train tracks crossing warning - barrier, light, hazard sign
PHOTO: Wolfgang Rottmann

As someone who lives in a football-loving household, I often hear one of Vince Lombardi’s favorite quotes: “Perfection is not attainable, but if we chase perfection we can catch excellence.” While I can’t claim to be a football fan, I am a fan of the quote which appropriately describes the digital world we live in today. I have yet to see a perfect website, social media account or mobile application. The reality is most organizations struggle with even the basic aspects of online integrity, including accessibility, privacy, consistent branding and removing outdated content.

What’s Holding Most Organizations Back?

Every organization thinks it is unique in what prevents it from achieving digital excellence. In reality, the issues are common and can be addressed by developing digital policies, or guardrails for maintaining digital integrity. Let’s take a look at some real world examples of what that can look like and what you can learn from others in order to inch closer to a point of excellence.

1. Missing or Unattended Digital Privacy Statement

In a world where privacy is daily news and the rollback can translate into fines, lawsuits or brand degradation, organizations would be smart to develop, regularly review and update their website privacy statements. The statement should also be written with audience-level readability in mind. 

For example, when users see a “current as of date” that is over two year old, it leads them to question whether anyone is paying attention. This is the case with Angie’s List, which indicates the privacy policy to be current (version 1.0) and effective as of April 7, 2017.

Angie's List Privacy Policy

To step into the realm of excellence, I advise you develop a privacy policy checklist, which could reflect the following:

  • Do we have a privacy statement on each of our digital properties, such as websites, mobile applications, portals and any other channel that we own and operate?
  • Do we consistently display the same privacy statement on all webpages of a site, using a content management system or other method to ensure consistency and accuracy?
  • Are the statements consistent where they need to be, such as our organization’s primary website and a portal website that users access for information on products or a service?
  • Have there been any changes in the privacy laws, regulations or industry norms for those countries, states or regions where we market and sell our service/products?
  • Does the privacy statement accurately reflect our current practices?
  • Is the privacy statement written to our audience reading level and have we used the Flesch-Kincaid readability scale to test it?
  • Is the statement translated and localized appropriately for our markets? If we operate in different countries, have local resources validated that the policy statement is accurate and appropriate?
  • Do we have a way to inform users when we make changes to our privacy statement, either via email (if they opted to be notified) or some other way?

Related Article: Not Facebook? You're Still Not Off the Hook With Regulators

2. Inaccessible Digital Content

According to UsableNet, in 2019 the rate of Americans with Disabilities Act (ADA) web-related lawsuits reached a rate of one lawsuits for every working hour. That translates to about eight lawsuits a day, 40 lawsuits a week and over 2,000 a year. And these statistics are for the US alone.

No industry is exempt from accessibility requirements, but there have been more lawsuits recently in higher education arena. You may have seen Harvard University in the news for its struggle with attaining and maintaining digital accessibility, as the institution has faced multiple lawsuits and student complaints on issues ranging from lack of close captioning, inaccurate captions for public facing content and more.harvard crimson

While potential digital accessibility lawsuits may provide an incentive to change, there is more than risk to this equation. By making your organization’s digital channels accessible to everyone, you could reach a larger audience. Sixty-one million adults in the US live with some type of disability (e.g., visual, hearing, motor, etc.), yet they have spending power which directly translates into opportunity for your organization. In that spirit, I urge you to consider an accessibility policy for your digital channels. Your checklist should be based on questions including the following:

  • How do we define digital accessibility for our organization? Do we harmonize with WCAG 2.1 which is the most comprehensive and universal technical standard for online accessibility?
  • What laws/regulations impact our digital accessibility practices and have we tailored them based on country/region where we operate? Will be only meet minimum requirements or do we want to go above requirements in order to meet our user’s needs?
  • Have we considered and adopted common accessibility practices such as alternative text (alt text) for images,  text resizing, keyboard navigation, page titles, flashing and blinking, video and audio content subtitling, and color contrast?
  • If there are accessibility exceptions for any reason, are they documented?
  • How will we address digital accessibility retroactively for those properties and channels that are not currently accessible?

Related Article: Why 'Accessibility' Isn't an Ugly Word

3. Unclear Personal Use of Social Media Policy

As a digital policy consultant, I see two big issues which are more common than you would expect. The first is when organizations fail to define a social media policy. If you are aiming for digital excellence, you need to prepare your employees to achieve it. In other words, you need to tell them what you expect. The second is when organizations document a social media policy and include statements such as “use common sense” or “bring your best self to social media” without any further explanation.

