A Systematic Mapping Study on Privacy by Design in Software Engineering

Authors

  • Miguel Ehecatl Morales-Trujillo University of Canterbury
  • Gabriel Alberto García-Mireles Departamento de Matemáticas, Universidad de Sonora
  • Erick Orlando Matla-Cruz Posgrado de la Facultad de Medicina, Universidad Nacional Autónoma de México,
  • Mario Piattini Alarcos Research Group, University of Castilla – La Mancha

DOI:

https://doi.org/10.19153/cleiej.22.1.4

Keywords:

privacy by design, software engineering, software development, systematic mapping study, GDPR

Abstract

Protecting personal data in current software systems is a complex issue that requires legal regulations and constraints to manage personal data as well as a methodological support to develop software systems that would safeguard data privacy of their respective users. Privacy by Design (PbD) approach has been proposed to address this issue and has been applied to systems development in a variety of application domains. The aim of this work is to determine the presence of PbD and its extent in software development efforts. A systematic mapping study was conducted in order to identify relevant literature that collects PbD principles and goals in software development as well as methods and/or practices that support privacy aware software development. 53 selected papers address PbD mostly from a theoretical perspective with proposals validation based primarily on experiences or examples. The findings suggest that there is a need to develop privacy-aware methods to be integrated at all stages of software development life cycle and validate them in industrial settings.

References

[1] Warren, S. and Brandeis, L.: The Right to Privacy. Harvard Law Review, Vol. 4, No. 5, pp. 193-220 (1890)
[2] Altman, I.: Privacy: A Conceptual Analysis. Environment and Behavior, Vol. 8, No. 1, pp.: 7-29 (1976)
[3] Nissenbaum, H.: Privacy in Context: technology, Policy, and the Integrity of Social Life. Stanford University Press, ISBN: 978-0-8047-5236-7 (2010)
[4] Palen, L. and Dourish, P.: Unpacking “Privacy” for a Networked World. In Proceedings of CHI, ACM, Ft. Lauderdale, Florida, USA, ISBN: 1-58113-630-7/03/0004 (2003)
[5] Hildebrandt, M. and Koops, B-J.: The challenges of ambient law and legal protection in the profiling era. Mod Law Rev 73(3):428–460 (2010)
[6] Cavoukian, A.: Privacy by Design: The 7 Foundational Principles. Information and Privacy Commissioner of Ontario (2009)
[7] Klitou, D.: Privacy-Invading Technologies and Privacy by Design. Information Technology and Law Series, Vol. 25, pp 27-45, 978-94-6265-026-8 (2014)
[8] Cavoukian A.: Privacy by Design: Leadership, Methods, and Results. In: Gutwirth S., Leenes R., de Hert P., Poullet Y. (eds) European Data Protection: Coming of Age. Springer, Dordrecht, pp. 175-202 (2013)
[9] Cavoukian, A.: Operationalizing privacy by design: A guide to implementing strong privacy practices. Information and Privacy Commissioner, Ontario, Canada. Retrieved on Dec, 6, 2017 from: http://www.ontla.on.ca/library/repository/mon/26012/320221.pdf (2012)
[10] Loukil, F., Ghedira-Guegan, C., Benharkat, A. N., Boukadi, K., and Maamar, Z.: Privacy-Aware in the IoT Applications: A Systematic Literature Review. In OTM Confederated International Conferences" On the Move to Meaningful Internet Systems" (pp. 552-569). Springer, Cham (2017)
[11] Hansen M.: Top 10 Mistakes in System Design from a Privacy Perspective and Privacy Protection Goals. In: Camenisch J., Crispo B., Fischer-Hübner S., Leenes R., Russello G. (eds) Privacy and Identity Management for Life. Privacy and Identity 2011. IFIP Advances in Information and Communication Technology, Vol. 375, pp. 14-31 (2012)
