Usable Privacy: A Study of Norwegian Software Development Practices

Abstract

Despite the increased focus on privacy and adoption of comprehensive data privacy laws such as the GDPR, there is still a notable absence of developer guidelines with a focus on making privacy usable, and the related practices and challenges are still poorly understood. In this context, the present study explores the current landscape of usable privacy within software development, using Norway as a case study. By means of an online survey, insights were gathered from a sample consisting of 128 developers, designers, security specialists, and related professionals. It addresses aspects such as the awareness of privacy guidelines, implementation practices, as well as challenges related to effectively incorporating privacy into software development processes. The results indicate that knowledge gaps, complicated terminology, and a lack of easily accessible toolkits and guidelines persist as barriers. Additionally, cultural attitudes towards privacy and competing priorities further obstruct the effective integration of privacy measures. Better insights into usable privacy practices can help close the gap between the technical, legal, and user-centric dimensions of privacy, aiming for a digital landscape that is both transparent and oriented toward user needs.