Proceeds from collected fines could go toward public awareness campaigns. Also, rather than simply establishing regulations and proscribing periodic audits, the government could hire a team to perform network penetration, actively searching for corporations with vulnerabilities, or analyzing popular apps in a lab environment to confirm what data they are collecting (regardless of what the app developer claims to be collecting). We need the equivalent of the Environmental Protection Agency for the digital realm and consider the matter to be of the same importance.
Businesses who actually respect the security of their data and privacy of their customers should not fear this. In fact, they should see it as a competitive advantage. It's sort of like the smaller food suppliers who leverage their values, transparent business models, and "USDA Organic" certification to cut into the market share of the multi-national corporations. Google and FaceBook are the "Big Mac Data" corporations; they give you a lot for a very low price, but you pay for their products in ways that are detrimental to your digital health.
"The universe is complicated and for the most part beyond your control, but your life is only as complicated as you choose it to be."