{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,14]],"date-time":"2026-01-14T17:18:33Z","timestamp":1768411113393,"version":"3.49.0"},"publisher-location":"New York, NY, USA","reference-count":35,"publisher":"ACM","license":[{"start":{"date-parts":[[2018,6,28]],"date-time":"2018-06-28T00:00:00Z","timestamp":1530144000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2018,6,28]]},"DOI":"10.1145\/3210459.3210484","type":"proceedings-article","created":{"date-parts":[[2018,6,27]],"date-time":"2018-06-27T12:22:47Z","timestamp":1530102167000},"page":"211-216","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":46,"title":["Why developers cannot embed privacy into software systems?"],"prefix":"10.1145","author":[{"given":"Awanthika","family":"Senarath","sequence":"first","affiliation":[{"name":"University of New South Wales, Canberra, ACT"}]},{"given":"Nalin A. G.","family":"Arachchilage","sequence":"additional","affiliation":[{"name":"University of New South Wales, Canberra, ACT"}]}],"member":"320","published-online":{"date-parts":[[2018,6,28]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2017.52"},{"key":"e_1_3_2_1_2_1","volume-title":"Either: A Research Agenda for Usable Security and Privacy Research Beyond End Users. In IEEE Cyber Security Development Conference, (IEEE Secdev). IEEE.","author":"Acar Yasemin","year":"2016","unstructured":"Yasemin Acar , Sascha Fahl , and Michelle L Mazurek . 2016 . You Are Not Your Developer , Either: A Research Agenda for Usable Security and Privacy Research Beyond End Users. In IEEE Cyber Security Development Conference, (IEEE Secdev). IEEE. Yasemin Acar, Sascha Fahl, and Michelle L Mazurek. 2016. You Are Not Your Developer, Either: A Research Agenda for Usable Security and Privacy Research Beyond End Users. In IEEE Cyber Security Development Conference, (IEEE Secdev). IEEE."},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/3022198.3026326"},{"key":"e_1_3_2_1_4_1","volume-title":"An Introduction to Privacy Engineering and Risk Management in Federal Information Systems. NIST Interagency\/Internal Report (NISTIR)-8062","author":"Brooks Sean W","year":"2017","unstructured":"Sean W Brooks , Michael E Garcia , Naomi B Lefkovitz , Suzanne Lightman , and Ellen M Nadeau . 2017. An Introduction to Privacy Engineering and Risk Management in Federal Information Systems. NIST Interagency\/Internal Report (NISTIR)-8062 ( 2017 ). Sean W Brooks, Michael E Garcia, Naomi B Lefkovitz, Suzanne Lightman, and Ellen M Nadeau. 2017. An Introduction to Privacy Engineering and Risk Management in Federal Information Systems. NIST Interagency\/Internal Report (NISTIR)-8062 (2017)."},{"key":"e_1_3_2_1_5_1","volume-title":"Trust Economics Workshop London","volume":"23","author":"Cavoukian Ann","year":"2009","unstructured":"Ann Cavoukian . 2009 . Privacy by Design. The Answer to Overcoming Negative Externalities Arising from Poor Management of Personal Data . In Trust Economics Workshop London , England, June , Vol. 23 . 2009. Ann Cavoukian. 2009. Privacy by Design. The Answer to Overcoming Negative Externalities Arising from Poor Management of Personal Data. In Trust Economics Workshop London, England, June, Vol. 23. 2009."},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1007\/s12394-010-0053-z"},{"key":"e_1_3_2_1_7_1","volume-title":"Grounded theory research: Procedures, canons, and evaluative criteria. Qualitative sociology 13, 1","author":"Corbin Juliet M","year":"1990","unstructured":"Juliet M Corbin and Anselm Strauss . 1990. Grounded theory research: Procedures, canons, and evaluative criteria. Qualitative sociology 13, 1 ( 1990 ), 3--21. Juliet M Corbin and Anselm Strauss. 1990. Grounded theory research: Procedures, canons, and evaluative criteria. Qualitative sociology 13, 1 (1990), 3--21."},{"key":"e_1_3_2_1_8_1","volume-title":"Rodica Tirtea, and Stefan Schiffner.","author":"Danezis George","year":"2015","unstructured":"George Danezis , Josep Domingo-Ferrer , Marit Hansen , Jaap-Henk Hoepman , Daniel Le Metayer , Rodica Tirtea, and Stefan Schiffner. 2015 . Privacy and Data Protection by Design-from policy to engineering. European Union Agency for Network and Information Security ( 2015). George Danezis, Josep Domingo-Ferrer, Marit Hansen, Jaap-Henk Hoepman, Daniel Le Metayer, Rodica Tirtea, and Stefan Schiffner. 