In Steve Sanderson's video showing off the prototype (https://www.youtube.com/watch?v=48G_CEGXZZM) he mentions around the 2min 15s mark that SSR has no websockets/SignalR or even JS required. From what I could gather, websockets will kick in when an interactive blazor component needs it. And there will be the option start downloading the WASM/DLLs in the background. When WASM is ready your app will switch from websockets to WASM. Hopefully that switch will be 'live', but in the demo it looked like a page refresh was required
To say it's complicated is an understatement, there are literally entire books written about it [1]. It's rarely that simple but if one act states X is allowed and another act of the same jurisdiction states the exact opposite (assuming both laws are legally valid), then the most recent law prevails. The principle behind it is that the current parliament/legislature shouldn't be able restrict what future parliaments make laws on (the exception being the Constitution). Otherwise the government of today could make a law thats says 'X is illegal and no law can ever change this'.
Unless there's something I've missed entirely in the regulation, there's nothing that says the data loses its restrictions once it moved. Happy to be corrected and pointed to the specific clause, I just don't see it.
Section 3: "COVID app data is data relating to a person that...has been collected or generated through the operation of an app... and is, or has been, stored on a mobile telecommunications device." The data is defined by its origin, not its current location. The protections apply wherever it currently is.
Section 8: "A person must not decrypt encrypted COVID app data that is stored on a mobile telecommunications device"
Using your scenario, part two would be illegal (s8 especially) and the data request in part 3 should be rejected. The bigger problem is that's what _should_ happen. Whether it's enforced is another story...
> For example, the minister said that even in the event of a crime, the data could not be used. However, two parts combine that show actually, they can.
That's incorrect. The only crime that could be a valid reason for using the data is a breach of the emergency biosecurity laws [6(2)(d)] (also see s477 of the Biosecurity Act 2015 (Cth)).
Two common legal 'tools' are inclusive clauses and exhaustive clauses. An inclusive clause lists examples of what a section of legislation or a contract applies to, but it's not a complete list. You may have seen something like this in an employment contract, where the contract lists out your roles and responsibilities with a list that starts with "including, but not limited to: ". E.g the items listed definitely apply but there may be more other items that are not listed.
Exhaustive clauses are the opposite, if it's not expressly stated in the list, it doesn't apply.
Part 2 limits how the data can be collected and used by using an exhaustive clause, i.e. section 6(2).
Breaking it down, section 6(1) states: 'A person must not collect, use or disclose COVID app data except as provided by subsection (2).' So unless the reason is expressly listed under subsection 6(2), it cannot be used/collected.
Very roughly paraphrasing the reasons in 6(2):
- 6(2)(a): The person is a State/Territory HEALTH official (i.e. not law enforcement) AND the reason for is contact tracing only
- 6(2)(b): The person is an employee/officer/contractor of the Health Department or Digital Transformation Agency (DTA) to help a Health employee with contact tracing, or to ensure the app / data store is functioning properly. E.g Devs bug fixing the app, API etc
- 6(2)(c) Moving encrypted data from a mobile to the CovidSafe database
- 6(2)(d) Investigating an offence of the emergency biosecurity laws
- 5(2)(e) Using data for 'de-identified' statistics
So going back to the grandparent comment, it's not correct say that the regulation has no effect due to the previous laws that weaken privacy. In fact the wording for the valid uses is refreshingly restrictive. E.g using '..[for the] purpose of, and only to the extent required for the purpose of' and not just 'for the purpose of' is a cue for the courts to interpret the use case quite restrictively.
With all that said, this may be all well and good in theory, but it remains to be seen if the Government can enforce these restrictions in practice. There are some very valid concerns about that. However that's for another conversation/thread.
Interpreting legislation without any common law / precedence is difficult. However as a general rule, if there are two laws that are conflicting (such as previous anti-privacy laws vs the proposed safeguards) the most recent enacted law applies, especially if it is specific. So while I’m by no means a fan of the erosion of privacy that this government has done previously, the proposed safeguards would be effective and not just empty words (at least legally speaking). Also I’m being pedantic, but you repeal Acts, not bills. A Bill is proposed legislation that isn’t law yet
When meetings have no predefined goal or agenda. They tend to go overtime and usually digress into semi-related topics that aren't the reason why the meeting was needed in the first place. Most of the people there are completely bored as the conversation now has no relevance to their work and it's just so frustrating as it's burning people's valuable time. On the flip side, I've had some great and productive meetings when there's been a designated 'meeting leader'. E.g someone responsible for clearly communicating the meeting's goal and keeping the conversation focused on that. Bonus points if they actively promote participation from everyone in the room so the conversation isn't hijacked by just a few people. Triple bonus points if they extract any action items out of the conversation and help the team agree who should take ownership of that item after the meeting ends
I am in a very similar situation to you, I'm a full stack developer (slightly stronger at frontend) that used to do a lot of Ruby on Rails work, but I've been looking for a statically typed backend framework to specialise in.
