I like this idea. In the internet "code is law" https://www.socialtext.net/codev2/Code%20Is%20Law - regulation happens essentially through the code of our publication platforms. Having formal specifications makes it clear wether a platform complies or not.
I don't think law makers should write code thought.
But laws of the form: Every website has to implement HTTPS. Or you have to accept this OAuth providers could be effective.
