Kialo requires cookies to work correctly.
Laws should forbid web sites from requiring new locally-stored, single-site, password-based authentication.
Allowing governments to mandate the kind of security used for websites constitutes a threat to website security by itself.
Government may not always have security as its top priority when setting mandatory security policies for companies.
Government may be slow to adapt laws and regulations in the face of new threats, limiting the ability of companies to respond.
States regulate the use of security in real life to ensure that it's handled appropriately. There's no reason why states wouldn't be able to do the same with websites.