2015. Privacy and Data Protection by Design-from policy to engineering. European Union Agency for Network and Information Security (2015)."},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1093\/idpl\/ipw026"},{"key":"e_1_3_2_1_10_1","volume-title":"Retrieved","author":"Express The Canadian","year":"2018","unstructured":"The Canadian Express . 2018 . Facebook's Zuckerberg admits mistakes in privacy scandal. (March 2018) . Retrieved March 21, 2018 from https:\/\/www.columbiavalleypioneer.com\/news\/facebooks-zuckerberg-admits-mistakes-in-privacy-scandal\/ The Canadian Express. 2018. Facebook's Zuckerberg admits mistakes in privacy scandal. (March 2018). Retrieved March 21, 2018 from https:\/\/www.columbiavalleypioneer.com\/news\/facebooks-zuckerberg-admits-mistakes-in-privacy-scandal\/"},{"key":"e_1_3_2_1_11_1","volume-title":"Qualitative data analysis: Explorations with NVivo","author":"Gibbs Graham R","unstructured":"Graham R Gibbs . 2002. Qualitative data analysis: Explorations with NVivo . Open University . Graham R Gibbs. 2002. Qualitative data analysis: Explorations with NVivo. Open University."},{"key":"e_1_3_2_1_12_1","volume-title":"Privacy in the digital world: medical and health data outside of HIPAA protections. Current psychiatry reports 16, 11","author":"Glenn Tasha","year":"2014","unstructured":"Tasha Glenn and Scott Monteith . 2014. Privacy in the digital world: medical and health data outside of HIPAA protections. Current psychiatry reports 16, 11 ( 2014 ), 494. Tasha Glenn and Scott Monteith. 2014. Privacy in the digital world: medical and health data outside of HIPAA protections. Current psychiatry reports 16, 11 (2014), 494."},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2016.37"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1007\/s10664-017-9517-1"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.14722\/usec.2014.23045"},{"key":"e_1_3_2_1_16_1","volume-title":"Symposium on Usable Privacy and Security (SOUPS). USENIX Association Berkeley, CA, 39--52","author":"Kang Ruogu","year":"2015","unstructured":"Ruogu Kang , Laura Dabbish , Nathaniel Fruchter , and Sara Kiesler . 2015 . my data just goes everywhere:\u00e2\u0102\u0130 user mental models of the internet and implications for privacy and security . In Symposium on Usable Privacy and Security (SOUPS). USENIX Association Berkeley, CA, 39--52 . Ruogu Kang, Laura Dabbish, Nathaniel Fruchter, and Sara Kiesler. 2015. my data just goes everywhere:\u00e2\u0102\u0130 user mental models of the internet and implications for privacy and security. In Symposium on Usable Privacy and Security (SOUPS). USENIX Association Berkeley, CA, 39--52."},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1017\/S0963180114000589"},{"key":"e_1_3_2_1_18_1","volume-title":"Axial coding and the grounded theory controversy. Western journal of nursing research 21, 6","author":"Kendall Judy","year":"1999","unstructured":"Judy Kendall . 1999. Axial coding and the grounded theory controversy. Western journal of nursing research 21, 6 ( 1999 ), 743--757. Judy Kendall. 1999. Axial coding and the grounded theory controversy. Western journal of nursing research 21, 6 (1999), 743--757."},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/1357054.1357127"},{"key":"e_1_3_2_1_20_1","article-title":"Health information privacy protection: crisis or common sense","volume":"6","author":"Kumekawa Joanne K","year":"2001","unstructured":"Joanne K Kumekawa . 2001 . Health information privacy protection: crisis or common sense . Online Journal of Issues in Nursing 6 , 3 (2001). Joanne K Kumekawa. 2001. Health information privacy protection: crisis or common sense. Online Journal of Issues in Nursing 6, 3 (2001).","journal-title":"Online Journal of Issues in Nursing"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1057\/ejis.2013.18"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.5555\/2486788.2486872"},{"key":"e_1_3_2_1_23_1","volume-title":"International journal of social research methodology 8, 5","author":"Onwuegbuzie Anthony J","year":"2005","unstructured":"Anthony J Onwuegbuzie and Nancy L Leech . 2005. On becoming a pragmatic researcher: The importance of combining quantitative and qualitative research methodologies . International journal of social research methodology 8, 5 ( 2005 ), 375--387. Anthony J Onwuegbuzie and Nancy L Leech. 