{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,4]],"date-time":"2025-11-04T10:46:05Z","timestamp":1762253165748,"version":"3.41.0"},"reference-count":81,"publisher":"Association for Computing Machinery (ACM)","issue":"4","license":[{"start":{"date-parts":[[2019,11,3]],"date-time":"2019-11-03T00:00:00Z","timestamp":1572739200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"Information Management and Technology Team of XXXX Australia"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Priv. Secur."],"published-print":{"date-parts":[[2019,11,30]]},"abstract":"<jats:p>With the increasing concerns over privacy in software systems, there is a growing enthusiasm to develop methods to support the development of privacy aware software systems. Inadequate privacy in software system designs could result in users losing their sensitive data, such as health information and financial information, which may cause financial and reputation loss. Privacy Engineering Methodologies (PEMs) are introduced into the software development processes with the goal of guiding software developers to embed privacy into the systems they design. However, for PEMs to be successful it is imperative that software developers have a positive intention to use PEMs. Otherwise, developers may attempt to bypass the privacy methodologies or use them partially and hence develop software systems that may not protect user privacy appropriately. To investigate the factors that affect software developers\u2019 behavioural intention to follow PEMs, in this article, we conducted a study with 149 software developers. Findings of the study show that the usefulness of the PEM to the developers\u2019 existing work to be the strongest determinant that affects software developers\u2019 intention to follow PEMs. Moreover, the compatibility of the PEM with their way of work and how the PEM demonstrates its results when used were also found to be significant. These findings provide important insights in understanding the behaviour of software developers and how they perceive PEMs. The findings could be used to assist organisations and researchers to deploy PEMs and design PEMs that are positively accepted by software developers.<\/jats:p>","DOI":"10.1145\/3364224","type":"journal-article","created":{"date-parts":[[2019,11,4]],"date-time":"2019-11-04T14:04:16Z","timestamp":1572876256000},"page":"1-30","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":35,"title":["Will They Use It or Not? Investigating Software Developers\u2019 Intention to Follow Privacy Engineering Methodologies"],"prefix":"10.1145","volume":"22","author":[{"given":"Awanthika","family":"Senarath","sequence":"first","affiliation":[{"name":"University of New South Wales Australia"}]},{"given":"Marthie","family":"Grobler","sequence":"additional","affiliation":[{"name":"data61, Commonwealth Scientific and Industrial Research Organisation, Australia"}]},{"given":"Nalin Asanka Gamagedara","family":"Arachchilage","sequence":"additional","affiliation":[{"name":"La Trobe University Australia and University of New South Wales"}]}],"member":"320","published-online":{"date-parts":[[2019,11,3]]},"reference":[{"volume-title":"GitHub blog","year":"2015","key":"e_1_2_1_1_1"},{"key":"e_1_2_1_2_1","unstructured":"2016. European Union Data Protection. Retrieved from: http:\/\/ec.europa.eu\/justice\/data-protection\/data-collection.  2016. European Union Data Protection. Retrieved from: http:\/\/ec.europa.eu\/justice\/data-protection\/data-collection."},{"key":"e_1_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2017.52"},{"key":"e_1_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1109\/SecDev.2016.013"},{"volume-title":"Proceedings of the 13th Symposium on Usable Privacy and Security (SOUPS\u201917)","year":"2017","author":"Acar Yasemin","key":"e_1_2_1_5_1"},{"volume-title":"The role of innovation characteristics and perceived voluntariness in the acceptance of information technologies. Dec. Sci. 28, 3","year":"1997","author":"Agarwal Ritu","key":"e_1_2_1_6_1"},{"key":"e_1_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1109\/17.865899"},{"key":"e_1_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/3022198.3026326"},{"key":"e_1_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.2307\/2392322"},{"key":"e_1_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2014.70"},{"key":"e_1_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.2307\/3250929"},{"volume-title":"Proceedings