CVAA – Recordkeeping

As part of the requirements of Section 104 – Access to internet-based services and equipment of the CVAA introduced record keeping obligations that apply to products and services subject to Section 255, 716 and 718 of the Communications Act. Broadly they require that organizations that are covered under Section 255, 716 and 718 of the Communications Act must create and maintain records of the efforts taken to implement conformance with the relevant sections of the Act. The records must be maintained for at least two years after a product ceases to be manufactured or offered on the market in any fashion. While the records themselves are not made public organizations must file an annual certification with the FCC stating that the records are being kept and be prepared to produce the records in response to any complaints filed with the FCC.The regulations governing the record keeping, 47 CFR 14.31, provide a significant amount of latitude in terms of the exact format of the records the entity must maintain. In fact the FCC explicitly does not “mandate any one form for keeping records (i.e., we adopt a flexible approach to recordkeeping).” While the recordkeeping and enforcement procedures for entities are uniform covered entities are not required to maintain records in a specific format. This provides for flexibility on a per-organization basis to provide for difference in size, experience, level of accessibility knowledge and a myriad of different factors that come into play in determining accessibility.The regulations do define three specific types of records must be kept as part of the overall record keeping activity:

  1. Information about the manufacturer’s or service provider’s efforts to consult with individuals with disabilities;
  2. Descriptions of the accessibility features of its products and services; and
  3. Information about the compatibility of its products and services with peripheral devices or specialized customer premise equipment commonly used by individuals with disabilities to achieve access.

The regulatory wording and that provided in the report and order make it unclear if record keeping is explicitly limited to these three specific types (FCC 11-151 ¶60) or if the record merely must contain these three types or records. SSB expects that the latter is far more likely as the intent of the Act and the resultant regulations cover myriad issues outside of the scope of the records defined above. A narrow reading would seem to undermine the intent of the Act and regulations which ultimately require efforts to conform to a broader set of requirements than the three outlined above. Further, the FCC notes that it expects “that entities will establish and sustain effective internal procedures for creating and maintaining records that demonstrate compliance efforts and allow for prompt response to complaints and inquiries.” This implies a scope of all activities focused on compliance with the Act – not a subset limited to specific types of records. As such, SSB has reasoned that the areas defined above do not define the full scope of records and merely define a set of things that must be included within the records. The records as a whole must demonstrate the efforts to conform to all relevant portions of the Act.


Non-Achievability Documentation

The Act only requires that products be made accessible if doing so is “achievable.” When covered entities do not make their products or services accessible, and claim as a defense that it is not achievable for them to do so, they bear the burden of proof on this defense. While entities are not technically required to keep records to this end they should note that they bear the burden of proof for justifying such claims. If a complaint was to arise, and a claim of “not achievable” was to be made, the FCC would require that an organization provide records demonstrating:

  • The nature and cost of the steps needed to make equipment and services accessible in the design, development, testing, and deployment process to make a piece of equipment or software in the case of a manufacturer, or service in the case of a service provider, usable by individuals with disabilities;
  • The technical and economic impact on the operation of the manufacturer or provider and on the operation of the specific equipment or service in question, including on the development and deployment of new communications technologies;
  • The type of operations of the manufacturer or service provider; and,
  • The extent to which the service provider or manufacturer in question offers accessible services or equipment containing varying degrees of functionality and features, and offered at differing price points. (FCC 11-151 ¶221)

While records may not be explicitly required for products where a determination of non-achievability is made, if a complaint arises, documentation is then required after the fact to show the due diligence of how the determination was made. In practice, SSB reads this as implicitly requiring organizations to maintain records about determinations of non-achievability based on the criteria defined above.


Third Party Solutions Documentation

As with the requirements for Non-Achievability Documentation manufacturers and services providers electing to provide accessibility via third-party solutions must be prepared to produce relevant documentation showing that these solutions meet the requirements of the Act.( FCC 11-151 ¶222) A reasonable interpretation of this requirement is to ensure that the covered products and services both (i) meet the accessibility, usability and compatibility requirements of the Act when used in conjunction with the third-party solution and (ii) that the manufacturer meets the direct requirements for CVAA – Third Party Solutions.


