of their data. It’s about making opportunities and information available to everyone online regardless of their age or disability.



I help decision-makers understand and create better web strategies for their organization.

Contact me directly at

Know someone who might find this newsletter useful? Send them here to sign up:


Get the same insight sent to your inbox

Subscribe to my informative and sometimes enlightening newsletter: