All of the current regulatory discussions in Congress and local legislatures generally involve identity theft and are in reaction to the current hype. They are also reactionary in their effects in that they deal with what to do after information is stolen, and not with the fact that the thefts should have been prevented in the first place. Most important, they do not fundamentally improve security. We need laws that are proactive in preventing identity theft and all other likely attacks. These proposed laws go a long way in doing so.

Ira Winkler is president of the Internet Security Advisors Group. He is a former National Security Agency analyst and author of Spies Among Us (Wiley, 2005).