Towards a privacy debt

This study argues the difference between security and privacy and outlines the concept of Privacy Debt as a new Technical Debt. Privacy is gaining momentum in any software system due to mandatory compliance with respect to laws and regulations. There are several types of technical debts within the u...

ver descrição completa

Detalhes bibliográficos
Autores: Larrucea, Xabier, Santamaría, Izaskun, Graña Romay, Manuel
Formato: artículo
Fecha de publicación:2021
País:España
Recursos:TECNALIA Research & Innovation
Repositorio:TECNALIA Publications
Idioma:inglés
OAI Identifier:oai:dsp.tecnalia.com:11556/3408
Acesso em linha:https://hdl.handle.net/11556/3408
Access Level:acceso abierto
Palavra-chave:data privacy
privacy
Privacy Debt
security
security of data
software engineering
Technical Debt
Computer Graphics and Computer-Aided Design
Descrição
Resumo:This study argues the difference between security and privacy and outlines the concept of Privacy Debt as a new Technical Debt. Privacy is gaining momentum in any software system due to mandatory compliance with respect to laws and regulations. There are several types of technical debts within the umbrella of software engineering, and most of them arise during different phases of software development. Several research studies have been focussed on highlighting different types of technical debts. However, authors introduce Privacy Debt as a particular technical debt focussed on privacy management and linked to a perturbative method. Privacy must be considered not only as technical debt requirements but also at design and deployment phases, among others. In addition, this method is illustrated with a use case.