The study examines the impact of data protection guidelines such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) on the software development process of open source projects. To this end, 652 GitHub tickets related to data protection were analyzed and coded in terms of the roles of the discussants, the resolution of the ticket, and the dominant data protection topic.
Quantitative analysis of the coded data revealed that discussions in tickets related to data protection cover a wide range of topics and that the frequency with which such tickets are created has especially increased since the introduction of GDPR. The most common topic relates to improving data protection and is most frequently raised by active open source contributors. At the same time, it is also the most frequently reported data protection issue among first-time contributors.
The study was conducted in cooperation with researchers from the Karlsruhe Institute of Technology, the IT University of Copenhagen, and the University of Southern Denmark. The link below provides access to the pre-print of the paper.