[branksy]

> They can't keep themselves secure... they can't police themselves?

What does that have to do with it? Better laws on security will force the government to police itself better too.

Simple example: a law requiring all passwords to be stored with unique salt and encryption of certain minimum strength. Or a law preventing IoT devices from functioning on a network when their password is still set to the default.

How do you fail to see how simple actions such as these would help?

[trey-jones]

Both examples that you give are sound, and I would support regulations that enforced these basic security guidelines. The question is whether these are the types of regulations we would get. I expect there would be rather a lot of useless and silly regulations that do nothing but drive up costs.

[varrock]

This is not a rhetorical question, I'm just trying to better understand how this process would work. Who would be designing and brainstorming these laws in the government?

[trey-jones]

I do not know the answer to this question. It seems reasonable that a "committee of experts" would be designated by the politicians for this purpose, but I don't feel confident that one could be sure of the expertise involved, or whose interests would be served.