Why developers cannot embed privacy into software systems? An empirical investigation
This addresses the challenge of enabling developers to implement privacy practices like Privacy by Design, which is crucial for improving user privacy in software systems, but the approach is incremental as it focuses on empirical identification of existing problems.
The study investigated why software developers struggle to embed privacy into software systems by analyzing 36 developers in a design task, identifying problems they face and deriving recommendation guidelines to address these issues.
Pervasive use of software applications continues to challenge user privacy when users interact with software systems. Even though privacy practices such as Privacy by Design (PbD), have clear in- structions for software developers to embed privacy into software designs, those practices are yet to become a common practice among software developers. The difficulty of developing privacy preserv- ing software systems highlights the importance of investigating software developers and the problems they face when they are asked to embed privacy into application designs. Software devel- opers are the community who can put practices such as PbD into action. Therefore, identifying problems they face when embed- ding privacy into software applications and providing solutions to those problems are important to enable the development of privacy preserving software systems. This study investigates 36 software developers in a software design task with instructions to embed privacy in order to identify the problems they face. We derive rec- ommendation guidelines to address the problems to enable the development of privacy preserving software systems.