• Benjaben@lemmy.world
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 month ago

    That’s fair, and government work can feel kind of like its own parallel business ecosystem in some ways. Sort of like how most of us think of the shops and businesses that are visible to us but not the massive B2B ecosystem just under the surface.

    But I think the hope is that gov can standardize and define a certain net positive thing, and use its contracts to start requiring that thing, slowly making it more widespread and therefore common. Ideally the kinks get ironed out over time, and eventually it’s in a state where you can make the leap and start to require it be in place for any application / service above a certain user count.

    Bit pie in the sky, but we should be at least trying to find ways to use govt to improve our situation. Things at policy level that don’t require chronically status quo politicians to vote in our best interests.

    • demesisx@infosec.pub
      link
      fedilink
      English
      arrow-up
      11
      ·
      28 days ago

      You make great points. The problem is, our demagogues work directly for those corporations. So, the demands of corporations will always favor corporations until corporations aren’t considered constituents (which has been true since Citizens United in the US).

    • scarabic@lemmy.world
      link
      fedilink
      English
      arrow-up
      4
      ·
      1 month ago

      I’ve had to implement wave after wave of compliance with European laws in the last several years. We tend to just comply with something like GDPR everywhere because that’s simpler and it’s a best practice. But without the teeth of legislation we’d never bother. There’s always too much to do. I would have a hard time doing something that’s better for consumers but takes a lot of effort or might even undermine our ability to monetize as aggressively as we choose to. Not without those teeth. Not a chance. Even with teeth, tech companies often find some shitty way to meet the minimum bar but really do nothing. We must offer an API? Okay. It has almost nothing in it, but enough to say we did something. We’d never stand up an API that competitors or scammers could benefit from.

      • Benjaben@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 month ago

        Oof, well, point taken and sorry for your loss lol. I hear where you’re coming from. And I’m sure we’d get a worst of both worlds situation here in the US where we spent a ton of time and money developing whatever standards and definitions, and then we make it an optional guideline like you’re saying and it never goes anywhere.

        Dunno. The fundamental problem is tech is always able to move faster and smarter than legislation.

        • scarabic@lemmy.world
          link
          fedilink
          English
          arrow-up
          2
          ·
          edit-2
          1 month ago

          If I’m saying anything, it’s that legislation is the one thing tech can’t get around. Europe has put out a lot of legislation that tech hates, some good, some bad. But tech complies. The government contracts thing won’t hurt - it could possibly help legislation come about in one way: if government contracts force a handful of companies to do something, at least that shows the thing can be done. That’s kind of important because tech loves to complain that what this legislation calls for will be impossible!

          • Benjaben@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            30 days ago

            I think we’re on the same page :)

            I’m mostly describing an idea where the contracts approach takes care of the necessary iteration to get a given tech policy sorted, and then legislation comes in to require it.

            My country can’t even get some basic stuff done, though, so realistically I may as well be writing fan-fic, lol

            • scarabic@lemmy.world
              link
              fedilink
              English
              arrow-up
              1
              ·
              29 days ago

              contracts approach takes care of the necessary iteration to get a given tech policy sorted

              Yeah that could be of use.

    • futatorius@lemm.ee
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 month ago

      Interoperability is a big job, but the extent to which it matters varies widely according to the use case. There are layers of standards atop other standards, some new, some near deprecation. There are some extremely large and complex datasets that need a shit-ton of metadata to decipher or even extract. Some more modern dataset standards have that metadata baked into the file, but even then there are corner cases. And the standards for zero-trust security enclaves, discoverability, non-repudiation, attribution, multidimensional queries, notification and alerting, pub/sub are all relatively new, so we occasionally encounter operational situations that the standards authors didn’t anticipate.