this post was submitted on 03 Oct 2024
544 points (97.9% liked)
Technology
58497 readers
6022 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
That's fair, and government work can feel kind of like its own parallel business ecosystem in some ways. Sort of like how most of us think of the shops and businesses that are visible to us but not the massive B2B ecosystem just under the surface.
But I think the hope is that gov can standardize and define a certain net positive thing, and use its contracts to start requiring that thing, slowly making it more widespread and therefore common. Ideally the kinks get ironed out over time, and eventually it's in a state where you can make the leap and start to require it be in place for any application / service above a certain user count.
Bit pie in the sky, but we should be at least trying to find ways to use govt to improve our situation. Things at policy level that don't require chronically status quo politicians to vote in our best interests.
Interoperability is a big job, but the extent to which it matters varies widely according to the use case. There are layers of standards atop other standards, some new, some near deprecation. There are some extremely large and complex datasets that need a shit-ton of metadata to decipher or even extract. Some more modern dataset standards have that metadata baked into the file, but even then there are corner cases. And the standards for zero-trust security enclaves, discoverability, non-repudiation, attribution, multidimensional queries, notification and alerting, pub/sub are all relatively new, so we occasionally encounter operational situations that the standards authors didn't anticipate.
I’ve had to implement wave after wave of compliance with European laws in the last several years. We tend to just comply with something like GDPR everywhere because that’s simpler and it’s a best practice. But without the teeth of legislation we’d never bother. There’s always too much to do. I would have a hard time doing something that’s better for consumers but takes a lot of effort or might even undermine our ability to monetize as aggressively as we choose to. Not without those teeth. Not a chance. Even with teeth, tech companies often find some shitty way to meet the minimum bar but really do nothing. We must offer an API? Okay. It has almost nothing in it, but enough to say we did something. We’d never stand up an API that competitors or scammers could benefit from.
Oof, well, point taken and sorry for your loss lol. I hear where you're coming from. And I'm sure we'd get a worst of both worlds situation here in the US where we spent a ton of time and money developing whatever standards and definitions, and then we make it an optional guideline like you're saying and it never goes anywhere.
Dunno. The fundamental problem is tech is always able to move faster and smarter than legislation.
If I’m saying anything, it’s that legislation is the one thing tech can’t get around. Europe has put out a lot of legislation that tech hates, some good, some bad. But tech complies. The government contracts thing won’t hurt - it could possibly help legislation come about in one way: if government contracts force a handful of companies to do something, at least that shows the thing can be done. That’s kind of important because tech loves to complain that what this legislation calls for will be impossible!