[12] Meis, R., and Heisel, M.: Computer-Aided Identi?cation and Validation of Intervenability Requirements. Information, Vol. 8, No. 1, 30 (2017)
[13] Gharib M., Giorgini P. and Mylopoulos J.: Towards an Ontology for Privacy Requirements via a Systematic Literature Review. In: Mayr H., Guizzardi G., Ma H., Pastor O. (eds) Conceptual Modeling. ER 2017. Lecture Notes in Computer Science, Vol. 10650, pp. 193-208 (2017)
[14] Azarm-Daigle, M., Kuziemsky, C. and Peyton, L.: A Review of Cross-Organizational Healthcare Data Sharing. Procedia Computer Science, Vol. 63, pp. 425-432, DOI: https://doi.org/10.1016/j.procs.2015.08.363 (2015)
[15] Sajid, A. and Abbas, H.: Data Privacy in Cloud-assisted Healthcare Systems: State of the Art and Future Challenges. Journal of Medical Systems archive, Vol. 40, No. 6, pp. 1-16, DOI: 10.1007/s10916-016-0509-2 (2016)
[16] Rahim, F., Ismail, Z. and Samy, G.: Privacy Challenges in Electronic Medical Records: A Systematic Review. In Proceedings of the Knowledge Management International Conference (KMICe) 2014, pp. 12-15 (2014)
[17] Petersen, K., Vakkalanka, S. and Kuzniarz, L.: Guidelines for conducting systematic mapping studies in software engineering: An update. Information and Software Technology, Vol. 64, pp. 1-18, (2015)
[18] Kitchenham, B.A. and Charters, S.: Guidelines for Performing Systematic Literature Reviews in Software Engineering. Technical Report EBSE-2007- 01, School of Computer Science and Mathematics, Keele University (2007)
[19] Kalloniatis, C., Kavakli, E. and Gritzalis, S.: Addressing privacy requirements in system design: the PriS method. Requirements Eng. 13(3), 241–255 (2008)
[20] Deng, M., Wuyts, K., Scandariato, R., Preneel, B. and Joosen, W.: A privacy threat analysis framework: supporting the elicitation and fulfillment of privacy requirements. Requirements Eng. Vol. 16, No. 1, pp. 3–32 (2011)
[21] Adams, R.J., Smart, P. and Huff, A.S.: Shades of Grey: Guidelines for Working with the Grey Literature in Systematic Reviews for Management and Organizational Studies. International Journal of Management Reviews, Vol. 19, pp. 432-454, doi:10.1111/ijmr.12102 (2017)
[22] Garousi, V., Felderer, M. and Mäntylä, M.: The need for multivocal literature reviews in software engineering: complementing systematic literature reviews with grey literature. In Proceedings of the 20th International Conference on Evaluation and Assessment in Software Engineering (EASE), 26 (2016)
[23] Schartum, D.: Making privacy by design operative. International Journal of Law and Information Technology, No. 24, 151–175, DOI: 10.1093/ijlit/eaw002 (2016)
[24] Bier, C., Birnstill, P., Krempel, E., Vagts, H., and Beyerer, J.: Enhancing Privacy by Design From a Developer's Perspective. In: Preneel B., Ikonomou D. (eds) Privacy Technologies and Policy. APF 2012. LNCS, Vol. 8319, DOI: 10.1007/978-3-642-54069-1_5 (2012)
[25] Vemou, K. and Karyda, M.: Guidelines and Tools for Incorporating Privacy In Social Networking Platforms. IADIS International Journal on Internet, Vol. 12, No. 2, pp. 16-33 (2014)
[26] ISO/IEC 29100:2011 Information technology – Security techniques – Privacy framework. International Organization for Standardization (2011)
[27] Cavoukian A.: Privacy by Design: Leadership, Methods, and Results. In: Gutwirth S., Leenes R., de Hert P., Poullet Y. (eds) European Data Protection: Coming of Age. Springer, Dordrecht (2013)

