I use the same tool. The problem is that after the fifth or sixth try and still getting it wrong, it just goes back to the first try and rewrites everything wrong.
Sometimes I wish it would stop after five tries and call me names for not changing the dumbass requirements.
Most IoT devices that died did so because the vendor went out of business and had to shut off the servers. Most lived in hope that a last minute investment would keep them afloat. In a few other cases, it was the middleware software provider (like Google IoT) that shut down and bricked a device.
This legislation might apply to a big company that decides to discontinue a product line and could then send notices out, but most startups won’t know (or admit defeat) till the last possible moment. By then it’s too late.
I used to work with big companies collecting IoT data. 90% were collecting telemetry without knowing why. Or having business goals they could easily achieve in other ways, without hoovering everything and violating our privacy.
The rest were doing it so they could sell it to data brokers and make money.
None of them were trying to push privacy as a competitive advantage.
This shows how one company (li-cycle) that claims they recycle 95% of the lithium does it: https://youtu.be/s2xrarUWVRQ
99.99% doesn’t seem too far-fetched.