Privacy Compliance in Software Development: A Guide to Implementing the LGPD Principles Extended Abstract – CTDSI/CTCCSI 2023
Resumo
This study examines the need for compliance with Brazil’s General Data Protection Law (LGPD) as data breaches become more common with the widespread use of digital applications. The study identified obstacles to implementing LGPD principles and proposes a reference guide to assist ICT professionals. Surveying professionals from various software development fields, the study found that participants struggled with at least one LGPD principle, often due to a lack of knowledge about implementation techniques. Therefore, the proposed guide aims to improve developers’ understanding of techniques to ensure compliance with the LGPD.
Referências
Alkubaisy, D., Piras, L., Al-Obeidallah, M. G., Cox, K., and Mouratidis, H. (2021). Confis: A tool for privacy and security analysis and conflict resolution for supporting GDPR compliance through privacy-by-design. In Ali, R., Kaindl, H., and Maciaszek, L. A., editors, Proceedings of the 16th International Conference on Evaluation of Novel Approaches to Software Engineering, ENASE 2021, pages 80–91, Online Streaming. SCITEPRESS.
Brasil (2018). Lei nº 13.709, de 14 de agosto de 2018. Lei Geral de Proteção de Dados Pessoais (LGPD).
Canedo, E. D., Calazans, A. T. S., Masson, E. T. S., Costa, P. H. T., and Lima, F. (2020). Perceptions of ICT Practitioners Regarding Software Privacy. Entropy, 22(4):429.
Cheng, L., Liu, F., and Yao, D. (2017). Enterprise data breach: causes, challenges, prevention, and future directions. Wiley Interdisciplinary Reviews: Data Mining and Knowledge Discovery, 7(5):e1211.
Novakoski, A. L. M. and Naspolini, S. H. D. F. (2020). Responsabilidade civil na LGPD: problemas e soluções. Conpedi Law Review, Florianópolis, 6(1):158–174.
Okano, M. T., Ferreira, L., dos Santos, H. d. C., and Ursini, E. L. (2021). Lgpd o novo desafio para as organizações: Exemplos de frameworks para diagnosticar este novo cenário. South American Development Society Journal, 7(20):380.
Rocha, L. D., Silva, G. R. S., and Canedo, E. D. (2023a). A guide to implementing the lgpd principles. In SAC ’23: The 38th ACM/SIGAPP Symposium on Applied Computing March 27-March 31, 2023, Tallinn, Estonia, pages 1–10. ACM.
Rocha, L. D., Silva, G. R. S., and Canedo, E. D. (2023b). Supplementary Material for Privacy Compliance in Software Development: A Guide to Implementing the LGPD Principles.