Primary papers
[A1] Buscher, M., Wood, L. and Perng. S-Y.: Privacy, Security, Liberty: Informing the Design of EMIS. In Proceedings of the 10th International ISCRAM Conference, pp.: 401-410, Baden-Baden, Germany (2013)
[A2] Ayalon, O., Toch, E., Birnhack, M. and Hadar, I.: How Developers Make Design Decisions about Users’ Privacy: The Place of Professional Communities and Organizational Climate. In Proceedings of the Companion of the 2017 ACM Conference on Computer Supported Cooperative Work and Social Computing (CSCW), ACM, Portland, OR, USA, DOI: 10.1145/3022198.3026326 (2017)
[A3] Chen, S. and Williams, M.A.: Grounding Privacy-by-Design for Information Systems. In Proceedings of Pacific Asia Conference on Information Systems (PACIS), 107 (2013)
[A4] Jutla, D., Bodorik, P. and Ali, S.: Engineering Privacy for Big Data Apps with the Unified Modeling Language. In Proceedings of the International Congress on Big Data, IEEE, DOI 10.1109/BigData.Congress.2013.15, pp.: 38-45 (2013)
[A5] Martín, Y-S., Alamo, J. and Yelmo, J.: Engineering Privacy Requirements: Valuable Lessons from another Realm. In Proceedings of the 1st Workshop on Evolving Security and Privacy Requirements Engineering (ESPRE), IEEE, ISBN: 978-1-4799-6340-9/14 (2014)
[A6] Colesky, M., Hoepman, J-H. and Hillen, C.: A Critical Analysis of Privacy Design Strategies. In Proceedings of the IEEE Symposium on Security and Privacy Workshops, pp.: 33-40, DOI 10.1109/SPW.2016.23 (2016)
[A7] Cavoukian, A. and Chibba M.: Advancing privacy and security in computing, networking and systems innovations through privacy by design. In Proceedings of the 2009 Conference of the Centre for Advanced Studies on Collaborative Research, pp. 358-360, DOI: 10.1145/1723028.1723107 (2009)
[A8] Wright, R.: Obstacles to Freedom and Privacy by Design. In Proceedings of the 10th conference on Computers, freedom and privacy: challenging the assumptions, pp.: 97-100 (2000)
[A9] Langheinrich, M.: Privacy by Design - Principles of Privacy-Aware Ubiquitous Systems. In Proceedings of the 3rd international conference on Ubiquitous Computing, pp. 273-291 (2001)
[A10] Gaudino, F.: Applied sciences in biomedical and ICT from the perspective of the patient's right to data privacy and security: turning a zero-sum into a positive-sum game. In Proceedings of the 4th International Symposium on Applied Sciences in Biomedical and Communication Technologies, No. 93, DOI: 10.1145/2093698.2093791 (2011)
[A11] Brost G. and Hoffman, M.: Identifying Security Requirements and Privacy Concerns in Digital Health Applications. Requirements Engineering for Digital Health, DOI 10.1007/978-3-319-09798-5_7 (2015)
[A12] Perera, C., McCormick, C., Bandara, A. Price, B. and Nuseibeh, B.: Privacy-by-Design Framework for Assessing Internet of Things Applications and Platforms. In Proceedings of the 6th International Conference on the Internet of Things, pp.: 83-92, DOI: 10.1145/2991561.2991566 (2016)
[A13] Piette, F., Caval, C., Seghrouchni, A., Taillibert, P. and Dinont, C.: A Multi-Agent System for Resource Privacy: Deployment of Ambient Applications in Smart Environments. In Proceedings of the 2016 International Conference on Autonomous Agents & Multiagent Systems, pp. 1445-1446, Singapore, Singapore, ISBN: 978-1-4503-4239-1 (2016)
[A14] Camenisch, J., Ortiz-Yepes, D. and Preiss, F.: Strengthening Authentication with Privacy-Preserving Location Verification of Mobile Phones. In Proceedings of the 14th ACM Workshop on Privacy in the Electronic Society, ACM, pp. 37-48, DOI: http://dx.doi.org/10.1145/2808138.2808144 (2015)
[A15] Alharbi, I., Zyngier, S. and Hodkinson, C.: An evaluation of the interaction between companies’ privacy practices and user information privacy concerns in the success of electronic commerce. In Proceedings of the European, Mediterranean and Middle Eastern Conference on Information Systems, pp.: 584-597 (2012)
[A16] Chen, S. and Williams, M.A.: Information Makes a Difference for Privacy Design. In Proceedings of Pacific Asia Conference on Information Systems (PACIS), 178 (2012)
[A17] Suphakul, T. and Senivongse, T.: Development of privacy design patterns based on privacy principles and UML. International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing IEEE/ACIS, DOI: 10.1109/SNPD.2017.8022748 (2017)
