Download this Paper Open PDF in Browser

Privacy by Designers: Software Developers’ Privacy Mindset

Empirical Software Engineering DOI 10.1007/s10664-017-9517-1 (2017 Forthcoming)

2 Pages Posted: 1 Apr 2014 Last revised: 26 May 2017

Irit Hadar

University of Haifa - Information Systems Department

Tomer Hasson

University of Haifa - Information Systems Department

Oshrat Ayalon

Tel Aviv University

Eran Toch

Tel Aviv University - Department of Industrial Engineering

Michael Birnhack

Tel Aviv University - Buchmann Faculty of Law

Sofia Sherman

University of Haifa

Arod Balissa

Independent

Date Written: March 24, 2014

Abstract

Privacy by design (PbD) is a policy measure that guides software developers to apply inherent solutions to achieve better privacy protection. For PbD to be a viable option, it is important to understand developers’ perceptions, interpretation and practices as to informational privacy (or data protection). To this end, we conducted in-depth interviews with 27 developers from different domains, who practice software design. Grounded analysis of the data revealed an interplay between several different forces affecting the way in which developers handle privacy concerns. Borrowing the schema of Social Cognitive Theory (SCT), we classified and analyzed the cognitive, organizational and behavioral factors that play a role in developers’ privacy decision making.

Our findings indicate that developers use the vocabulary of data security to approach privacy challenges, and that this vocabulary limits their perceptions of privacy mainly to third-party threats coming from outside of the organization; that organizational privacy climate is a powerful means for organizations to guide developers toward particular practices of privacy; and that software architectural patterns frame privacy solutions that are used throughout the development process, possibly explaining developers’ preference of policy-based solutions to architectural solutions.

Further, we show, through the use of the SCT schema for framing the findings of this study, how a theoretical model of the factors that influence developers’ privacy practices can be conceptualized and used as a guide for future research toward effective implementation of PbD.

Keywords: privacy, information systems, privacy-by-design, designers' perceptions, information systems design, empirical study, qualitative research

Suggested Citation

Hadar, Irit and Hasson, Tomer and Ayalon, Oshrat and Toch, Eran and Birnhack, Michael and Sherman, Sofia and Balissa, Arod, Privacy by Designers: Software Developers’ Privacy Mindset (March 24, 2014). Empirical Software Engineering DOI 10.1007/s10664-017-9517-1 (2017 Forthcoming). Available at SSRN: https://ssrn.com/abstract=2413498 or http://dx.doi.org/10.2139/ssrn.2413498

Irit Hadar

University of Haifa - Information Systems Department ( email )

Mount Carmel
Haifa, 31905
Israel

Tomer Hasson

University of Haifa - Information Systems Department ( email )

Mount Carmel
Haifa, 31905
Israel

Oshrat Ayalon

Tel Aviv University ( email )

Ramat Aviv
Tel-Aviv, 6997801
Israel

Eran Toch (Contact Author)

Tel Aviv University - Department of Industrial Engineering ( email )

Tel Aviv 6997801
Israel

Michael D. Birnhack

Tel Aviv University - Buchmann Faculty of Law ( email )

Ramat Aviv
Tel Aviv 69978, IL
Israel
+972-3-640-6623 (Phone)

Sofia Sherman

University of Haifa ( email )

Mount Carmel
Haifa, 31905
Israel

Arod Balissa

Independent ( email )

No Address Available

Paper statistics

Downloads
25
Abstract Views
1,543