Audience asks about GDPR-style data-protection requirements in immutable stores. Ladd quips that in America you can do whatever you want, then answers seriously: regulatory requirements are part of your business domain, not of a framework. Model them in your domain. He has worked in healthcare and hasn't personally encountered a case where following regulations was hard with event sourcing.