[A18] Siljee, J.: Privacy Transparency Patterns. In Proceedings of the 20th European Conference on Pattern Languages of Programs (EuroPLoP '15), 52, DOI: 10.1145/2855321.2855374 (2015)
[A19] Vemou, K. and Karyda, M.: Embedding Privacy Practices in Social Networking Services. In Proceedings of the 7th IADIS International Conference Information Systems, pp.: 201-208 (2014)
[A20] Hoel, T., Griffiths, D. and Chen, W.: The influence of data protection and privacy frameworks on the design of learning analytics systems. In Proceedings of the Seventh International Learning Analytics & Knowledge Conference, pp. 243-252, DOI: 10.1145/3027385.3027414 (2017)
[A21] Kost, M., Freytag, J-C., Kargl, F. and Kung A.: Privacy Verification using Ontologies. In Proceedings of the Sixth International Conference on Availability, Reliability and Security, IEEE, DOI 10.1109/ARES.2011.97 (2011)
[A22] Shapiro, S.: Privacy By Design: Moving from Art to Practice. Communications of the ACM, Vol. 53, No. 6, DOI:10.1145/1743546.1743559 (2010)
[A23] Rowan, M. and Dehlinger, J.: Encouraging Privacy by Design Concepts with Privacy Policy Auto-Generation in Eclipse (PAGE). In Proceedings of the Workshop on Eclipse Technology eXchange, pp.: 9-14, DOI: 10.1145/2688130.2688134 (2014)
[A24] Morton, A. and Sasse, A.: Privacy is a Process, Not a PET: A Theory for Effective Privacy Practice. In Proceedings of the 2012 New Security Paradigms Workshop, pp. 87-104, A CM New York, NY, USA DOI: 10.1145/2413296.2413305 (2012)
[A25] Wohlgemuth, S.: Adaptive User-Centered Security. In S. Teufel et al. (Eds.): CD-ARES International Federation for Information Processing, LNCS 8708, pp. 94-109 (2014)
[A26] Colesky, M. and Ghanavati, S.: Privacy Shielding by Design: A Strategies Case for Near-Compliance. In Proceedings of the 24th International Requirements Engineering Conference Workshop, IEEE, pp.: 271-275, DOI 10.1109/REW.2016.30 (2016)
[A27] Le Métayer, D.: Privacy by design: a formal framework for the analysis of architectural choices. In Proceedings of the third ACM conference on Data and application security and privacy, ACM, pp. 95-104 DOI: 10.1145/2435349.2435361 (2013)
[A28] Bartl, G., Gerhold, L. and Wählisch, M.: Towards a theoretical framework of acceptance for surveillance systems at airports.In Proceedings of the 11th International ISCRAM Conference, pp.: 299-303, University Park, PA, USA (2014)
[A29] Diamantopoulou, V., Kalloniatis, C., Gritzalis, S. and Mouratidis, H.: Supporting Privacy by Design Using Privacy Process Patterns. In S. De Capitani di Vimercati and F. Martinelli (Eds.): SEC 2017, International Federation for Information Processing AICT 502, pp. 491–505, DOI: 10.1007/978-3-319-58469-0 33 (2017)
[A30] Alshammari, M. and Simpson, A.: Towards a Principled Approach for Engineering Privacy by Design. APF, LNCS 10518, pp. 161–177, DOI: 10.1007/978-3-319-67280-9_9 (2017)
[A31] Ali, N., Jutla, D. and Bodorik, P.: PIP: An Injection Pattern for Inserting Privacy Patterns and Services in Software. In: Berendt, B. et al. (Eds.): APF 2015, LNCS 9484, pp.: 144-157, DOI: 10.1007/978-3-319-31456-3_8 (2016)
[A32] Spiekermann, S.: The Challenges of Privacy by Design. Communications of the ACM, Vol. 55, No. 7, DOI:10.1145/2209249.2209263 (2012)
[A33] Bier, C. and Krempel, E.: Common Privacy Patterns in Video Surveillance and Smart Energy. In Proceedings of the 7th International Conference on Computing and Convergence Technology (ICCCT), pp.: 610-615, ISBN: 978-89-94364-22-3 (2012)
[A34] Guerriero, M., Tamburri, D., Ridene, Y., Marconi, F., Bersani, M. and Artac, M.: Towards DevOps for Privacy-by-Design in Data-Intensive Applications: A Research Roadmap. In Proceedings of the ICPE ’17 Companion, L’Aquila, Italy, DOI: 3053600.3053631 (2017)
[A35] Oetzel, M. and Spiekermann, S.: Privacy-By-Design through Systematic Privacy Impact Assessment: A Design Science Approach. In Proceedings of the European Conference on Information Systems (ECIS), 160 (2012)
[A36] Alshammari, M. and Simpson, A.: Personal Data Management for Privacy Engineering: An Abstract Personal Data Lifecycle Model. Oxford, UK, CS-RR-17-02, ISBN: 978-3-319-74030-0 (2017)
[A37] Alshammari, M. and Simpson, A.: A UML Profile for Privacy-Aware Data Lifecycle Models. Computer Security. Springer, Vol. 10683, Springer, pp. 189-209, ISBN: 978-3-319-72816-2 (2017)
