Abstract
Privacy as a software quality is becoming more important these days and should not be underestimated during the development of software that processes personal data. The privacy goal of intervenability, in contrast to unlinkability (including anonymity and pseudonymity), has so far received little attention in research. Intervenability aims for the empowerment of end-users by keeping their personal data and how it is processed by the software system under their control. Several surveys have pointed out that the lack of intervenability options is a central privacy concern of end-users. In this paper, we systematically assess the privacy goal of intervenability and set up a software requirements taxonomy that relates the identified intervenability requirements with a taxonomy of transparency requirements. Furthermore, we provide a tool-supported method to identify intervenability requirements from the functional requirements of a software system. This tool-supported method provides the means to elicit and validate intervenability requirements in a computer-aided way. Our combined taxonomy of intervenability and transparency requirements gives a detailed view on the privacy goal of intervenability and its relation to transparency. We validated the completeness of our taxonomy by comparing it to the relevant literature that we derived based on a systematic literature review. The proposed method for the identification of intervenability requirements shall support requirements engineers to elicit and document intervenability requirements in compliance with the EU General Data Protection Regulation.
Highlights
A central concern of end-users with regard to privacy is that they have almost no control over their personal data once these are put into an information system [1,2,3,4]
In [6], we introduced a requirements taxonomy that refines intervenability into subrequirements enriched with attributes and associated to transparency requirements that we identified in [7] as a first step to assist requirements engineers to deal with the Information 2017, 8, 30; doi:10.3390/info8010030
We extend the problem-based privacy analysis (ProPAn) method for the computer-aided identification and validation of privacy requirements [8] with the intervenability requirements identified in this paper
Summary
A central concern of end-users with regard to privacy is that they have almost no control over their personal data once these are put into an information system [1,2,3,4]. We extend the problem-based privacy analysis (ProPAn) method for the computer-aided identification and validation of privacy requirements [8] with the intervenability requirements identified in this paper. This paper provides a deeper understanding of the privacy goal of intervenability and its relation to transparency and a tool-supported method that supports the process of the identification and validation of intervenability requirements. These two sections are originally introduced in [6].
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
