The problem with that is the devil is in the details and it fails to account for changes properly in technology and excludes far better alternatives.
Say for instance there is a requirement that there must be DES encryption of passwords. That would be a downright terrible law on several levels - first of which is that the best way to secure passwords is not keeping them in the first place but a hash. The encryption standard is as laughable now as requiring banks lock their vaults with a simple warded lock - the kind where skeleton keys work because shaving the teeth from the key means it no longer has anything to catch on while it turns the lock.
Say for instance there is a requirement that there must be DES encryption of passwords. That would be a downright terrible law on several levels - first of which is that the best way to secure passwords is not keeping them in the first place but a hash. The encryption standard is as laughable now as requiring banks lock their vaults with a simple warded lock - the kind where skeleton keys work because shaving the teeth from the key means it no longer has anything to catch on while it turns the lock.