IDR Field Protocol · 2026 Edition

Your site is
being scanned
every day.

Automated legal systems are crawling thousands of e-commerce stores every day — reading source code, flagging violations, and building claim queues. Most merchants won't know until a demand letter arrives. This protocol was built from the federal cases that established what happens next.

Built from publicly documented federal cases, enforcement actions, and litigation patterns.

5,000+ Federal filings / year
Majority Target e-commerce & SMBs
$5K – $25K Typical settlement range
Far more Demand letters than filed cases
Activate IDR Shield — $97 See what's included

Immediate PDF access  ·  Includes 30 days of IDR Pro access

The Judicial Record

The cases that built this protocol.

These are not hypothetical scenarios. These are documented federal cases. They are publicly available. They establish three legal realities that govern your business today — and they are the foundation upon which every principle in this protocol is built.

Case Zero

Robles v. Domino's Pizza, LLC

913 F.3d 898 · 9th Circuit · Supreme Court Denied Certiorari October 7, 2019

A blind man could not order a pizza through Domino's website or app using screen-reading software. Domino's fought all the way to the Supreme Court. The Supreme Court refused to intervene — leaving the Ninth Circuit's ruling in place: the ADA applies to websites and mobile apps that extend a physical business.

When the Supreme Court declined to intervene, the practical signal was clear: website accessibility claims were now firmly in play. This case helped shape the legal environment e-commerce businesses operate in today.

Landmark · Certiorari Denied
Case I

Haynes v. Dunkin' Donuts LLC

No. 18-10373 · 11th Circuit Court of Appeals · July 31, 2018

Dennis Haynes could not access the Dunkin' Donuts website using screen-reading software to find store locations or purchase gift cards. The Eleventh Circuit reversed dismissal, holding the ADA applies to intangible barriers — not just physical ones. A website facilitating access to a physical business is covered.

Your website is legally an extension of your business. The ADA does not care whether the barrier is a broken step or a broken label in your source code.

Landmark · Reversed Dismissal
Case II

Murphy v. Eyebobs LLC

No. 1:21-cv-00017 · W.D. Pa. · Settled October 2021

Anthony Murphy sued the online eyewear retailer Eyebobs — despite the company having installed an accessibility overlay widget. Judge Lanzillo refused to dismiss. The settlement required removal of the overlay, full WCAG 2.1 source code remediation, a dedicated accessibility team, annual audits, and five years of compliance monitoring. In April 2025, the FTC separately fined the overlay vendor $1 million for making false compliance claims.

Federal courts and regulators have made clear that overlays alone are not a substitute for underlying remediation. The Eyebobs case established this judicially in 2021. A subsequent FTC enforcement action against a major overlay provider reinforced it regulatorily in 2025.

Settled · Widget Rejected
Case III

Diaz v. The Kroger Co.

No. 18-cv-7953 · S.D.N.Y. · Dismissed 2019

Kroger was sued for website accessibility violations. Kroger submitted a detailed affidavit documenting that it had begun WCAG compliance before the lawsuit was filed, had personally confirmed all identified barriers were fixed, and committed to ongoing monitoring. The Southern District of New York dismissed the case. The judge cited the affidavit as the deciding factor — not the perfection of the site, but the documented process behind it.

The court did not require perfection. It required proof of process. Documented effort, ongoing commitment, and structured evidence changed the outcome entirely. This is the blueprint.

Dismissed · Documentation Prevailed

Three legal realities established by these cases

Your website is covered by the ADA.

Multiple circuits have confirmed this.

·

Widgets are not a defense.

Courts and the FTC have confirmed this.

·

Documented process can materially improve posture.

Kroger illustrates why.

The Mechanism

You are not being
targeted.
You are being processed.

A modern plaintiff firm does not operate like a law practice. It operates like a data company. Automated scanners read your source code — not your site visually — and generate structured legal reports before a human ever reviews your case. Your brand does not matter. Your revenue does not matter. Your code either matches a vulnerable pattern or it does not.

Accessibility litigation has become increasingly repeatable, data-driven, and concentrated among a small number of plaintiff firms. For e-commerce merchants, that shifts the risk from theoretical to operational — and the code pattern that makes you a target has nothing to do with your brand.

— Based on public federal dockets, EcomBack annual reports, UsableNet lawsuit tracker, and Boston 25 News investigation

01
Automated Scan

A headless browser reads your site's Document Object Model — the source code layer — against WCAG criteria. This takes under 60 seconds. It does not see your design. It reads your structure.

