Why developers cannot embed privacy into software systems?: An empirical investigation

Pervasive use of software applications continue to challenge user privacy when users interact with software systems. Even though privacy practices such as Privacy by Design (PbD), have clear instructions for software developers to embed privacy into software designs, those practices are yet to become a common practice among software developers. The difficulty of developing privacy preserving software systems highlights the importance of investigating software developers and the problems they face when they are asked to embed privacy into application designs. Software developers are the community who can put practices such as PbD into action. Therefore identifying the problems they face when embedding privacy into software applications and providing solutions to those problems are important to enable the development of privacy preserving software systems. This study investigates 36 software developers in a software design task with instructions to embed privacy in order to identify the problems they face. We derive recommendation guidelines to address the problems to enable the development of privacy preserving software systems.

[1]  Eran Toch,et al.  Privacy by designers: software developers’ privacy mindset , 2018, 2018 IEEE/ACM 40th International Conference on Software Engineering (ICSE).

[2]  Walid Maalej,et al.  Us and them: a study of privacy requirements across north america, asia, and europe , 2014, Software Engineering & Management.

[3]  Michelle L. Mazurek,et al.  Security Developer Studies with GitHub Users: Exploring a Convenience Sample , 2017, SOUPS.

[4]  Charles W. Butler,et al.  Choice of Software Development Methodologies: Do Organizational, Project, and Team Characteristics Matter? , 2016, IEEE Software.

[5]  A. Cavoukian,et al.  Privacy by Design: essential for organizational accountability and strong business practices , 2010 .

[6]  Naomi B. Lefkovitz,et al.  An Introduction to Privacy Engineering and Risk Management in Federal Information Systems , 2017 .

[7]  Deirdre K. Mulligan,et al.  Eliciting Values Reflections by Engaging Privacy Futures Using Design Workbooks , 2017, Proc. ACM Hum. Comput. Interact..

[8]  Jeff Sedayao,et al.  Making Big Data, Privacy, and Anonymization Work Together in the Enterprise: Experiences and Issues , 2014, 2014 IEEE International Congress on Big Data.

[9]  N. Leech,et al.  On Becoming a Pragmatic Researcher: The Importance of Combining Quantitative and Qualitative Research Methodologies , 2005 .

[10]  Tasha Glenn,et al.  Privacy in the Digital World: Medical and Health Data Outside of HIPAA Protections , 2014, Current Psychiatry Reports.

[11]  Bashar Nuseibeh,et al.  Distilling privacy requirements for mobile applications , 2014, ICSE.

[12]  José M. del Álamo,et al.  Privacy Engineering: Shaping an Emerging Field of Research and Practice , 2016, IEEE Security & Privacy.

[13]  A. Strauss,et al.  Grounded theory , 2017 .

[14]  Asunción Esteve,et al.  The business of personal data: Google, Facebook, and privacy issues in the EU and the USA , 2017 .

[15]  Kumekawa Jk Health information privacy protection: crisis or common sense? , 2001 .

[16]  Bashar Nuseibeh,et al.  Engineering adaptive privacy: On the role of privacy awareness requirements , 2013, 2013 35th International Conference on Software Engineering (ICSE).

[17]  Aniket Kittur,et al.  Crowdsourcing user studies with Mechanical Turk , 2008, CHI.

[18]  Josep Domingo-Ferrer,et al.  Privacy and Data Protection by Design - from policy to engineering , 2014, ArXiv.

[19]  Nalin Asanka Gamagedara Arachchilage,et al.  Understanding Organizational Approach towards End User Privacy , 2017, ArXiv.

[20]  Janne Lindqvist,et al.  Should I Protect You? Understanding Developers' Behavior to Privacy-Preserving APIs , 2014 .

[21]  Sarah Spiekermann,et al.  The challenges of privacy by design , 2012, Commun. ACM.

[22]  J. Kendall Axial Coding and the Grounded Theory Controversy , 1999, Western journal of nursing research.

[23]  Wouter Joosen,et al.  LIND(D)UN privacy threat tree catalog , 2014 .

[24]  Simson L. Garfinkel,et al.  Comparing the Usability of Cryptographic APIs , 2017, 2017 IEEE Symposium on Security and Privacy (SP).

[25]  Bonnie Kaplan,et al.  Selling Health Data , 2015, Cambridge Quarterly of Healthcare Ethics.

[26]  Eran Toch,et al.  How Developers Make Design Decisions about Users' Privacy: The Place of Professional Communities and Organizational Climate , 2017, CSCW Companion.

[27]  Laura A. Dabbish,et al.  "My Data Just Goes Everywhere: " User Mental Models of the Internet and Implications for Privacy and Security , 2015, SOUPS.

[28]  A. Pfitzmann,et al.  A terminology for talking about privacy by data minimization: Anonymity, Unlinkability, Undetectability, Unobservability, Pseudonymity, and Identity Management , 2010 .

[29]  Daniel J. Solove,et al.  Information Privacy Law , 2003 .

[30]  Michelle L. Mazurek,et al.  You are Not Your Developer, Either: A Research Agenda for Usable Security and Privacy Research Beyond End Users , 2016, 2016 IEEE Cybersecurity Development (SecDev).

[31]  Naomi B. Lefkovitz,et al.  An Introduction to Privacy Engineering and Risk Management in Federal Systems , 2017 .

[32]  J. Kumekawa,et al.  Health information privacy protection: crisis or common sense? , 2001, Online journal of issues in nursing.

[33]  Graham R. Gibbs,et al.  Qualitative Data Analysis: Explorations with NVivo , 2002 .

[34]  Sarah Spiekermann,et al.  A systematic methodology for privacy impact assessments: a design science approach , 2014, Eur. J. Inf. Syst..

[35]  Alessandro Acquisti,et al.  Expecting the Unexpected: Understanding Mismatched Privacy Expectations Online , 2016, SOUPS.