Journal
Publisher
IEEE
DOI: 10.1109/DASC/PiCom/CBDCom/Cy55231.2022.9927958
Keywords
Software design; Privacy; GDPR; Risk analysis; Software development life cycle (SDLC); Agile methodology; Non-functional requirements; Privacy-by-design
Ask authors/readers for more resources
The legal definition of privacy regulations has significantly impacted the design and maintenance of software, systems, and organizations. Efforts should be made to systematically adapt software development cycles to privacy regulations to lower operational privacy enforcement costs.
The legal definition of privacy regulations, like GDPR in the European Union, significantly impacted on the way in which software, systems and organizations should be designed or maintained to be compliant to rules. While the privacy community stated proper risk assessment and mitigation approaches to be applied, literature seems to suggest that the software engineering community, with special reference to companies, did actually concentrate on the specification phase, with less attention for the test phase of products. In coherence with the privacy-by-design approach, we believe that a bigger methodological effort must be put in the systematic adaptation of software development cycles to privacy regulations, and that this effort might be promoted in the industrial community by focusing on the relation between organizational costs vs technical features, also leveraging the benefits of targeted testing as a mean to lower operational privacy enforcement costs.
Authors
I am an author on this paper
Click your name to claim this paper and add it to your profile.
Reviews
Recommended
No Data Available
Share Paper
