TY - JOUR
T1 - The perspective of Brazilian software developers on data privacy
AU - Peixoto, Mariana
AU - Ferreira, Dayse
AU - Cavalcanti, Mateus
AU - Silva, Carla
AU - Vilela, Jéssyka
AU - Araújo, João
AU - Gorschek, Tony
N1 - info:eu-repo/grantAgreement/FCT/6817 - DCRRNI ID/UID%2FCEC%2F04516%2F2019/PT#
Funding Information:
Part of this study was funded by the Coordenação de Aperfeiçoamento de Pessoal de Nível Superior — Brasil (CAPES) (Finance Code 001 ), and the KKS foundation Profile Project ReThought.se.
Publisher Copyright:
© 2022 Elsevier Inc.
PY - 2023/1
Y1 - 2023/1
N2 - Context: Maintaining the privacy of user data is a concern in software development to satisfy customer needs or to comply with privacy laws. Recent studies have shown that software development approaches still neglect non-functional requirements, including privacy. Concern about privacy may increase in the period between when a privacy law is initially announced and when it is passed into law. During this period, companies will be challenged to comply with the new law. Research has shown that many developers do not have sufficient knowledge to develop privacy-preserving software systems. Objective: We investigate the level of knowledge and understanding that developers possess regarding privacy. We explore the personal, behavioural, and external environmental factors affecting a developer's decision-making regarding privacy requirements. Methods: We replicated a study by means of in-depth, semi-structured interviews with thirteen practitioners at six companies. Our data analysis is based on the principles of ‘grounded theory codification’. Results: We identified nine personal factors, five behavioural factors, and seven external environment factors that are relevant to how software developers make decisions regarding. Conclusion: Our identification of factors that influence the development of privacy-preserving software systems can be seen as a contribution to the specification of effective methods for securing privacy.
AB - Context: Maintaining the privacy of user data is a concern in software development to satisfy customer needs or to comply with privacy laws. Recent studies have shown that software development approaches still neglect non-functional requirements, including privacy. Concern about privacy may increase in the period between when a privacy law is initially announced and when it is passed into law. During this period, companies will be challenged to comply with the new law. Research has shown that many developers do not have sufficient knowledge to develop privacy-preserving software systems. Objective: We investigate the level of knowledge and understanding that developers possess regarding privacy. We explore the personal, behavioural, and external environmental factors affecting a developer's decision-making regarding privacy requirements. Methods: We replicated a study by means of in-depth, semi-structured interviews with thirteen practitioners at six companies. Our data analysis is based on the principles of ‘grounded theory codification’. Results: We identified nine personal factors, five behavioural factors, and seven external environment factors that are relevant to how software developers make decisions regarding. Conclusion: Our identification of factors that influence the development of privacy-preserving software systems can be seen as a contribution to the specification of effective methods for securing privacy.
KW - Empirical study
KW - Privacy requirements
KW - Software development
UR - http://www.scopus.com/inward/record.url?scp=85139857676&partnerID=8YFLogxK
U2 - 10.1016/j.jss.2022.111523
DO - 10.1016/j.jss.2022.111523
M3 - Article
AN - SCOPUS:85139857676
SN - 0164-1212
VL - 195
JO - Journal of Systems and Software
JF - Journal of Systems and Software
M1 - 111523
ER -