02
Violation Logged

Each failure is recorded with the page URL, the specific element, the exact failure type, and a timestamp. This creates a structured, reproducible legal report — before you know any of it happened.

03
Claim Queue

Your domain enters a claim queue. Some stores are filed within days. Others sit for weeks or months. The queue is prioritized by resistance level — how hard this store is likely to fight.

04
Demand Letter

You receive a letter — usually from a law firm you have never heard of — demanding between $5,000 and $25,000. Defense costs more than settling. Most merchants pay.

The False Solution

The widget signals
that you know about
the problem.

It does not fix it. A widget sits on top of your source code without changing it. The automated scanner does not read the widget. It reads the code underneath — the same code that was broken before you installed the overlay. Installing a widget can make things worse: it tells an automated scanner and a reviewing attorney that you were aware of the issue and chose a shortcut over remediation.

A meaningful share of accessibility lawsuits have involved sites that already displayed accessibility overlays. The overlay did not resolve the underlying source-code barriers, and in some cases its presence reinforced the appearance of incomplete remediation.

"Defendant installed a low-cost overlay on the Digital Platform developed by a company called accessiBe. accessiBe claims this overlay can automatically bring a website into compliance with the ADA by resolving the website's underlying accessibility issues. Unfortunately, the overlay fails to provide screen reader users, including Murphy, full and equal access to the Digital Platform."

Murphy v. Eyebobs LLC · Filed January 2021 · Western District of Pennsylvania

FTC Enforcement Action · 2025

In 2025, the Federal Trade Commission announced an enforcement action against a major overlay provider over misleading accessibility compliance claims — signaling increased regulatory scrutiny of automated compliance marketing. The action reinforced what the courts had already established: an overlay is not a substitute for remediation.

The IDR System

Most tools make your site
look accessible.

This system makes it defensible.

Four connected layers. Each one serves a specific legal and technical function. Together they build the kind of structured, documented compliance posture that changed the outcome in a federal courtroom.

This is not about perfection. It is about building a defensible record — and that is achievable.

01
SCAN

IDR Scan Engine

Detection

Automated code-level scan using established automated testing approaches aligned with WCAG evaluation practices and widely used across the accessibility industry. Identifies the specific failure patterns that appear most frequently in real ADA complaints: missing alt text, unlabeled form fields, keyboard traps, heading failures, contrast violations.

You see your site the way a plaintiff's scanner sees it — before they do.
02
FIX

IDR Remediation Layer

Correction

Guided, code-level remediation for each identified issue. Not a visual overlay. Not an automated patch on top of broken code. Targeted structural corrections to the actual elements that create legal exposure — with your review and approval at each step.

The difference between a widget and remediation is the difference between painting over a crack and filling it.
03
LOG

IDR Evidence Log

Documentation

Every scan result, every correction, every update automatically logged with timestamps. Structured, timestamped, and versioned. The log records what was found, what was fixed, when, and when the site was re-verified after changes. This reflects the same principle that mattered in Kroger: documented, structured evidence of ongoing accessibility effort — generated automatically, without requiring you to manage a spreadsheet.

When a demand letter arrives, you are not starting from zero. You are pulling a structured, externally maintained record.
04
SIGNAL

IDR Shield + Registry

Visibility

A live verification page at instituteofdigitalremediation.com/verify/yourstore — not a badge, a record. Last scan date. Remediation activity. Current status. A reporting channel. When an automated scanner or human reviewer encounters your site, they do not see silence. In practice, sites without visible verification often appear indistinguishable from sites with no documented process at all. The absence of a signal is itself a signal.

The shield does not stop every lawsuit. It changes the calculation — making your site a harder, more documented target than thousands of unmonitored stores filing past it in the queue.

Who This Serves

Built for operators,
not observers.

This is not a theoretical guide for people who are curious about accessibility law. It is a working protocol for businesses that are already exposed — whether they know it or not.

Primary Target

Shopify & WooCommerce Merchants

Stores doing $1K to $1M+ per month. Visible enough to be scanned. Small enough to be pressured. Unprotected enough to settle quickly. Shopify stores are among the most frequently named platforms in federal accessibility lawsuits.

The same automated systems scanning your site for plaintiff firms are the ones IDR uses to build your defense record. The difference is who runs it first.

You are the lawsuit mill's preferred inventory. The protocol was built around your specific exposure.

