Paper Number
ICIS2025-1833
Paper Type
Complete
Abstract
The responsibility of writing privacy-compliant code largely falls on software developers, who are tasked with adhering to privacy constraints via privacy requirements. The communication, interpretation, and implementation of privacy requirements introduce several challenges for developers in balancing technical constraints with legal demands. While a body of work exists studying the various methods in which privacy requirements can be represented, there remains little research on measuring developer preferences regarding such requirements. We address this gap with a three-part investigation, beginning with a tertiary literature review of relevant approaches and their associated properties. This is followed by 21 semi-structured interviews and an online survey with 103 developers, which yield insights into the challenges, needs, and preferences of developers when handling privacy requirements. Our work augments existing research with practical perspectives from Germany and concludes by proposing a set of recommendations for the clear documentation of privacy requirements for developers.
Recommended Citation
Frank, Maximilian Josef; Meisenbacher, Stephen; Klymenko, Alexandra; and Matthes, Florian, "Investigating Developer Preferences for the Documentation of Privacy Requirements: Perspectives from Germany" (2025). ICIS 2025 Proceedings. 10.
https://aisel.aisnet.org/icis2025/cyb_security/cyb_security/10
Investigating Developer Preferences for the Documentation of Privacy Requirements: Perspectives from Germany
The responsibility of writing privacy-compliant code largely falls on software developers, who are tasked with adhering to privacy constraints via privacy requirements. The communication, interpretation, and implementation of privacy requirements introduce several challenges for developers in balancing technical constraints with legal demands. While a body of work exists studying the various methods in which privacy requirements can be represented, there remains little research on measuring developer preferences regarding such requirements. We address this gap with a three-part investigation, beginning with a tertiary literature review of relevant approaches and their associated properties. This is followed by 21 semi-structured interviews and an online survey with 103 developers, which yield insights into the challenges, needs, and preferences of developers when handling privacy requirements. Our work augments existing research with practical perspectives from Germany and concludes by proposing a set of recommendations for the clear documentation of privacy requirements for developers.
When commenting on articles, please be friendly, welcoming, respectful and abide by the AIS eLibrary Discussion Thread Code of Conduct posted here.
Comments
09-Cybersecurity