Why are Developers Struggling to Put GDPR into Practice when Developing Privacy-Preserving Software Systems?

by   Abdulrahman Alhazmi, et al.

The use of software applications is inevitable as they provide different services to users. The software applications collect, store users' data, and sometimes share with the third party, even without the user consent. One can argue that software developers do not implement privacy into the software applications they develop or take GDPR (General Data Protection Law) law into account. Failing to do this, may lead to software applications that open up privacy breaches (e.g. data breach). The GDPR law provides a set of guidelines for developers and organizations on how to protect user data when they are interacting with software applications. Previous research has attempted to investigate what hinders developers from embedding privacy into software systems. However, there has been no detailed investigation on why they cannot develop privacy-preserving systems taking GDPR into consideration, which is imperative to develop software applications that preserve privacy. Therefore, this paper investigates the issues that hinder software developers from implementing software applications taking GDPR law on-board. Our study findings revealed that developers are not familiar with GDPR principles. Even some of them are, they lack knowledge of the GDPR principles and their techniques to use when developing privacy-preserving software systems


page 1

page 2

page 3

page 4


Why developers cannot embed privacy into software systems? An empirical investigation

Pervasive use of software applications continues to challenge user priva...

Understanding Software Developers' Approach towards Implementing Data Minimization

Data Minimization (DM) is a privacy practice that requires minimizing th...

I'm all Ears! Listening to Software Developers on Putting GDPR Principles into Software Development Practice

Previous research has been carried out to identify the impediments that ...

DynSGX: A Privacy Preserving Toolset for Dynamically Loading Functions into Intel(R) SGX Enclaves

Intel(R) Software Guard eXtensions (SGX) is a hardware-based technology ...

Why Johnny Can't Develop Mobile Crowdsourcing Applications with Location Privacy

Mobile crowdsourcing (MCS) relies on users' devices as sensors to perfor...

Developers' Privacy Education: A game framework to stimulate secure coding behaviour

Software privacy provides the ability to limit data access to unauthoriz...

AMR:Autonomous Coin Mixer with Privacy Preserving Reward Distribution

It is well known that users on open blockchains are tracked by an indust...

Please sign up or login with your details

Forgot password? Click here to reset