High Urgency

Store Owners Facing Immediate Exposure

The strongest use of this system is before a letter arrives. But if you have already received a demand letter, the Hard Target Response Protocol is designed to help you avoid reacting blindly — and to build the record that changes your position.

The first 72 hours determine the direction. Structure your response before you send one.

Distribution Channel

Agencies & Developers

You build and manage client stores. When a client receives a demand letter, the first call is often to you. You carry liability exposure for every store you launched or manage. The IDR Agency Dashboard — coming Phase 2 — is built for exactly this.

Your clients' exposure is your exposure. The protocol gives you something to point to.

Inside the Protocol

41 pages. Zero filler.

Every section is operational. Every chapter answers a question a merchant actually faces — from how the scans work to what to say when the letter arrives.

  • Front Judicial Precedent — Why This Protocol Exists p. 3
  • Intro Immediate Risk Notice + Small Business Reality Check p. 7
  • Ch. 1 Anatomy of an Attack — How Your Site Is Scanned p. 13
  • Ch. 2 The Widget Trap — Why Surface Tools Fail p. 15
  • Insert Legal Perspective — What Actually Changes a Case p. 17
  • System IDR System Overview — How This Is Executed p. 19
  • Ch. 3 Five Pillars of Remediation — Where Sites Break p. 22
  • Ch. 4 Evidence Management — Why Fixing Isn't Enough p. 25
  • Ch. 5 Hard Target Response Protocol — What to Do p. 27
  • Ch. 6 Deploying the Shield — Making the Work Visible p. 30
  • Ref. FAQ · Glossary · Enrollment p. 35
    INSTITUTE OF DIGITAL REMEDIATION · IDR PROTOCOL 2026
    The
    2026
    Accessibility
    Shield
    A Field Guide to Federal Compliance & Predatory Lawsuit Defense
    41 PAGES · JUDICIAL PRECEDENT · RESPONSE PROTOCOL

    • Published by the

    Institute of Digital Remediation

    IDR Protocol Series · 2026 Edition

    $97
    Founding Access · First 500 Stores · Standard Price $127
    The 2026 Accessibility Shield Protocol
    41-page institutional compliance field guide
    Four verified federal case citations
    Hard Target Response Protocol with controlled response template
    IDR System architecture and execution guide
    Legal Perspective insert and evidence framework
    The 2026 Accessibility Shield — full report included
    Included with every activation
    Activate once. Your store is scanned immediately, your Registry record goes live, and your 30-day Pro access begins. The 2026 Accessibility Shield report is included automatically. After 30 days: $29/month Pro or $9/month Basic — or cancel anytime. Reminder sent before any charge. No surprises.

    For most merchants, the cost of one rushed settlement conversation is many times higher than the cost of this protocol. Every merchant who reads it and activates the system changes their legal posture from that day forward.

    The only question is
    whether you act
    before the letter.

    After the letter arrives, you are reacting. Before it, you are positioning. The merchants who built a documented record before they were selected are the ones who had something to show. The ones who didn't paid the settlement and hoped the next scan would pass them by.

    Activation determines how your site is evaluated from this point forward.

    Activate IDR Shield — $97

    Founding access · First 500 stores only · Standard price $127 after window closes

    Soft Target
    No audit history
    No documentation
    No verification status
    Reacts to pressure
    Settles quietly
    vs
    Hard Target
    Timestamped scan history
    Structured evidence log
    Live registry status
    Responds with documentation
    Changes the calculation

    Work that is done once
    fades. Work that is
    maintained compounds.

    Systems that are visible are far less likely to be tested.
    This is the last decision point in this document.

    Activate IDR Shield — $97

    Activation includes report + 30-day Pro  ·  Founding access  ·  First 500 stores

    Important Positioning Note

    The Institute of Digital Remediation is not a law firm and does not provide legal advice. The protocol is a structured compliance and evidence management system — designed to help businesses improve accessibility posture through documented remediation and verification. It is not a legal guarantee.

    Sources Referenced

    Federal court dockets via PACER  ·  EcomBack Annual ADA Lawsuit Reports (2023, 2024)  ·  UsableNet Accessibility Lawsuit Tracker  ·  Seyfarth Shaw Title III survey data  ·  Boston 25 News investigation (2025)  ·  National Law Review case analysis  ·  FTC consent order documentation

    Activate IDR Shield · $97 Activate Now — $97