Couldn't you simply codify in the ToS that PII or even most/all historical metadata would be scrubbed upon the sale of the company? IANAL, but I would assume that a company could commit themselves in the user agreement in such a way that it guarantees some protection against this kind of concern.
You can always change the terms of service; no one would really notice a detail like this.
And things like email addresses are "PII", and maybe some more things that are required to actually run this business. So "scrub all PII" isn't really a very feasible thing to do in the first place.
Couldn't you simply codify in the ToS that PII or even most/all historical metadata would be scrubbed upon the sale of the company? IANAL, but I would assume that a company could commit themselves in the user agreement in such a way that it guarantees some protection against this kind of concern.