Computer Science

Evaluating Privacy Perceptions, Experience, and Behavior of Software Development Teams

M. Prybylo, S. Haghighi, et al.

A mixed-method survey of 362 SDLC practitioners reveals how product managers, developers, and testers interpret and practice privacy, highlighting gaps in knowledge and uneven familiarity with concepts like anonymization. The study finds reliance on self-teaching and forums, stronger awareness of GDPR and HIPAA, and top concern about multi-jurisdictional compliance. The results call for role-dependent solutions, holistic privacy across the SDLC, and targeted education. This research was conducted by Maxwell Prybylo, Sara Haghighi, Sai Teja Peddinti, and Sepideh Ghanavati.... show more

Abstract

With the increase in the number of privacy regulations, small development teams are forced to make privacy decisions on their own. In this paper, we conduct a mixed-method survey study, including statistical and qualitative analysis, to evaluate the privacy perceptions, practices, and knowledge of members involved in various phases of the Software Development Life Cycle (SDLC). Our survey includes 362 participants from 23 countries, encompassing roles such as product managers, developers, and testers. Our results show diverse definitions of privacy across SDLC roles, emphasizing the need for a holistic privacy approach throughout SDLC. We find that software teams, regardless of their region, are less familiar with privacy concepts (such as anonymization), relying on self-teaching and forums. Most participants are more familiar with GDPR and HIPAA than other regulations, with multi-jurisdictional compliance being their primary concern. Our results advocate the need for role-dependent solutions to address the privacy challenges, and we highlight research directions and educational takeaways to help improve privacy-aware SDLC.

Publisher

USENIX Symposium on Usable Privacy and Security (SOUPS) 2024 Proceedings

Published On

Aug 12, 2024

Authors

Maxwell Prybylo, Sara Haghighi, Sai Teja Peddinti, Sepideh Ghanavati

DOI

https://doi.org/10.48550/arXiv.2404.01283

Related Publications

Explore these studies to deepen your understanding of the subject.

Business

Privacy paradox in 3D body scanning technology: the effect of 3D virtual try-on experience in the relationship between privacy concerns and mobile app adoption intention

S. Youn, J. Hwang, et al.

Environmental Studies and Forestry

Mechanism of attitude, subjective norms, and perceived behavioral control influence the green development behavior of construction enterprises

X. Li, J. Dai, et al.

Education

Science teachers' collaborative innovative activities: the role of professional development and professional experience

P. Pečiuliauskienė, L. Kaminskienė, et al.

Medicine and Health

Development of prediction models for screening depression and anxiety using smartphone and wearable-based digital phenotyping: protocol for the Smartphone and Wearable Assessment for Real-Time Screening of Depression and Anxiety (SWARTS-DA) observational study in Korea

Y. Shin, A. Y. Kim, et al.

Listen, Learn & Level Up

Over 10,000 hours of research content in 25+ fields, available in 22+ languages.

No more digging through PDFs, just hit play and absorb the world's latest research in your language, on your time.

listen to research audio papers with researchbunny