For starters, it provides protection and accountability for those who don't have the prior presence of mind to demand deletion.

An act which mandated deletion in all cases for data once business needs are addressed (often 30--90 days for much data), might address your question. But the Delete Act isn't that.

▲

JumpCrisscross 4 hours ago | parent [-]

> it provides protection and accountability for those who don't have the prior presence of mind to demand deletion

Perhaps. I just see another compliance-industrial tax on consumers backed up by a nonsense checklist.

> act which mandated deletion in all cases for data once business needs are addressed (often 30--90 days for much data), might address your question

Or opt out by default.

Perhaps California should give counties the power to do that. Then we can watch the experiment for unintended consequences.

▲

DrewADesign 4 hours ago | parent [-]

I work in a specialty in an industry that requires a fairly stringent annual ISO certification. Even preparing for the audit it is a completely worthwhile exercise in seeing things that maybe got swept under the rug or left by the wayside. Customers having clearly defined criteria to prove in court or even business negotiations, that our lapse was negligent or in bad faith keeps us from straying too far to begin with. Our having clear criteria to show that we followed industry guidelines shuts down customers trying to accuse us of something in bad faith, or even trying to make a mountain out of a molehill to get leverage in a contract negotiation or something.

I’ll bet most of it depends on how good the certification is. My bosses think it’s annoying, and sure not 100% of the requirements make a difference for us, but most do, and from my vantage point, I can see how much of a difference it makes.

	▲	DrewADesign 11 minutes ago \| parent [-]
		This is a family-run business with about 20 employees BTW. Not some red tape behemoth.