I feel that in the age of technological achievements we currently live in, figuring out a way where we can require a certain level of security on these devices without running afoul of "big brother" syndrome seems well within the realm of possibilities.
It's also worth noting had the IoT companies simply done the baseline level of security of making the user change the password that such regulation wouldn't even be needed, so forgive me if I'm unable to care about their stake in things.
My point is that it's not a technical problem. Some IoT devices have failed their "vehicle safety check". Now who has the authority to take them off the road? Who has the authority to ensure that their poor design isn't even allowed on the road? Do we actually want anyone to hold that authority?
Is there some other way to achieve the same results without formal regulations - to review bad designs and keep them from being sold, and taking bad security designs/implementations off the internet?
It's also worth noting had the IoT companies simply done the baseline level of security of making the user change the password that such regulation wouldn't even be needed, so forgive me if I'm unable to care about their stake in things.