Why many websites have significant flaws – eCommerce Magazine


  • A study by the Association of German Website Operators (FdWB) shows that over 41 percent of the websites have serious defects.
  • Many of the websites examined violate applicable legal provisions and are at great risk for warnings.
  • With certification according to the International Website Trust Standard (IWTS) the website operator can show that his website is secure

In order to operate a website in Germany, a increasing number of legal provisions and mandatory requirements, of German or European origin, are observed. The best known of these are the General Data Protection Regulation (GDPR), the Telemedia Act (TMG), the ePrivacy Directive or the new ruling by the Federal Court of Justice (BGH) on the active consent to the use of cookies. Although many of these requirements are important and useful, it is now very difficult for website operators to keep track of them.

Website operator: protecting users from cyber attacks

Not just to have legal security and to avoid the danger of warnings. But above all to protect against increasingly widespread and professionally carried out cyber attacks, the resulting cyber attacks Theft of personal and customer data or the total loss of your own website and the associated lasting loss of reputation of your own company. In addition, the regulations and judgments as well as the increasing attention to this topic in the media show that the public is attaching increasing importance to online security.

To get an up-to-date impression of the state and security of German websites, the Association of German website operators (FdWB) carried out a study on 2,500 randomly selected websites in March of this year and examined them for particularly characteristic features. For this purpose, the FdWB looked at business directory entries from small and medium-sized companies in various industries from across Germany. The characteristics considered included whether the websites were a active and working SSL certificate for an encrypted data connection, the company data is fully contained in the data protection declaration and the data protection declaration is properly linked on every page.

Website operator: 41 percent of the examined pages are faulty

The result was that of the total of 2,500 pages, 1,023 websites were identified that did not meet at least one of these criteria. In other words, this means that 41 percent of all pages viewed are faulty and therefore in very poor condition and were not safe for both website operators and users.

Most of the faulty websites had no or no working SSL certificate (87 percent of the faulty pages), which corresponds to 36 percent of all pages viewed. In 13 percent of the websites it was even no data protection declaration available (32 percent of bad pages). The company information was not listed as required on over 14 percent of the pages in the data protection declaration (35 percent of the incorrect pages). After all, 160 pages did not have the necessary link to the data protection declaration, which must be made from every page (16 percent of the incorrect pages).

Websites have defects in the cookie banner

It turned out that the identified websites had further deficiencies in very many cases. There were around 160 websites with the Note in the cookie banner incomplete / incorrect (16 percent of the faulty pages) and / or the cookie banner had no option to object to the use of cookies (16 percent of the faulty pages). The imprint was incomplete on almost eight percent of all websites (19 percent of the incorrect pages) and eleven percent of all pages contained one or more errors in the forms used for contacting or newsletter registration (27 percent of the incorrect pages).

Website operators need professional support

All affected website operators were informed of the deficiencies, with the instruction to eliminate them for their own safety and for the safety of their visitors and to have their site checked as completely as possible for possible further errors. The research results once again show the relevance, the important points that have to be observed when operating a website, for most of the time non-specialist website operators easy to prepare and clearly show how this can be implemented. The investigation clearly shows the need for more information and support for website operators.