Privacy-SATD Miner: Detecting Privacy Technical Debt (Prototype)

As part of my ongoing research into privacy engineering, I am currently developing a prototype pipeline called the Privacy-SATD Miner. Note: This is an active work-in-progress prototype and is not yet finished.

Privacy as Code

Self-Admitted Technical Debt (SATD) occurs when developers leave comments indicating suboptimal implementation or “hacks” in the codebase. My project adapts the latest MSR 2024 SATD methodologies to specifically detect and analyze privacy-related technical debt in open-source repositories.

The goal is to map these identified technical debts directly to GDPR compliance requirements, bridging the gap between raw developer comments and legal regulatory frameworks.

Infrastructure and Workflow

The prototype currently utilizes a modular, ML-ready infrastructure built on Conda and Python. I’ve designed a validation workflow integrated with Label Studio to enforce dual-annotator verification, ensuring the dataset we build is of high academic quality for future machine learning models.

You can check out the ongoing development on my GitHub repository here: Privacy-SATD.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top