Bridging the Gap Between GPDR and Software Development: The MATERIALIST Framework

As software production evolves, privacy is becoming an increasingly important consideration. This is especially true as national and supranational regulations, such as GDPR, require privacy as a mandatory aspect of software development. However, challenges such as a lack of knowledge about privacy and data protection regulations hinder the adoption of effective and compliant privacy implementation mechanisms. To address this issue, this article presents MATERIALIST, a methodological and technological framework that supports stakeholders involved in a software development lifecycle in including GDPR in their activities. Specifically, it provides design patterns that can be selected starting from GDPR articles, code vulnerabilities, and software lifecycle phases. The framework aims to facilitate the adoption of appropriate privacy implementation mechanisms in the software development lifecycle, thereby improving software quality.