2005. On becoming a pragmatic researcher: The importance of combining quantitative and qualitative research methodologies. International journal of social research methodology 8, 5 (2005), 375--387."},{"key":"e_1_3_2_1_24_1","unstructured":"Andreas Pfitzmann and Marit Hansen. 2010. A terminology for talking about privacy by data minimization: Anonymity unlinkability undetectability unobservability pseudonymity and identity management. (2010).  Andreas Pfitzmann and Marit Hansen. 2010. A terminology for talking about privacy by data minimization: Anonymity unlinkability undetectability unobservability pseudonymity and identity management. (2010)."},{"key":"e_1_3_2_1_25_1","volume-title":"Symposium on Usable Privacy and Security (SOUPS).","author":"Rao Ashwini","year":"2016","unstructured":"Ashwini Rao , Florian Schaub , Norman Sadeh , Alessandro Acquisti , and Ruogu Kang . 2016 . Expecting the unexpected: Understanding mismatched privacy expectations online . In Symposium on Usable Privacy and Security (SOUPS). Ashwini Rao, Florian Schaub, Norman Sadeh, Alessandro Acquisti, and Ruogu Kang. 2016. Expecting the unexpected: Understanding mismatched privacy expectations online. In Symposium on Usable Privacy and Security (SOUPS)."},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1109\/BigData.Congress.2014.92"},{"key":"e_1_3_2_1_27_1","volume-title":"Australasian Conference on Information Systems","author":"Senarath Awanthika","year":"2017","unstructured":"Awanthika Senarath and Arachchilage NAG. 2017 . Understanding Organizational Approach towards End User Privacy . Australasian Conference on Information Systems (2017). Awanthika Senarath and Arachchilage NAG. 2017. Understanding Organizational Approach towards End User Privacy. Australasian Conference on Information Systems (2017)."},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/2568225.2568244"},{"key":"e_1_3_2_1_29_1","volume-title":"Information privacy law","author":"Solove Daniel J","unstructured":"Daniel J Solove and Paul Schwartz . 2014. Information privacy law . Wolters Kluwer Law & Business . Daniel J Solove and Paul Schwartz. 2014. Information privacy law. Wolters Kluwer Law & Business."},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/2209249.2209263"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/2568225.2568240"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1109\/MS.2015.26"},{"key":"e_1_3_2_1_33_1","volume-title":"Symposium on Usable Privacy and Security (SOUPS).","author":"Wermke Dominik","year":"2017","unstructured":"Dominik Wermke and Michelle Mazurek . 2017 . Security Developer Studies with GitHub Users: Exploring a Convenience Sample . In Symposium on Usable Privacy and Security (SOUPS). Dominik Wermke and Michelle Mazurek. 2017. Security Developer Studies with GitHub Users: Exploring a Convenience Sample. In Symposium on Usable Privacy and Security (SOUPS)."},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/3134746"},{"key":"e_1_3_2_1_35_1","unstructured":"Kim Wuyts Riccardo Scandariato and Wouter Joosen. 2014. LIND (D) UN privacy threat tree catalog. (2014).  Kim Wuyts Riccardo Scandariato and Wouter Joosen. 2014. LIND (D) UN privacy threat tree catalog. (2014)."}],"event":{"name":"EASE'18: 22nd International Conference on Evaluation and Assessment in Software Engineering 2018","location":"Christchurch New Zealand","acronym":"EASE'18","sponsor":["The University of Canterbury"]},"container-title":["Proceedings of the 22nd International Conference on Evaluation and Assessment in Software Engineering 2018"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3210459.3210484","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3210459.3210484","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T01:39:21Z","timestamp":1750210761000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3210459.3210484"}},"subtitle":["An empirical investigation"],"short-title":[],"issued":{"date-parts":[[2018,6,28]]},"references-count":35,"alternative-id":["10.1145\/3210459.3210484","10.1145\/3210459"],"URL":"https:\/\/doi.org\/10.1145\/3210459.3210484","relation":{},"subject":[],"published":{"date-parts":[[2018,6,28]]},"assertion":[{"value":"2018-06-28","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}