I’m all ears! Listening to software developers on putting GDPR principles into software development practice

被引:0
作者
Alhazmi A. [1 ]
Arachchilage N.A.G. [1 ,2 ]
机构
[1] School of Engineering and Mathematical Sciences, La Trobe University, Melbourne
[2] School of Computer Science, The University of Auckland, Auckland
来源
Arachchilage, Nalin Asanka Gamagedara (nalin.arachchilage@gmail.com) | 1600年 / Springer Science and Business Media Deutschland GmbH卷 / 25期
关键词
GDPR; Privacy; Secure software engineering; Software developers; Usable security;
D O I
10.1007/s00779-021-01544-1
中图分类号
学科分类号
摘要
Previous research has been carried out to identify the impediments that prevent developers from incorporating privacy protocols into software applications. No research has been carried out to find out why developers are not able to develop systems that preserve privacy while specifically considering the General Data Protection Regulation principles (GDPR principles). Consequently, this paper aims to examine the issues, which prevent developers from creating applications, which consider and include GDPR principles into their software systems. From our research findings, we identified the lack of familiarity with GDPR principles by developers as one of the obstacles that prevent GDPR onboarding. Those who were familiar with the principles did not have the requisite knowledge about the principles including their techniques. Developers focused on functional than on privacy requirements. Unavailability of resourceful online tools and lack of support from institutions and clients were also identified as issues inimical to the onboarding of GDPR principles. © 2021, Crown.
引用
收藏
页码:879 / 892
页数:13
相关论文
共 37 条
[1]  
Pearson S., Benameur A., Privacy, security and trust issues arising from cloud computing, 2010 IEEE Second International Conference on Cloud Computing Technology and Science. IEEE, pp. 693-702, (2010)
[2]  
van Kleek M., Liccardi I., Binns R., Zhao J., Weitzner D.J., Shadbolt N., Better the devil you know: Exposing the data sharing practices of smart phone apps, Proceedings of the 2017 CHI Conference on Human Factors in Computing Systems, pp. 5208-5220, (2017)
[3]  
Schwerin S., Blockchain and privacy protection in the case of the European general data protection regulation (GDPR): a Delphi study, J Br Blockchain Asso, 1, 1, (2018)
[4]  
Pandit H.J., O'Sullivan D., Lewis D., GDPR data interoperability model, 23Rd EURAS Annual Standardisation Conference, (2018)
[5]  
Kappelman L., Johnson V., Torres R., Maurer C., McLean E., A study of information systems issues, practices, and leadership in Europe, Eur J Inf Syst, 28, 1, pp. 26-42, (2019)
[6]  
Rajendran D.P.D., Rangaraja P.S., An e-ADR (Elaborated action design research) approach towards game-based learning in cybersecurity incident detection and handling, Proceedings of the 53Rd Hawaii International Conference on System Sciences, (2020)
[7]  
Khan N.A., Brohi S.N., Zaman N., Ten Deadly Cyber Security Threats Amid COVID-19 Pandemic, (2020)
[8]  
Over 1/3 of Professionals are Worried Zoom Compromised Their Information, (2020)
[9]  
Hu M., Cambridge Analytica’s black box, Big Data Soc, 7, 2, (2020)
[10]  
Senarath A., Arachchilage N.A., Why developers cannot embed privacy into software systems? An empirical investigation, Proceedings of the 22Nd International Conference on Evaluation and Assessment in Software Engineering, pp. 211-216, (2018)
1234