The story being pushed by many is that somehow, George Bush reduced regulation too much, and that was the cause of many of our current fiscal woes.  Of course, when people try to sell this particular tale, they are amazingly devoid of facts, such as specifically which regulations were repealed which caused our doom.  The reality is that regulatory spending drastically increased during the Bush presidency:

Since Bush took office in 2001, there has been a 13 percent decrease in the annual number of new rules. But the new regulations' cost to the economy will be much higher than it was before 2001. Of the new rules, 159 are "economically significant," meaning they will cost at least $100 million a year. That's a 10 percent increase in the number of high-cost rules since 2006, and a 70 percent increase since 2001. And at the end of 2007, another 3,882 rules were already at different stages of implementation, 757 of them targeting small businesses.

Overall, the final outcome of this Republican regulation has been a significant increase in regulatory activity and cost since 2001. The number of pages added to the Federal Register, which lists all new regulations, reached an all-time high of 78,090 in 2007, up from 64,438 in 2001.

So, the only decrease was in the number of new rules, but the rules that were implemented were far more significant than ever before.  Of course, the pure number of regulations doesn’t mean that things will be safer/better/more efficient.  Rather, the type of regulation, and the people regulating become very important.  Take for instance, the melt down of Fannie and Freddie.  Many are blaming that on a lack of oversight, and that the two agencies need more regulation.  The problem with that tale is that there was an agency, whose purpose was overseeing and regulating both (via Mises.org)!

OFHEO's mission is to promote housing and a strong national housing finance system by ensuring the safety and soundness of Fannie Mae (Federal National Mortgage Association) and Freddie Mac (Federal Home Loan Mortgage Corporation). OFHEO works to ensure the capital adequacy and financial safety and soundness of two housing government-sponsored enterprises (GSEs) -- Fannie Mae and Freddie Mac. OFHEO works to ensure the capital adequacy and financial safety and soundness of two housing government-sponsored enterprises (GSEs) -- Fannie Mae and Freddie Mac. Fannie Mae and Freddie Mac are the nation's largest housing finance institutions.
...
Conducting broad based examinations of Fannie Mae and Freddie Mac; Developing a risk-based capital standard, using a 'stress test' that simulates stressful interest rate and credit risk scenarios; Making quarterly findings of capital adequacy based on minimum capital standards and a risk-based standard; Prohibiting excessive executive compensation; Issuing regulations concerning capital and enforcement standards; and Taking necessary enforcement actions.

So if having an entire agency to look after these things didn't help, perhaps what we need are individuals who can look after individual cases, like oh... I don't know... Bernard Madoff (via Megan):

The Securities and Exchange Commission's New York watchdog, under fire for failing to uncover Bernard Madoff's alleged $50 billion Ponzi scheme - despite a dead-on tip by a whistleblower - yesterday tearfully defended herself, arguing that she and the agency did the best job possible.
...
The 37-year-old has been singled out by whistleblower Harry Markopolos as the woman who failed to detect the scam despite his lengthy warnings. It was Cheung who signed off on a 2006 SEC investigation that effectively gave Madoff the all clear.
...
"I had no incentive to give anyone a pass. I had an incentive to bring cases that should be brought, especially big cases," she said. "I was not influenced, and I don't believe anyone in the New York office was influenced, by any other desire than to find out the truth. . . There is no other reason to work there for so long, except that I love what I do." She added, "No one in my office had any incentive to miss something like this."

And therein lies the key to the entire problem.  While nobody had incentive to miss something like this (and we really only have her word on that), they didn't have any incentive to catch it either.  In the case of Freddie, Fannie and OFHEO, their incentives were not aligned with that of the rest of the financial market.  They wanted to put people into homes, not make sure that good loans were being made.  Or at least that's what we assume... since OFHEO isn't directly involved in either making loans or selling houses.  They simply watch... and in some cases encourage actions that certain parties to undertake actions they normally would not have undertaken.  But because OFHEO doesn't bear the burden of any costs if it goes wrong, they can make all the suggestions they want and not care about the potential risks.

That leads to poor regulation, and it provides a false sense of security.  The fact that something is "regulated" makes people think that its safe, and so they avoid doing research on their own.  My tax dollars are already going to oversight and regulation, so I don't need to... we've "outsourced" oversight.  But the reality is, we need to ensure that the people who are in the most power to affect the outcome, are the ones making the decisions.  A good example of this is provided by Bruce Scheier when he talks about credit card fraud:

Take the various disclosure laws. On the face of them, they're smart regulation. By forcing companies to make data breaches public, we're raising the cost of those breaches. Unfortunately, a lot of that cost was in public shaming; the press would write bad stories about companies that lost personal data. But as more and more companies lose data, the press becomes less interested in writing those stories – and the public shaming diminishes. Good idea, but temporary.

Or take Sarbanes-Oxley. I've read the law, and I'm not exactly sure how it pertains to computer security. But everyone seems to think it does, and companies have poured all sorts of money into computer security: the cost is still cheaper than the potential liability. Some of this money has gone into actual computer security, but most of it has gone to large auditing firms that produce reports that are only useful to defend against liability claims. Sort of a good idea, but very expensive for what you get.

A much better example is the credit card law that limits personal liability for fraud to $50. Before the law, credit card losses were an externality to credit card companies, so they didn't do all that much to improve security. After the law, we got online verification terminals, systems for card activation, data-mining systems to detect fraudulent spending patterns, and so on. Great idea, and one that significantly improved security.

In other words, the liability for losses was removed from the consumer (who could do little to prevent it) and placed in the hands of the credit card company who had all the information to prevent it.  No regulations deemed how they were to prevent it.  They were simply made liable, and it was up to them to determine how best to stop fraud.  Unfortunately today, most people who want increased government regulation want to determine how companies go about their business.  As Schneier goes on to describe:

Don't pass a regulation requiring this brand of firewall or that default configuration setting. A good regulation says that if anyone breaches your network and uses it to send spam, you're not in compliance. How you prevent this attack is your business. This kind of regulation stimulates the marketplace to solve the problem better and more cheaply.

In other words, focus on the results, and let the people who know best how to implement them... implement them.  The danger of course, is that by focusing on results, we may easily underestimate the costs to implement them.  Remember that all security, and all regulations, is not a pure good.  It is a tradeoff between benefits and costs.  If the cost of the regulation is more than the gain, then it should not be implemented, pure and simple.

Because government often times does not feel the cost of the regulation, it is easy to over regulate.  It is a sort of reverse externality.  That is the danger we always face.  That is the reason why liability (which can be arbitrated in the free market) is preferable to regulation.  Regulation tends to remove liability in place of oversight.  And as we've seen, oversight often times fails because those who perform it, have no specific reason to do either a bad job, nor a good job.