Understanding user privacy expectations: A software developer's perspective

Software developers are trained to develop and design software applications that provide services to users. However, software applications sometimes collect users' data without their knowledge. When applications collect and use users' data without transparency, this leads to user privacy invasions because users do not expect the application to collect and use these information. Therefore, it is important that software developers understand users' privacy expectations when designing applications in order to handle user data transparently in software applications. However, due to the lack of systematic approaches to extract user privacy requirements, developers end up designing applications either based on their assumptions on user privacy expectations, or relating to their own expectations of privacy as a user. Nevertheless, how accurate these perceived privacy expectations are against actual user expectations is not currently known. This research focuses on investigating developers' privacy expectations from a user point of view against users' privacy expectations. We also investigate developers' assumptions on user privacy expectations against actual user privacy expectations. Our findings revealed that developers' assumptions on user privacy expectations are close to their own expectations of privacy from a user point of view and that developers' privacy expectations from a user point of view are significantly different from actual user privacy expectations. With this understanding, we provide recommendations for software developers to understand and acknowledge user expectations on privacy when they design and develop applications.