Journal of Software: Evolution and Process, 37(2):e2755
2024 · doi: 10.1002/smr.2755
Recent studies have shown that many software developers do not have sufficient knowledge and understanding of how to develop a privacy-friendly system. This may become a challenge in developing systems complying with data protection laws. To address this issue, we investigated the factors that influence developers' decision-making when developing privacy-sensitive systems. We conducted an empirical study by means of a survey with 109 practitioners. Our data analysis is based on the principles of social cognitive theory, which includes personal, behavioral, and external environmental factors. We identified six personal, five behavioral, and five external environment factors that affect how developers make decisions regarding privacy, including confusion between privacy and security and reliance on informal practices and organizational support gaps. These findings contribute to understanding how practitioners and companies consider privacy, showing improvements in formal training and structured support over previous studies yet highlighting persistent challenges in consistent privacy integration.
subject terms: empirical study, privacy, software development