Julia Netter, Tim Nelson, Skyler Austen, Eva Lau, Colton Rusch, Malte Schwarzkopf, and Kathi Fisler, Brown University
Preparing university students to build privacy-preserving systems requires preparing them to design around societal contexts and stakeholders. While legislation such as GDPR and CCPA provide regulatory frameworks for such design, discussions of privacy and stakeholder values can be fairly abstract for students. From an educational perspective, teaching abstract concepts such as the "right to be forgotten" in the concrete context of technical implementation can help students grapple with what these concepts mean in practice.
This paper proposes a framework for designing technical assignments that ask students to resolve tensions between conflicting stakeholders while implementing a specific technical feature. We describe a privacy-facing assignment for a second-year introductory computer systems course, and explore its efficacy. We find that students make different design choices and implement for different values based on the specific stakeholder conflict with which they work. We also find that the assignment design engages students in thinking about how abstract values affect technical design decisions in the context of privacy.
Open Access Media
USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.
