What do you think? Should computer security be mandatory? Just for businesses, or for everybody? How should it be enforced: technologically forced on us, enforced by ISPs, or enforced by the government? Should repeat offenders be banned from the Internet? Do you want security mechanisms such as firewalls and anti-virus included in the operating system? If so, should you be able to disable it if you want? Should software security patches be mandatory, and should your software stop working if they aren't applied? Let us know what you think at firstname.lastname@example.org.
Intelligent Designer forbid! Have you seen where the "laws" have gotten us? Are we looking at a different country?
Law doesn't DO squat. The only one, who obeys laws, are the law abiding. Last I looked, they were not the problem. AND, every time the government makes a law, it's a joke. Heard of the "Law of Unintended Consequences", like the "Law of Gravity", it's a real law. It operates regardless of anyone's intention.
Let's examine our "computer security" problems.
Identity theft? Caused by the government. Yup, remember that social security number that would never ever be used as a universal identifier. Fooled ya! It is. Without the social security number, identity theft would be unknown. Let's nuke the ssn, and the ponzi scheme called social security "insurance".
Spam, phishing, and unknown bad guys doing bad things on the net. Hmm, who designed IPv4 as an unautheticated protocol? Yup, came out of government funded research. Wide spread because it was free and the government subsidized it. Ever compare IBM's SNA, a competing protocol at about the same time? It only allowed known devices to join the network. And, you could string them together; each network responsible for its members. IPv6 would fully triple A the network, but there is no incentive to move to it.
Insecure computing platforms? Guess there isn't a penalty for software that is flawed. Let's see the government buys lots of software. It could say that they were only going to buy Open Source Software where I can see the security. Poof, there goes the market. Oh, but no political contributions from the Closed Source Software vendors. Government says all voting machines must be open source, produce a paper ballot that the voter can check, and "cast" as their vote. No contributions from Diebold or rigged elections. They could say that all data storage has to be in an open format; we saw how well that idea worked in Taxachussetts.
The government doesn't have to pass a law. They can use their economic power to mold the marketplace. They can open the courts to "injured" "consumers". Cut out this sham of "licensing". They can do lots of things without "laws".
One criticism of Sarbox is all they did was make consultants rich. What makes you think that this would be any different?
No leave the internet alone. Leave the vendors to duke it out. Competition, free of laws, will improve everything. It's the invisible hand of the marketplace, enforcing a discipline that is swift and hard. Only when the government comes in does trouble begin.