Certification

An officer of each manufacturer or service provider subject to the record keeping requirements must submit a certification of conformance annually to the FCC. The certificate must state that the manufacturer or service provider has established operating procedures that are adequate to ensure compliance with the recordkeeping rules and that records are, in fact, being kept in accordance with the rules. The certification is supported by “an affidavit or declaration under penalty of perjury, signed and dated by the authorized officer of the company with personal knowledge of the representations provided in the company’s certification.” As part of the certification, the company must identify the name and contact details of a person or people authorized to resolve complaints and alleged violations of under the relevant sections of the Act.

This certification must be filed with the Commission on or before April 1st, 2013 and updated annually thereafter for the previous calendar year . The certificate also needs to be updated when necessary to ensure that the contact information on it remains current.

While the records of conformance kept by the manufacturer are not public records upon the service of a complaint – either formal or informal – the FCC may request that the manufacturer produce the records. The manufacturer may request that some or all of these records be treated confidentially by following the current policies in place with the FCC.


Recordkeeping Repository

SSB recommends that organizations maintain a central repository of the product records that are maintained for each product or service that is covered under the CVAA. This central repository should be maintained by a single group – generally compliance – that has the authority to require and compel products to submit the relevant paperwork.

For many organizations SSB works with, a strong, central authority that governs accessibility is a materially different governance model than that currently used for accessibility. Most organizations have a governance model that requires each product to maintain their own records for accessibility. A central accessibility office plays a coordinating and supporting role across the organization, but has no authority to compel product groups to produce documentation. Such a model has generally been developed under and aligns well with accessibility procurement laws such as Section 508. Section 508, however, has no enforcement mechanism, as it relates to manufacturers and is simply a procurement law. In the case of Section 508, the only potential risk to organizations is that a lack of accessibility will cause the products they offer to be viewed as less competitive in a bid and be scored accordingly. Given the many disparate approaches to Section 508 compliance throughout the US Federal government, however, it is decidedly not the case that a product that is inaccessible will not be able to access the public sector market. A lack of accessibility at most means that specific, key Federal accounts may be more difficult to access. Such a profile means that the risk of non-compliance under Section 508 is generally low and that governance models devoted to addressing issues are accordingly loose.

This is decidedly not the case with the CVAA. The CVAA regulations are enforced by the FCC and can cause organizations to see damages up to $100,000 a day and $1,000,000 dollars in total for each complaint. Further, covered organizations are required to file a certification with the FCC that records of the organization’s efforts to conform to the requirements “are being kept in accordance with this section.” The certification is “supported with an affidavit or declaration under penalty of perjury, signed and dated by the authorized officer of the company with personal knowledge of the representations provided in the company’s certification, verifying the truth and accuracy of the information therein.” This certification provides a clear connotation that records are being actively kept and required rather than passively produced, as products deem appropriate. By not centralizing the authority, an organization runs the material risk that a product will not develop or maintain the relevant records. In that event, should a complaint occur, the organization would find itself in the uncomfortable position of having certified to the FCC that records are being kept when, in fact, no such records exist. A basic governance model requiring that these records be filed centrally with a group under the authority of the certifying party would seem to meet the requirements of the FCC and ensure conformance to the process. Such a governance model is in line with the intent of the FCC in developing the record keeping requirements of the Act.

Given this, SSB recommends clients pursue strong conformance with the requirements and develop a central recordkeeping repository. This repository would hold all the records required for product groups and effectively meet the requirements contemplated by the FCC under 47 CFR 14.31 (a) and (b). While organizations can develop such a repository, SSB recommends organizations use AMP or a similar electronic system to gather and store the records, as this materially lessens the cost and complexity of maintaining and implementing the system while drastically increasing conformance.

Put yourself on the path to complete accessibility!

Just fill out the form below and we’ll contact you to set up your free consultation with an expert specializing in your industry.

If you need more immediate assistance, please send an email to info@ssbbartgroup.com or call (800) 889-9659. We look forward to helping you!