I would support legislation that enforces a right to data export for 6 months in human readable file formats, or a physical equivalent like spending a USB stick in the mail.
> I effectively have over $30,000 worth of previously-active “bricked" hardware. My iPhone, iPad, Watch, and Macs cannot sync, update, or function properly.
(I assume these can be re-sold? They do mention that they can't sign out)
> I have lost access to thousands of dollars in purchased software and media.
Should the "purchased" software and media be within the data export scope?
> I don’t have a 6TB device to sync them to, even if I could.
...yeah.
But let's say we limit ourselves to stored bits.
How should the service identify the person asking for data export? Does your regulation imply government id registration for all internet services? Is that what you actually want?
What if the service is e2ee? How do they deliver "human readable file formats"? Are we also banning e2ee?
What do compliance requirements imply for people's ability to start competing services?
You are proposing to replace a very tiny bit of personal responsibility (having backups) with a very intrusive, and highly consequential, legal mechanism.
EDIT: Though I would, of course, support a requirement for these services to properly warn users (on the registration page, not buried in TOS small print), and provide thorough instructions for making backups to external storage connected to any of the devices they support.
> Should the "purchased" software and media be within the data export scope?
I presume most of this is licensed, so no
> Does your regulation imply government id registration for all internet services?
No
> How should the service identify the person asking for data export?
Username, password, pin, MFA, security questions. Anything already in use for identification
> Does your regulation imply government id registration for all internet services?
No
> What if the service is e2ee?
Then the encrypted data is provided
> How do they deliver "human readable file formats"?
It can still become human readable if the user took proper care of their private key
> Are we also banning e2ee?
No
> What do compliance requirements imply for people's ability to start competing services?
If your service can't provide reliable access to backups then presumably you will already not do well competing in any market where user data is valuable. That should be at the forefront of the service model. Unless you don't care about interoperability like Apple
> You are proposing to replace a very tiny bit of personal responsibility (having backups) with a very intrusive, and highly consequential, legal mechanism.
Not really. If export functionality isn't already built out then it should be
