> Every employer would send "We have decided not to continue with your application".

That would still be a big improvement over just getting ghosted

A sensibly written law could close loopholes like the one you described.

I'm not sure an ATS would be required either. Simply having a law that requires a response when inquired about the status of an application after a certain amount of time would suffice.

I was ghosted by a Fortune 500 company after making it to the final round of an interview recently. It took me weeks of sending emails to get them to tell me they didn't want to hire me.

This seems pretty accurate to me. But like other commenters, the psychological closure of any message at all is better than nothing.

Also, what company nowadays doesn’t use an ATS? I’ve seen a few startups that take applications via email or discord but those are few and far between. Most are using Workday/Indeed/Linkedin or what have you.

> The ATS would have some default timeout where candidates who aren't hired get the e-mail to comply with the law.

The sibling concept of this already exists in Europe with GDPR. Companies have to ask you to keep your data (resume, application, etc) beyond a certain timeout, otherwise they must delete it. Because of this, almost everyone uses a talent system.

It seems to work fine? I appreciate knowing they're going to nuke my info, or keep it.

> I know it's frustrating, but stacking laws like this doesn't get useful information out of companies but it does force the application process to revolve around demonstrating compliance with the regulations.

Eh, that's like saying taxing them is pointless because they'll just spend more on accountants to find loopholes. It's only true if you have the political will to pass the laws but not enough to fund the teeth needed to enforce them. Gather reports of boilerplate rejections, launch investigations, drag companies to discovery to find their deliberate efforts to end-run the spirit of the law, extract fines sufficient to fund investigations into the next 10 companies.

Or just allow what happens in the EU. Every time I've applied for a job and been rejected, I put through a GDPR request and find out the reasons I was rejected.