Is Standard Computer Soft-Deletes Good Enough for Privacy Regulations?