Why developers cannot embed privacy into software systems? An empirical investigation (1805.09485v2)

Abstract: Pervasive use of software applications continues to challenge user privacy when users interact with software systems. Even though privacy practices such as Privacy by Design (PbD), have clear in- structions for software developers to embed privacy into software designs, those practices are yet to become a common practice among software developers. The difficulty of developing privacy preserv- ing software systems highlights the importance of investigating software developers and the problems they face when they are asked to embed privacy into application designs. Software devel- opers are the community who can put practices such as PbD into action. Therefore, identifying problems they face when embed- ding privacy into software applications and providing solutions to those problems are important to enable the development of privacy preserving software systems. This study investigates 36 software developers in a software design task with instructions to embed privacy in order to identify the problems they face. We derive rec- ommendation guidelines to address the problems to enable the development of privacy preserving software systems.