InfoWorld's Paul Venezia has proposed a pretty good "Technology Bill of Rights" encompassing DRM, neutrality, anonymity, liability for malware, liability for proprietary software, and open source for government. I think it's a great starting point, though some of the Slashdotters suggest modelling it on the US Bill of Rights and/or the Makers' Bill of Rights.
Article 4. A company that produces and sells closed source software for use on computers shall be responsible for the security of that product, and a user has a right to seek damages in the event of a failure to secure their product
Related to Article 3, this is a sticky one. On the one hand, a company should be held responsible for damages caused by negligence in their product. On the other hand, attributing this to computer software could be extremely problematic to proprietary software companies. Maybe it should be met halfway — a proprietary software company is compelled by law to immediately notify the public when vulnerabilities are discovered in their products. They are then granted two weeks to issue a patch to fix the problem. If not, they face increasing fines for every day a patch is not released. Also, there should be a mandatory update check in every product. This is far from a perfect implementation, but some form of this concept needs to be introduced.