[A38] Antignac, T. and Le Métayer, D.: Trust Driven Strategies for Privacy by Design. IFIP Advances in Information and Communication Technology, AICT-454, pp. 60-75 (2015)
[A39] Bokhove, W., Hulsebosch, B., Van Schoonhoven, B., Sappelli, M. and Wouters, K.: User Privacy in Applications for Well-being and Well-working: Requirements and Approaches for User Controlled Privacy. In Proceedings or the International Conference on Ambient Computing, Applications, Services and Technologies, pp. 53-59, ISBN: 978-1-61208-235-6 (2012)
[A40] Caiza, J., Martín, Y-S, del Alamo, J. and Guaman, D.: Organizing Design Patterns for Privacy: A Taxonomy of Types of Relationships. In Proceedings of the EuroPLOP’17, DOI: 10.1145/3147704.3147739 (2017)
[A41] Colesky, M., Caiza, J., del Alamo, J., Hoepman, J-H. and Martín, Y-S,: A System of Privacy Patterns for User Control. In Proceedings of the SAC, April 9–13, Pau, France, DOI: 10.1145/3167132.3167257 (2018)
[A42] Hadar, I., Hasson, T., Ayalon, O., Toch, E., Birnhack, M., Sherman, S. and Balissa A.: Privacy by designers: software developers' privacy mindset. Empirical Software Engineering, Vol. 23, No. 1, pp. 259-289 (2017)
[A43] Hazeyama, A., Washizaki, H., Yoshioka, N., Kaiya, H. and Okubo, T.: Literature survey on technologies for developing privacy-aware software. In Proceedings of the IEEE 24th International Requirements Engineering Conference Workshops (REW), DOI: 10.1109/REW.2016.029 (2016)
[A44] Lenhard, J., Fritsch, L. and Herold, S.: A Literature Study on Privacy Patterns Research. In Proceedings of the 43rd Euromicro Conference on Software Engineering and Advanced Applications (SEAA) DOI: 10.1109/SEAA.2017.28 (2017)
[A45] Notario, N., Crespo, A., Martin, Y-S., del Alamo, J., Le Métayer, D., Antignac, T., Kung, A., Kroener, I., Whright, D.: PRIPARE: Integrating Privacy Best Practices into a Privacy Engineering Methodology. In Proceedings of the 2015 IEEE Security and Privacy Workshops, DOI: 10.1109/SPW.2015.22 (2015)
[A46] Patil, S. and Kobsa, A.: Privacy considerations in awareness systems: designing with privacy in mind. In: Markopoulos P., De Ruyter B., Mackay W. (eds) Awareness Systems. Human-Computer Interaction Series. Springer, London, DOI: 10.1007/978-1-84882-477-5_8 (2009)
[A47] Radics, J., Gracanin, D. and Kafura, D.: PREprocess before you build: introducing a framework for privacy requirements engineering. In Proceedings of the 2013 International Conference on Social Computing, DOI: 10.1109/SocialCom.2013.85 (2013)
[A48] Ramadan, Q., Strüber, D., Salnitri, M., Riediger, V. and Jürjens, J.: Detecting Conflicts between Data-Minimization and Security Requirements in Business Process Models. In Proceedings of the 14th European Conference Modelling Foundations and Applications, Vol. 10980, pp. 179-198 (2018)
[A49] Senarath, A., Arachchilage, N. and Slay, J.: Designing Privacy for You: A Practical Approach for User-Centric Privacy. In: Tryfonas T. (eds) Human Aspects of Information Security, Privacy and Trust. HAS 2017. Lecture Notes in Computer Science, Vol. 10292. Springer, Cham (2017)
[A50] van Rest, J., Boonstra, D., Everts, M., Rijn, M. and Paassen, R.: Designing privacy-by-design. In Proceeding of the APF 2012 Revised Selected Papers of the First Annual Privacy Forum on Privacy Technologies and Policy, Vol. 8319, pp. 55-72, DOI: 10.1007/978-3-642-54069-1_4 (2012)
[A51] Bösch, C., Erb, B., Kargl, F., Kopp, H. and Pfattheicher, In Proceedings on Privacy Enhancing Technologies, No. 4, pp. 237-254 (2017)
[A52] Fritsch, L.: Privacy dark patterns in identity management. Open Identity Summit, pp. 93-104, ISBN: 978-3-88579-671-8 (2017)
[A53] Hoepman, J. H.: Privacy design strategies. In IFIP International Information Security Conference pp. 446-459 Springer, Berlin, Heidelberg (2014)

Downloads

Published

2019-04-01

Issue

Vol. 22 No. 1 (2019): CIbSE 2018 Special issue

Section

Articles

License

CLEIej is supported by its home institution, CLEI, and by the contribution of the Latin American and international researchers community, and it does not apply any author charges whatsoever for submitting and publishing. Since its creation in 1998, all contents are made publicly accesibly. The current license being applied is a (CC)-BY license (effective October 2015; between 2011 and 2015 a (CC)-BY-NC license was used).