of the Annual Privacy Forum. Springer, 1--16","year":"2012","author":"Beckers Kristian","key":"e_1_2_1_12_1"},{"key":"e_1_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-94-011-2094-4_6"},{"volume-title":"Nadeau","year":"2017","author":"Brooks Sean W.","key":"e_1_2_1_14_1"},{"key":"e_1_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.tele.2015.04.009"},{"volume-title":"Privacy: What Developers and IT Professionals Should Know","author":"Cannon J. C.","key":"e_1_2_1_16_1"},{"key":"e_1_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1007\/BF02310555"},{"volume-title":"Rodica Tirtea, and Stefan Schiffner.","year":"2015","author":"Danezis George","key":"e_1_2_1_18_1"},{"key":"e_1_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1287\/mnsc.35.8.982"},{"key":"e_1_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1037\/h0032355"},{"key":"e_1_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1016\/S0378-7206(98)00101-3"},{"volume-title":"Proceedings of the 4th Conference of the British Computer Society Information Systems Methodologies Specialist Group. 87--96","author":"Eva M.","key":"e_1_2_1_23_1"},{"key":"e_1_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2015.55"},{"key":"e_1_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE-C.2017.104"},{"key":"e_1_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.jss.2018.02.041"},{"key":"e_1_2_1_27_1","unstructured":"Seda G\u00fcrses Carmela Troncoso and Claudia Diaz. 2011. Engineering Privacy by Design. Retrieved from https:\/\/software.imdea.org\/&tilde;carmela.troncoso\/papers\/Gurses-CPDP11.pdf.  Seda G\u00fcrses Carmela Troncoso and Claudia Diaz. 2011. Engineering Privacy by Design. Retrieved from https:\/\/software.imdea.org\/&tilde;carmela.troncoso\/papers\/Gurses-CPDP11.pdf."},{"key":"e_1_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1007\/s10664-017-9517-1"},{"volume-title":"Tatham et al","year":"2006","author":"Hair Joseph F.","key":"e_1_2_1_29_1"},{"key":"e_1_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.5555\/1289800.1289805"},{"key":"e_1_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1109\/TEM.2003.817293"},{"key":"e_1_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-47961-9_12"},{"key":"e_1_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.14722\/usec.2014.23045"},{"volume-title":"Mynatt","year":"2005","author":"Jensen Carlos","key":"e_1_2_1_34_1"},{"key":"e_1_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1145\/342251.342263"},{"key":"e_1_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1007\/s00766-008-0067-3"},{"key":"e_1_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1109\/17.865904"},{"volume-title":"Mueller","year":"1978","author":"Kim Jae-On","key":"e_1_2_1_38_1"},{"key":"e_1_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1145\/1357054.1357127"},{"volume-title":"Principles and Practice of Structural Equation Modeling","author":"Kline Rex B.","key":"e_1_2_1_40_1"},{"key":"e_1_2_1_41_1","article-title":"Leading change: Why transformation efforts fail","author":"Kotter John P.","year":"1995","journal-title":"Harvard Business Review"},{"key":"e_1_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1080\/07421222.1989.11517840"},{"key":"e_1_2_1_43_1","unstructured":"Christopher Kuner. 2007. In European Data Protection Law: Corporate Regulation and Compliance (2nd Ed.).  Christopher Kuner. 2007. In European Data Protection Law: Corporate Regulation and Compliance (2nd Ed.)."},{"key":"e_1_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1145\/1047671.1047705"},{"key":"e_1_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1145\/1134285.1134355"},{"key":"e_1_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1016\/S0378-7206(01)00143-4"},{"key":"e_1_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1287\/inte.17.3.6"},{"key":"e_1_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.1145\/3287056"},{"key":"e_1_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-662-44208-1_21"},{"key":"e_1_2_1_50_1","doi-asserted-by":"publisher","DOI":"10.1109\/CRISIS.2012.6378941"},{"key":"e_1_2_1_51_1","doi-asserted-by":"publisher","DOI":"10.1287\/isre.1040.0032"},{"volume-title":"Proceedings