We've spent the last several weeks doing something most web studios don't bother with: actually checking. Eight real San Jose-area organizations, across eight completely different industries, audited independently — unpaid, unsolicited, using nothing but publicly available information. Every single one had at least one real, directly observable problem. Here's what that actually looked like, and why it matters more than a generic pitch about "the importance of audits" ever could.
This wasn't a hunt for nitpicks
Before getting to the findings, the standard matters as much as the results. We only publish findings we can directly verify ourselves — not things inferred from third-party data we can't confirm. Two earlier audits actually got pulled from our own published portfolio for exactly this reason: when we set out to make a "100% independently verified" claim actually true, two findings didn't hold up to our own bar, so they came down. Every finding below is something we observed firsthand, by fetching the actual live page, the same way a search engine or a visitor would. No production access requested. No guessing.
What we actually found
Berliner Cohen LLP
Raw, unescaped HTML code was leaking directly into a meta tag on their Contact Us page instead of a real description — and the broken code itself misspelled the firm's own name. Shared on LinkedIn or Facebook, that page's preview would show broken markup instead of a description.
Read the full audit →San José Spotlight
San Jose's own independent nonprofit newsroom had two real problems on the one page built to handle them: every email address on its Contact Us page rendered as literal "[email protected]" placeholder text without JavaScript, and the link inviting readers to become a sustaining donor pointed to a staging server instead of the real donation page.
Read the full audit →Satellite Healthcare
The tool patients use to find a dialysis center — arguably the single most important page on the entire site — displayed literal, unrendered template code instead of real text. For a population that may include elderly or vulnerable patients, that's not a cosmetic bug.
Read the full audit →City of San José
Six core informational pages — covering departments, official records, and a disability access grant program — returned nothing but "please enable JavaScript" to anything that can't fully execute it, including search crawlers. The City has a real ADA Coordinator and a genuine accessibility program; this slipped past both.
Read the full audit →Meriwest Credit Union
A homepage section built specifically to show off real charitable giving displayed "$0" as the headline number for both donation statistics, with the actual figures ($47,836 and $22,000+) only visible in the text underneath. For a section meant to demonstrate generosity, that's an unfortunate irony.
Read the full audit →Del Grande Dealer Group
The Bay Area's largest family-owned auto group has a page whose own metadata lists the wrong contact email entirely — not their own, but the internal support inbox for the third-party company that built their website.
Read the full audit →Bristlecone
A live legal page's canonical tag pointed to a staging server instead of the real site — confirmed by checking it against another page on the same domain that correctly referenced itself, ruling out a sitewide quirk.
Read the full audit →Cupertino Electric
A 70-year, 5,300+ employee national contractor with $500M+ in revenue had no meta description anywhere on its site — checked directly across three different page types, not just the homepage.
Read the full audit →The pattern that emerged
None of these are unknown or under-resourced organizations. Several have a thousand or more employees, decades of operating history, and real marketing budgets. Size and budget didn't prevent any of this. What they actually do is make these issues less likely to ever get caught — because almost nobody on the inside is checking from outside their own team's blind spots.
That's the real mechanism behind every finding above: a person who works there every day already knows what the page is supposed to say. They read past the broken parts without noticing, the same way you stop seeing a typo in a document you've read fifty times. A search crawler, a first-time visitor, or someone sharing the page on social media doesn't have that context. They just see what's actually there.
Why this isn't just a technical curiosity
Each of these findings maps to a real, concrete consequence, not a hypothetical one:
- Search visibility: missing meta descriptions and canonical tags pointing to the wrong server directly affect how search engines index and rank a page.
- Legal exposure: for a government site specifically, accessibility findings carry real legal weight — this isn't optional polish.
- Brand credibility: a misspelled company name baked into broken code, or a stranger's support inbox listed as your own contact, is the kind of thing a customer or journalist could stumble onto and screenshot.
Learn about Corporate & Government Audits →