Skip to main content
wcag21aa.org

Scope of the 2024 rule

The rule's coverage is broader than 'the public website.' It reaches portals, documents, third-party-delivered content, mobile apps, social media, and content provided through licensing arrangements.

By Levi Whitted Last reviewed: Published:

The core definition

28 CFR § 35.200 applies the rule to "web content and mobile apps that a public entity provides or makes available, directly or through contractual, licensing, or other arrangements" (Source: 28 CFR ยง 35.200 ) . Three elements of that definition do the most work in practice:

  • "Web content and mobile apps" covers the digital experience the entity delivers. The rule's preamble and DOJ guidance treat this as encompassing web pages, web applications, mobile applications, and the conventional electronic documents (PDF, Word, Excel, PowerPoint) the entity provides through these channels.
  • "Provides or makes available" is broader than "publishes on the entity's own server." Content the entity makes accessible to users through any channel it controls or contracts for is in scope.
  • "Through contractual, licensing, or other arrangements" reaches third-party platforms, vendor-hosted content, and content provided via licensed services. Vendor-hosting does not move content outside the rule's scope.

Public-facing web content

The most straightforward case: the entity's public-facing website. This includes:

  • The main public website on the entity's primary domain
  • Departmental microsites and program-specific subdomains
  • Campaign and event sites operated by the entity
  • Public-facing pages on third-party platforms (district pages on hosted-services platforms, community college sites hosted on a system-wide CMS)
  • Public-facing portals (information lookup, document repositories, search interfaces)

All of these are in scope on the same terms. The fact that a microsite is on a separate domain or a separate CMS does not move it outside the rule.

Portals and logged-in systems

Authentication does not move content outside the rule's scope. Systems that require login but provide content to public-entity stakeholders are in scope. Common examples:

  • Student portals (registration, financial aid, transcripts, course materials)
  • Employee portals (HR, payroll, benefits, internal communications)
  • Parent portals (K-12, attendance, grades, communications)
  • Applicant portals (admissions, employment, benefits, permits)
  • Customer or constituent portals (utility billing, water service, library accounts)
  • Board member and elected official portals (meeting materials, governance documents)

The same WCAG 2.1 AA standard applies. Coverage is not narrowed by limiting the audience.

Documents, apps, and other formats

The rule reaches conventional electronic documents and mobile applications, not only web pages:

Conventional electronic documents

PDF, Word, Excel, and PowerPoint documents that the entity makes available through its digital channels are in scope. See Are PDFs covered? for the detailed treatment.

Mobile applications

Native mobile apps provided by the entity (transit apps, library apps, student-information mobile clients, public services apps) are in scope on the same terms as web content.

Email

HTML email communications the entity sends to stakeholders are digital content the entity provides. CCCCO Memo ESS 26-17 names email explicitly.

Social media content

Content the entity posts on social media platforms is in scope. See Social media content.

Video and audio content

Recorded meetings, training videos, public announcements, and instructional content the entity provides are in scope, with captions, transcripts, and audio descriptions as relevant WCAG requirements.

Third-party delivery still counts

The "contractual, licensing, or other arrangements" language is the operative phrase for third-party-delivered content. Common scenarios:

  • Learning management systems (Canvas, Blackboard, Moodle) licensed by the entity, with course content authored by faculty and staff
  • Document management platforms hosting board materials, meeting packets, or records
  • Library catalog systems and database aggregator interfaces licensed from publishers
  • Online application platforms handling admissions, employment, permits, benefits
  • HR and payroll vendor portals through which the entity delivers employment-related content
  • Video hosting and live streaming services the entity uses to provide public-meeting access

In each case, the platform is a vendor product but the content the entity delivers through it is the entity's responsibility for accessibility purposes. See Third-party content and vendor obligations and Vendor responsibilities and procurement.

CCCCO examples and practical scope

CCCCO Memo ESS 26-17 (February 27, 2026) provides one of the clearest enumerated lists of in-scope categories for California community college districts. The memo lists, as in scope for WCAG 2.1 AA conformance:

  • Public-facing websites
  • Canvas (and other LMS) course content
  • SharePoint and intranet content
  • Email communications
  • HR portals and employee-facing systems
  • Digital documents (PDF, Word, Excel, PowerPoint)
  • Mobile applications
  • Social media content

The CCCCO list is consistent with the federal rule's scope and serves as a useful working enumeration for any public entity, not only California community college districts. If a category appears on this list and the entity provides content in that category, that content is in scope.