Hopefully some of my research / bike shedding / procrastination will be helpful to you :) I've been trying different backends to find the 'perfect' stack that's statically typed (spoiler: no stack/language is perfect). I've had a mix of personal and commercial experience with Spring Boot, Go and .NET Core.
Big Disclaimer: My observations are completely subjective and personal so YMMV.
Spring Boot and Kotlin:
I REALLY like Kotlin as a language, though Spring Boot felt heavy and sluggish from a developer productivity standpoint. This could be my inexperience with Spring and the JVM ecosystem, though I've also read comments on Hacker News that roughly say the same thing (1). I've also read that the heavy use of annotations in Spring Boot are great initially, but it creates headaches for more complex projects. The Maven/Gradle package management experience wasn't great either when compared to RubyGems/NPM. I also tried Kotlin + Ktor(2) on a personal project. It felt better, but at the time it was hard to find solutions to problems on Stackoverflow or the web.
Go:
I briefly worked on a project that used Go + Gin. I loved the simplicity of Go and features like concurrency and the built in code formatter. Though at times code felt a little too low-level when implementing business logic such as model validation etc. I missed language features such as generics, null checks and discriminated unions that other languages have. Handling errors also felt tedious at times. However I completely understand the appeal of keeping the core language simple.
.NET Core:
I'm probably the most torn about .NET Core. I've always preferred a *nix/Mac system and borderline hated Microsoft during the Balmer years. However C# is a properly good language (though not quite as nice as Kotlin) and the .NET Core standard library feels well designed. There are new features coming in C# 9 like discriminated unions (sealed classed in Kotlin) and records (data classes in Kotlin) that will make it even better. It's not all great, I found unit testing is much more tedious in C#, especially compared to something like Jest or RSpec. Mocking/stubbing was especially difficult as you can't easily override a method unless it's tagged as 'virtual'. One way around it is to use interfaces for the argument type, however this can cause your project to be scatted with pointless interfaces that are only used to overcome this restriction (3).
ASP.NET Core overall is very nice to work with and it's blazingly fast (4). It does have remnants of some enterprisey cruft, but overall I found it very productive to work with. Using VS Code and Jetbrain's Rider made coding on a Mac a breeze though full Visual Studio for Mac is pretty awful.
But here's biggest issue with .NET Core: while it's truely cross-platform and open source, I found the broader .NET ecosystem and community is yet to embrace this. I'm not sure if it ever will completely. The vast majority of YouTube videos and articles I've read assume you're using Visual Studio on Windows. That makes sense, as a 2019 Jetbrains survey indicated that 90% of C#/.NET developers use Windows (5). But if Windows is your jam, this might not be an issue for you.
I also have the strong feeling that Microsoft's strategy for an open sourced .NET is to push the use of Azure for hosting. While it's definitely possible to deploy a .NET Core application to AWS or GCP I worry that Microsoft will always have a bias (even if it's unintentional) to make .NET Core be better on Azure and have soft lock-in. E.g .NET Core will run on any cloud provider, but you'll get the most of it if you're running on Azure.
All of these frameworks were weak in the REPL department. One of the great things about Ruby/Rails and Python/Django is the interactive console. There have been countless times when I've SSH'd into a production box to manually trigger a password reset for a user, or use the ORM to run a one-off report for a product manager. I couldn't find anything close in statically typed frameworks. Because of that I'm quite liking the combo of Python + typings + FastAPI (6) for personal projects. It's not perfect but it's ticking most of the boxes for what I'm looking for.
Again I can't stress enough that this is all my biased personal opinion influenced by how I like to code and my strengths and weaknesses as a developer. But hopefully it will help you in choosing a language/framework that you'll enjoy. Another thing to keep in mind is the amount jobs available for each stack near where you live.