Workshop Theme and Goals

The last decades have put Privacy and Security (P&S) in the spotlight of information technology as data breaches and cyberattacks have spiked globally. Still, P&S are often afterthoughts in software development as their benefits are sometimes difficult to demonstrate and their costs hard to justify. However, such technical debt is becoming hard to sustain as new legal frameworks, such as the EU General Data Protection Regulation (GDPR), demand companies to incorporate P&S features (e.g., transparency, anonymity, and informed consent) at the core of their products. Hence, there is an urgent call for tools and methods supporting the elicitation and deployment of P&S requirements in a by-design approach.
P&S are multifaceted and complex research areas spanning across different knowledge domains (e.g., engineering, law, and psychology). Challenges in P&S cannot be solely addressed from a single discipline as they often involve human factors, technological artefacts, and regulatory/legal frameworks. Particularly, the quest for P&S solutions requires in-deep knowledge and actionable information about its users/stakeholders, vulnerabilities/flaws, and potential attackers.
Mining Software Repositories (MSR) techniques can support this quest by providing means to understand the P&S dimensions of information systems, thus help shaping privacy- and security-friendly software. This workshop aims to explore the application of MSR at the different stages of P&S engineering.

Where and When?

The 3rd International Workshop on Mining Software Repositories Applications for Privacy and Security will be held in Montréal, Canada, co-located with SANER 2025.