Tianshi Li

Privacy-Enhancing Development Environment

Data has driven many technological advancements, while the ubiquitous collection and sharing of data have caused a privacy trust crisis in our society. Developers play a critical role in making apps that respect the norms and users' expectations of data use, but this is often a challenging task due to their lack of 1) awareness of privacy issues, 2) knowledge of privacy best practices, and 3) time for handling privacy requirements.

I propose Privacy-Enhancing Developer Support as a new area of interest at the intersection of privacy, HCI, and software engineering research. The first challenge is that although there has been some research on developers' challenges in handling privacy requirements, they tend to be more descriptive than prescriptive. Therefore, our community still lacks a clear direction on how to solve the problems. To fill in this gap, I first synthesize developers' needs for designing privacy-enhancing developer support based on my work and past literature to provide a roadmap for future explorations into this problem.

Informed by the identified needs, I demonstrate my exploration into a specific type of solution: Privacy-Enhancing Development Environment. I propose privacy annotation, a type of structured metadata that embeds privacy information such as data use purposes directly in code. Based on this concept, I designed and implemented plugins for Android Studio, the official Integrated Development Environment (IDE) for Android development, to increase developers' awareness and knowledge of privacy best practices and to reduce the work required for complying with privacy requirements. With one set of annotations, my tools can offer developers various types of privacy support, such as reminding developers of privacy issues while programming and automatically generating privacy user interfaces to enhance data transparency and control for users.