of the CEUR Workshop.","author":"Mart\u00edn Garc\u00eda Yod Samuel","key":"e_1_2_1_52_1"},{"key":"e_1_2_1_53_1","doi-asserted-by":"publisher","DOI":"10.1287\/isre.2.3.173"},{"key":"e_1_2_1_54_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.ijinfomgt.2013.06.003"},{"key":"e_1_2_1_55_1","doi-asserted-by":"publisher","DOI":"10.1287\/isre.2.3.192"},{"volume-title":"Proceedings of the ACM Conference on Computer Supported Cooperative Work. ACM, 405--414","author":"Murphy-Hill Emerson","key":"e_1_2_1_56_1"},{"volume-title":"Proceedings of the ACM Conference on Computer and Communications Security (CCS\u201917)","year":"2017","author":"Naiakshina Alena","key":"e_1_2_1_57_1"},{"volume-title":"ten Berge","year":"1967","author":"Nunnally Jum C.","key":"e_1_2_1_58_1"},{"key":"e_1_2_1_59_1","doi-asserted-by":"publisher","DOI":"10.1057\/ejis.2013.18"},{"key":"e_1_2_1_60_1","doi-asserted-by":"publisher","DOI":"10.1007\/s11219-015-9294-2"},{"key":"e_1_2_1_61_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2002.1158287"},{"volume-title":"Rosnow","year":"1975","author":"Rosenthal Robert","key":"e_1_2_1_62_1"},{"volume-title":"Proceedings of the 22nd Conference of Evaluation and Assessment in Software Engineering (EASE\u201918)","author":"Senarath Awanthika","key":"e_1_2_1_63_1"},{"key":"e_1_2_1_64_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2019.101605"},{"key":"e_1_2_1_65_1","doi-asserted-by":"publisher","DOI":"10.1145\/2568225.2568244"},{"key":"e_1_2_1_66_1","doi-asserted-by":"publisher","DOI":"10.1109\/ISESE.2002.1166921"},{"key":"e_1_2_1_67_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2008.88"},{"key":"e_1_2_1_68_1","doi-asserted-by":"publisher","DOI":"10.1109\/17.820730"},{"key":"e_1_2_1_69_1","doi-asserted-by":"publisher","DOI":"10.1287\/isre.6.2.144"},{"key":"e_1_2_1_70_1","doi-asserted-by":"publisher","DOI":"10.1080\/07421222.1994.11518035"},{"key":"e_1_2_1_71_1","doi-asserted-by":"publisher","DOI":"10.1109\/TEM.1982.6447463"},{"key":"e_1_2_1_72_1","doi-asserted-by":"publisher","DOI":"10.2307\/249753"},{"key":"e_1_2_1_73_1","doi-asserted-by":"publisher","DOI":"10.1287\/mnsc.46.2.186.11926"},{"key":"e_1_2_1_74_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.clsr.2009.11.008"},{"volume-title":"Proceedings of the Symposium on Usable Privacy and Security (SOUPS\u201917)","year":"2017","author":"Wermke Dominik","key":"e_1_2_1_75_1"},{"volume-title":"Proceedings of the Workshop on New Security Paradigms. ACM, 89--97","author":"Wurster Glenn","key":"e_1_2_1_76_1"},{"key":"e_1_2_1_77_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.jss.2014.05.075"},{"key":"e_1_2_1_78_1","doi-asserted-by":"publisher","DOI":"10.1145\/2531602.2531722"},{"key":"e_1_2_1_79_1","doi-asserted-by":"publisher","DOI":"10.1109\/JIOT.2017.2694844"},{"key":"e_1_2_1_80_1","first-page":"217","article-title":"Methods for testing discriminant validity","volume":"9","author":"Zai\u0163 Adriana","year":"2011","journal-title":"Manag. Market. J."},{"key":"e_1_2_1_81_1","unstructured":"Gerald Zaltman Robert Duncan and Jonny Holbek. 1973. Innovations and Organizations. John Wiley 8 Sons.  Gerald Zaltman Robert Duncan and Jonny Holbek. 1973. Innovations and Organizations. John Wiley 8 Sons."},{"key":"e_1_2_1_82_1","doi-asserted-by":"publisher","DOI":"10.2991\/icmcs-18.2018.56"}],"container-title":["ACM Transactions on Privacy and Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3364224","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3364224","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T23:44:26Z","timestamp":1750203866000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3364224"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019,11,3]]},"references-count":81,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2019,11,30]]}},"alternative-id":["10.1145\/3364224"],"URL":"https:\/\/doi.org\/10.1145\/3364224","relation":{},"ISSN":["2471-2566","2471-2574"],"issn-type":[{"type":"print","value":"2471-2566"},{"type":"electronic","value":"2471-2574"}],"subject":[],"published":{"date-parts":[[2019,11,3]]},"assertion":[{"value":"2019-03-01","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2019-09-01","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2019-11-03","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}