As smart and well-intentioned as employees might be, they don’t know what they don’t know and it is an organization’s job to tell them. Consider the example of an Amgen employee, who with the best intentions posted an organization’s official press release on LinkedIn. At first glance, this wouldn’t seem like a big deal, but in posting the press release the employee violated Danish law by sharing and liking a US press release about a medicine. The employee could have faced up to four months in jail and the drug maker might have been liable for a penalty.

Amgen social media policy fail, employee violates law by posting on LinkedIn

To keep your organization and staff aligned on digital integrity, I advise you review your employee handbook’s code of conduct and extend it to include social media behavior. Alternatively, you can develop a stance on personal use of social media and document it as a separate policy. My preference is for the latter, as intended behavior has proven to be more adopted and practiced if relayed as a policy than a note in an employee handbook that is looked at during onboard and rarely thereafter. 

Here is what you should consider for a sound social media policy:

  • What do we stand to gain (such as viral amplification of our content, or a reputation as a great place to work) over what are the risks (bad PR from employee missteps, legal and/or regulatory repercussions, etc.)?
  • What do the laws/regulations in countries where our employees operate state with regard to personal social media use and organizational protections and obligations (if any)?
  • If we choose to encourage employee use of social media, what should that look like?
  • What about content employees post on their personal channels that’s not directly related to our organization but could make us look bad by association — photos of illegal/dangerous activity, discriminatory or harassing remarks, etc.?
  • How will we monitor employee use of social media? Will we require employees to provide us with a list of their social media channels and IDs?

Related Article: 5 Components of a Social Media Policy in a Regulated Industry

4. Ignoring Copyrights

Copyright violation is always illegal, but it can be difficult to prove an offender’s guilt without copyright registration. It’s usually unnecessary to submit your content in the Library of Congress: By simply placing a copyright notice on the content developed by the organization, you establish a public record of ownership. Should your content be copied by another organization or used somehow, you will have a stronger legal basis for a lawsuit. That’s why it is still surprising when I encounter organizations like Shopify, that have not claimed public ownership to their website and content by including a copyright statement in the footer of each webpage.

lack of copyright symbol on bottom of website spells trouble ahead

Protect your organization’s intellectual property and reassure consumers you respect the intellectual property rights of others by creating a checklist that addresses:

  • What is our need for formally filing for copyright on our digital properties? Is it enough to simply place a copyright on our website or mobile app? What about the artifacts which we create for social media?
  • How will we handle copyright issues for user-generated content?
  • How will we identify infringements of our copyrighted material and how aggressively do we want to enforce our rights?
  • Who will be responsible for updating our copyright statement each year with the most recent calendar year? Can we automate that process  using our content management system or a code snippet (for mobile applications)?
  • How will we ensure that all digital workers understand that copyright protections apply to all online content, even user-generated content on social sites like Pinterest, Google, Instagram, etc.?
  • Will we amend vendor contracts to specify that vendors are responsible for all copyright issues regarding any content they provide?

Related Article: Digital Policy Action Plan: Investment – 5 Days. Value – Priceless

5. Proper Use and Disclosure of Cookies and Tracking Devices

We all know and think of cookies and tracking devices — e.g., hidden pixels in email — as a handy way to collect personal data and track users’ online behavior. Not all countries require cookie and tracking disclosures, but many have regulations requiring cookies notification including why and what data is collected and which notifications and consents must be obtained from the user prior to collecting that data.

Many websites, like CNN, have continued to rely on implied consent to set cookies, by using a cookie notice which states that “by continuing to browse the site” the website visitor consents to the use of cookies. Not only is this a violation of regulations such as the EU's General Data Protection Regulation (GDPR), but it is increasingly considered a poor user trust practice as it does not allow the website visitor to actively make cookie-related choices.

CNN Use of Cookies policy ignores GDPR requirements

In the interest of building trust with your users, develop a sound cookie policy and practice, based on considerations such as:

  • Are we gathering information we don’t use, just because we can? If so, should we stop collecting it, and should we delete what we already have?
  • Are there any third parties who have access to this data? If so, what do they do with it? Is it secure?
  • Are we tracking any online behaviors that could be harmful if they were revealed? If so, why?
  • Do we periodically purge old tracking data? Should we?
  • Are our decisions about tracking users aligned with our values? Do our values require us to give users a choice to opt out? Could not giving them that option negatively affect our brand’s reputation?
  • Are there any laws or regulations that require us to give customers the choice to opt out?  Do we make it easy to opt out, or do we force users to deselect 100 checkboxes, nested three levels deep?

Onward to Excellence

Digital perfection is a noble goal, so listen to the famous words of Vince Lombardi. Strive for perfection with these five policies and look forward to achieving excellence in your digital products.