A privacy requirements specification method for Agile Software Development based on exploratory studies

Abstract

Agile Software Development (ASD) has become popular in the Software Engineering industry due to the increased collaboration between customers and development team, and an emphasis on frequent business value delivery. Recent studies have shown that Requirement Engineering (RE) approaches for ASD still neglect Non-Functional Requirements (NFR). Privacy, in particular, is an NFR which has become a concern since the new demands of compliance with data protection laws. In this context, traditional RE techniques are not enough for representing Privacy Requirements. Motivated by this scenario, we propose an approach called Privacy Criteria Method (PCM) to assist agile developers in specifying privacy requirements. This research was performed in four steps. First, a Systematic Literature Review (SLR) to understand how privacy concepts and their relationships are addressed by current approaches for modeling requirements. Second, four exploratory studies: i) in-depth semi-structured interviews aim at understanding how Brazilian developers deal with privacy requirements in daily work; ii) survey via Internet aim at understanding how agile developers deal with privacy requirements in daily work; iii) a survey with privacy experts to validate the concepts found in the SLR; and iv) analysis of a standard, a regulation, guidelines, and other bibliographical sources related to privacy, which were not captured in the SLR. Third, the development of PCM and its tool. Fourth, PCM evaluation through a) illustrative scenarios; b) a controlled experiment and a qualitative study with post-graduate students; and c) case studies with agile practitioners. The first step resulted in the definition of a catalog of Privacy Requirements. The second step resulted in: i) understanding of how 13 Brazilian developers deal with privacy; ii) understanding of how 108 agile developers deal with privacy; iii) a conceptual model of Privacy Requirements; and iv) a set of privacy specification capabilities that could support system analysts. In the third step, PCM was developed based on the results of the exploratory studies. In the fourth step, PCM was evaluated through an illustrative scenario that resulted in 15 PCM artifacts. Regarding the evaluations with post-graduate students, despite spending extra time in producing the specifications, the PCM artifacts produced are of good quality and able to specify privacy in more detail. Additionally, participants pointed that using PCM does not imply a greater perceived effort. Regarding the evaluation with 21 industry practitioners, we could assess the quality and privacy coverage in the produced PCM artifacts, as well as PCM applicability, usefulness and scalability. Understanding how practitioners consider privacy requirements when developing software and how current RE approaches address privacy requirements specification were the basis to create PCM. As evidenced in the performed evaluations, PCM has the potential to help developers in addressing privacy requirements specification in ASD.