On 17 July 2025, the French Collective for the Promotion of Services for the Blind and Partially Sighted (CFPSAA) filed 4 simultaneous complaints against the e-commerce sites of Auchan, Carrefour, E. Leclerc and Picard. It's the first serious EAA enforcement signal in France — and a clear warning to the whole sector.

Why these 4 chains?

  • Massive traffic (around 10M unique monthly visitors each): harm on a large scale
  • Complex purchase funnels (delivery, drive-through, click-and-collect): many friction points
  • Informal pre-audits by the CFPSAA showing more than 60 failing criteria
  • No response to the prior informal reports

The common denominator isn't malice: it's size combined with inaction. Huge sites, many users harmed, and no accessibility contact when the association tried to reach out.

The most cited criteria

  1. 01Images without alt (product catalogue)
  2. 02Buttons without an accessible label (add to cart, variant selection)
  3. 03Checkout funnel not keyboard-navigable
  4. 04Modals (popups, delivery info) without focus management
  5. 05Insufficient contrast on promo badges

None of these five points is exotic: they're the most ordinary non-conformities in e-commerce. That's exactly what makes these cases instructive — what targeted the giants targets your store too.

The next wave

The CFPSAA has announced it will next target fashion, beauty and home-appliance e-commerce sites in the first quarter of 2026. Stores in these sectors that haven't started an audit this quarter are already exposed.

What these cases teach you

  • Enforcement targets visible, inactive sites first — visibility attracts, inaction condemns
  • Silence on the informal report is the trigger: a contact point that replies changes everything
  • The targeted criteria are the most common: fixing them first massively reduces the risk
  • A dated approach (audit + plan) is the best response, even a partial one

Frequently asked questions

I'm an SME, am I safe because I'm small?

The first wave targeted giants to make an example, but the obligation itself doesn't depend on size (beyond the microenterprise threshold). A visible SME in a targeted sector can absolutely receive a report. Size delays the risk, it doesn't cancel it.

What should I do if I receive a report from an association?

Respond, quickly and sincerely: acknowledge receipt, run a dated audit, propose a plan. It was that initial silence that tipped the 4 July 2025 cases into formal complaints.

How long to get myself safe?

Fixing the 5 most cited criteria generally takes a few weeks of development. The key is being able to prove, at any moment, that the approach is under way and documented.

Find out whether your site ticks the same boxes as the 4 targeted chains:

→ Run an audit