Laying all my cards on the table I'm kind of ideologically opposed to a 300 million person government forcing any regulations whatsoever upon the entire population rather than allowing for local control of laws, but if I were to put myself in the shoes of someone who accepted the basic premises of American society I would see your proposed minimum EOL statement as a totally reasonable consumer protection rule with relatively little burden on the seller. This isn't what I took the other posters in this thread to be proposing, though, and I still think it would have a slight hampering effect on technological innovation (going back to GGP's argument)[0], I can just see arguing that this would be worth the consumer protection provided.
The requirement to publish interoperabilty-details/code/etc. is something I see as far more burdensome, perhaps in some cases to the point of being impractical, which is sad because I actually value these properties quite highly. I don't own any products that rely on the API of a specific company to continue functioning, and as an individual consumer I reward companies that do release such details (albeit in a statistically insignificant way). The simple, obvious reason that this is burdensome is because the release of code helps competitors, and requiring a company to help competitors makes it more likely that they will decide to invest in some less-regulated industry instead. There's a logical reason that most software companies aren't open-sourcing their products, unfortunately. Also, and I disagree with this yet don't want to force my opinions of the world on other peoples' infosec decisions, some people argue that closed source software is more secure than open source software due to security through obscurity. More rarely, I can imagine edge-case IoT devices that rely on highly specific infrastructure where interoperability just isn't reasonable, and the question of which layer interoperability should be provided on is non-obvious. Imagine if SpaceX launched a swarm of satellites measuring some data about the Martian atmosphere and released a product that could tell you the measurements when asked. Do they need to provide the details of the API between the product and the Earth-based relay? Do they need to provide the details of the connection between the Earth-based relay and the Martian satellite swarm? Do they need to provide the details of the internals of the satellites themselves? What if they're the only company anywhere near being able to supply this service, and the technology will almost certainly be obsolete by the time another company manages to launch a Martian satellite swarm? I feel like this probably isn't the best example, but there might be better examples I'm too dumb to think of at the moment, and not at least considering those known-unknown potential scenarios might be harmful to society as a whole (but I think I've articulated this last point worse than the rest of my comment, and I'm not entirely convinced of it myself).
[0]Edit: on further thought, this hampering effect should only really exist if there is a minimum time from date-of-sale that the minimum EOL must extend to; if I can meet the requirements while selling a product that is only guaranteed to work until yesterday then it shouldn't have any real effect other than consumer awareness, but it also kind of takes the teeth out of the proposal.
The requirement to publish interoperabilty-details/code/etc. is something I see as far more burdensome, perhaps in some cases to the point of being impractical, which is sad because I actually value these properties quite highly. I don't own any products that rely on the API of a specific company to continue functioning, and as an individual consumer I reward companies that do release such details (albeit in a statistically insignificant way). The simple, obvious reason that this is burdensome is because the release of code helps competitors, and requiring a company to help competitors makes it more likely that they will decide to invest in some less-regulated industry instead. There's a logical reason that most software companies aren't open-sourcing their products, unfortunately. Also, and I disagree with this yet don't want to force my opinions of the world on other peoples' infosec decisions, some people argue that closed source software is more secure than open source software due to security through obscurity. More rarely, I can imagine edge-case IoT devices that rely on highly specific infrastructure where interoperability just isn't reasonable, and the question of which layer interoperability should be provided on is non-obvious. Imagine if SpaceX launched a swarm of satellites measuring some data about the Martian atmosphere and released a product that could tell you the measurements when asked. Do they need to provide the details of the API between the product and the Earth-based relay? Do they need to provide the details of the connection between the Earth-based relay and the Martian satellite swarm? Do they need to provide the details of the internals of the satellites themselves? What if they're the only company anywhere near being able to supply this service, and the technology will almost certainly be obsolete by the time another company manages to launch a Martian satellite swarm? I feel like this probably isn't the best example, but there might be better examples I'm too dumb to think of at the moment, and not at least considering those known-unknown potential scenarios might be harmful to society as a whole (but I think I've articulated this last point worse than the rest of my comment, and I'm not entirely convinced of it myself).
[0]Edit: on further thought, this hampering effect should only really exist if there is a minimum time from date-of-sale that the minimum EOL must extend to; if I can meet the requirements while selling a product that is only guaranteed to work until yesterday then it shouldn't have any real effect other than consumer awareness, but it also kind of takes the teeth out of the proposal.