skip to main content
10.1145/3600160.3605465acmotherconferencesArticle/Chapter ViewAbstractPublication PagesaresConference Proceedingsconference-collections
research-article

An Analysis of Stack Exchange Questions: Identifying Challenges in Software Design and Development with a Focus on Data Privacy and Data Protection

Published: 29 August 2023 Publication History

Abstract

Data privacy and protection are essential in today’s digital landscape, with software developers’ playing a critical role in addressing these challenges. This paper presents a comprehensive study of the challenges and issues faced by software developers’ in the context of data privacy and protection. Our analysis is based on a dataset of questions posted on popular online platforms, such as Stack Overflow, Information Security Stack Exchange, and Software Engineering Stack Exchange.
Our findings reveal a range of challenges, including the design and generation of privacy policies, compliance with legal frameworks, and implementation of privacy-preserving features in software systems. We also observed interest in policy-related questions and confusion between data privacy concepts and programming language access control mechanisms. Based on our findings, we provide recommendations to address these challenges and promote privacy-by-design principles in software development.

Supplemental Material

ZIP File
Supplemental material including the used R-Script and the dataset.

References

[1]
Yasemin Acar, Michael Backes, Sascha Fahl, Doowon Kim, Michelle L. Mazurek, and Christian Stransky. 2017. How Internet Resources Might Be Helping You Develop Faster but Less Securely. IEEE Security & Privacy 15, 2 (2017), 50–60. https://doi.org/10.1109/MSP.2017.24
[2]
David M. Blei, Andrew Y. Ng, and Michael I. Jordan. 2003. Latent Dirichlet Allocation. J. Mach. Learn. Res. 3, null (mar 2003), 993–1022.
[3]
Emilia Cioroaica, Akanksha Purohit, Barbora Buhnova, and Daniel Schneider. 2021. Goals within Trust-based Digital Ecosystems. In 2021 IEEE/ACM Joint 9th International Workshop on Software Engineering for Systems-of-Systems and 15th Workshop on Distributed Software Development, Software Ecosystems and Systems-of-Systems (SESoS/WDES). IEEE, Madrid, Spain, 1–7. https://doi.org/10.1109/SESoS-WDES52566.2021.00006
[4]
Felix Fischer, Konstantin Böttinger, Huang Xiao, Christian Stransky, Yasemin Acar, Michael Backes, and Sascha Fahl. 2017. Stack Overflow Considered Harmful? The Impact of Copy&Paste on Android Application Security. In 2017 IEEE Symposium on Security and Privacy (SP). IEEE, San Jose, CA, USA, 121–136. https://doi.org/10.1109/SP.2017.31
[5]
Irit Hadar, Tomer Hasson, Oshrat Ayalon, Eran Toch, Michael Birnhack, Sofia Sherman, and Arod Balissa. 2017. Privacy by designers: software developers’ privacy mindset. Empirical Software Engineering 23, 1 (April 2017), 259–289. https://doi.org/10.1007/s10664-017-9517-1
[6]
Ralf Kneuper. 2019. Integrating Data Protection into the Software Life Cycle. In Product-Focused Software Process Improvement. Springer International Publishing, 417–432. https://doi.org/10.1007/978-3-030-35333-9_30
[7]
Anthony Mazeli. 2022. A framework to support software developers in implementing privacy features. In Proceedings of the ACM/IEEE 44th International Conference on Software Engineering: Companion Proceedings. ACM, Pittsburgh Pennsylvania, 245–247. https://doi.org/10.1145/3510454.3517054
[8]
Nelson Novaes Neto, Stuart Madnick, Anchises Moraes G. De Paula, and Natasha Malara Borges. 2021. Developing a Global Data Breach Database and the Challenges Encountered. J. Data and Information Quality 13, 1, Article 3 (jan 2021), 33 pages. https://doi.org/10.1145/3439873
[9]
Anand Rajaraman and Jeffrey David Ullman. 2011. Data Mining. Cambridge University Press, 1–17. https://doi.org/10.1017/CBO9781139058452.002
[10]
Sajal Saha, Golam Md. Muradul Bashir, Md. Raihan Talukder, Joy Karmaker, and Md. Saiful Islam. 2018. Which Programming Language and Platform Developers Prefer for the Development? A Study Using Stack Overflow. In 2018 International Conference on Innovations in Science, Engineering and Technology (ICISET). IEEE, 305–310. https://doi.org/10.1109/iciset.2018.8745630
[11]
Mohammad Tahaei, Kami Vaniea, and Awais Rashid. 2023. Embedding Privacy Into Design Through Software Developers: Challenges and Solutions. IEEE Security & Privacy 21, 1 (Jan. 2023), 49–57. https://doi.org/10.1109/msec.2022.3204364
[12]
Mohammad Tahaei, Kami Vaniea, and Naomi Saphra. 2020. Understanding Privacy-Related Questions on Stack Overflow. In Proceedings of the 2020 CHI Conference on Human Factors in Computing Systems. ACM. https://doi.org/10.1145/3313831.3376768
[13]
Yuhao Wu, Shaowei Wang, Cor-Paul Bezemer, and Katsuro Inoue. 2018. How do developers utilize source code from stack overflow?Empirical Software Engineering 24, 2 (July 2018), 637–673. https://doi.org/10.1007/s10664-018-9634-5

Cited By

View all
  • (2025)Systematic mapping study on requirements engineering for regulatory compliance of software systemsInformation and Software Technology10.1016/j.infsof.2024.107622178(107622)Online publication date: Feb-2025

Index Terms

  1. An Analysis of Stack Exchange Questions: Identifying Challenges in Software Design and Development with a Focus on Data Privacy and Data Protection

        Recommendations

        Comments

        Information & Contributors

        Information

        Published In

        cover image ACM Other conferences
        ARES '23: Proceedings of the 18th International Conference on Availability, Reliability and Security
        August 2023
        1440 pages
        ISBN:9798400707728
        DOI:10.1145/3600160
        Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

        Publisher

        Association for Computing Machinery

        New York, NY, United States

        Publication History

        Published: 29 August 2023

        Permissions

        Request permissions for this article.

        Check for updates

        Author Tags

        1. data privacy
        2. data protection
        3. software engineering
        4. stack overflow

        Qualifiers

        • Research-article
        • Research
        • Refereed limited

        Conference

        ARES 2023

        Acceptance Rates

        Overall Acceptance Rate 228 of 451 submissions, 51%

        Contributors

        Other Metrics

        Bibliometrics & Citations

        Bibliometrics

        Article Metrics

        • Downloads (Last 12 months)75
        • Downloads (Last 6 weeks)4
        Reflects downloads up to 17 Jan 2025

        Other Metrics

        Citations

        Cited By

        View all
        • (2025)Systematic mapping study on requirements engineering for regulatory compliance of software systemsInformation and Software Technology10.1016/j.infsof.2024.107622178(107622)Online publication date: Feb-2025

        View Options

        Login options

        View options

        PDF

        View or Download as a PDF file.

        PDF

        eReader

        View online with eReader.

        eReader

        HTML Format

        View this article in HTML Format.

        HTML Format

        Media

        Figures

        Other

        Tables

        Share

        Share

        Share this Publication link

        Share on social media