Get to Know Your Geek: Towards a Sociological Understanding of Incentives Developing Privacy-Friendly Free and Open Source Software

Karadeniz, Oğuz Özgür; Schiffner, Stefan

doi:10.1007/978-3-030-42504-3_12

Oğuz Özgür Karadeniz²⁰ &
Stefan Schiffner²¹

Part of the book series: IFIP Advances in Information and Communication Technology ((Tutorials,volume 576))

Included in the following conference series:

IFIP International Summer School on Privacy and Identity Management

2268 Accesses

Abstract

In this paper we sketch a road map towards a sociological understanding of software developers’ motivations to implement privacy features. Although there are a number of studies concerning incentives for developers, these accounts make little contribution to a comprehensive sociological understanding, as they are either based on a simplistic view of FOSS development in terms of altruism vs. utilitarianism, or are focused on individual psychological factors, leaving room for research that takes into account the complex social context of FOSS development. To address this gap, we propose a mixed methods approach, incorporating the strengths of qualitative and quantitative techniques for a comprehensive understanding of FOSS development as a social field. We then sketch how we envision developing a game theoretic approach based on the gathered data to analyze the situation in the field with respect to privacy features and propose relevant changes in policy and best practices.

You have full access to this open access chapter, Download chapter PDF

Power and Privacy in Software Ecosystems: A Study on Data Breach Impact on Tech Giants

I’m all ears! Listening to software developers on putting GDPR principles into software development practice

Article 01 May 2021

The who, what, how of software engineering research: a socio-technical framework

Article 28 August 2020

1 Introduction

Motivation. The GDPR [1], and the European Commission’s Ethics Guidelines for Trustworthy AI [3] indicate the importance of data privacy in contemporary society. With GDPR, developers are now legally obliged to implement Privacy by Design (PbD), or in the lingua of the legal text, data protection by design, in their development process. However, privacy breaches continue to occur, despite policy initiatives and guidelines that legally incentivize or nudge developers towards privacy-friendly features. In fact, as pointed out by ENISA’s threat landscape [17], threats continue to rise as the landscape becomes more and more complex.

Moreover, as pointed in the Ethics Guidelines for Trustworthy AI [3], legal compliance, e.g. with the GDPR, does not guarantee that a system meets any ethical standards. In order to meet privacy standards, software developers need to move beyond checklist compliance towards a continuous critical approach concerning the product/service and its social impact. Hence software developers need to continually prioritize and reassess the implementation of secure features, rather than a superficial compliance to law.

In this paper, we seek to pave the way for a better sociological understanding of software developers’ motivations when taking implementation decisions for privacy-friendly and secure software. In order to reduce direct monetary and other external motives, we focus on free and open source software development (FOSS). In the first part of the paper, we present a literature review indicating the lack and importance of a sociological understanding of this issue. Following this, we offer a methodological approach based on mixed methods, which is not only appropriate for gaining a better understanding of FOSS developers’ motives, but also for bringing about positive social transformation.

Background. FOSS development represents an immense contribution to technology and, through this, to society. Open source software has often contributed to more secure and privacy-friendly software either as its main goal, such as the development of PGP^{Footnote 1} for email encryption and Tor^{Footnote 2} for anonymity protection, or by setting high standards, such as the Linux kernel^{Footnote 3}, and the Firefox web browser^{Footnote 4}. Some open source software has been developed and maintained for decades, and has thus become a practical alternative for commercial products. At other times the contribution has been more indirect, as in cases where the success of certain superior aspects of open source products led to improvements in the same direction in closed source competitors, such as end-to-end encryption for messenger apps.

Many open source licensing models allow commercial applications to make use of them. This is arguably a double-edged sword, since it adds a potential layer of vulnerability to every service that uses them. As code is open to the public in FOSS projects, it is easier to find vulnerabilities, but due to their dependence on voluntary contributions, maintenance is often more difficult, potentially exposing applications and services that use them. On the other hand, FOSS developers also have the potential to facilitate the development of privacy-friendly and secure software, such as programs to identify vulnerabilities and assess risks [20], or by setting high standards as mentioned above. Finally, open source software usually comes with ‘no warranty’ despite popular belief in their superiority in this respect, which can be erroneous at times [8, 15]. This puts FOSS in a very critical role in terms of privacy and security, since, although it represents a very important contribution and potential improvement, its perceived security can be misleading given the reluctance among developers [5, 32] to implement PbD.

Our Contribution. In this paper, we argue that in order to bring about social transformation with regards to the production of privacy-friendly and secure software and services, a more formal model of the motivations of FOSS developers is necessary. We detail the steps towards a model that allows for a better sociological understanding of the issue, which can be used to render advice for policy changes. Firstly, we point to the areas where legal incentives fell short of preventing breaches or the development of needlessly privacy invasive services. Secondly, we present the literature on developer motivations to highlight the need for a sociological understanding of the motivations of FOSS developers. We will then offer our own methodological approach for a sociological inquiry into this problem based on mixed methods, combining the strengths of different quantitative and qualitative techniques for a more comprehensive view of the cultural context being investigated [16]. Following this, we describe how game theory can be used to construct a model that draws from the findings of a sociological research into this field. Finally, we offer a thought experiment that illustrates our approach.

2 Related Work

FOSS Development and Developer Motivation. In his seminal work “The Cathedral and the Bazaar” [28], Raymond compares the FOSS development scene to a crowded bazaar where individuals with multiple underlying agendas interact. According to him, the gift culture that characterizes the motivations of FOSS developers is ultimately self-interested rather than altruistic. Despite competition and the self-interest of the participants, FOSS development culture results in a harmonious system and better and more secure software than commercial development [23, 28]. Raymond’s work can be considered as a step towards an understanding of FOSS as a social field with its own relatively autonomous dynamics, as it identifies motivations and goals in FOSS development other than altruism, such as recognition and gaining rank within the community. However, as Lin argues, Raymond’s account is a long way from capturing the diversity of the field that it acknowledges or addressing how individual efforts can work harmoniously to develop sophisticated software within this complexity [23].

Raymond’s work had a tremendous influence on academic and popular discourses on FOSS. The work led to the popular belief that open source is in many ways superior to commercial, epitomized by the phrase “Given enough eyeballs, all bugs are shallow”, commonly attributed to Linus Torvalds [8]. Coining the term “vulgar Raymondism”, Bzrukov severely criticizes this idealization for ignoring many problematic aspects of FOSS development ranging from developer burnout, hyper-inflated egos among developers and disagreements within the community [7, 8].

With the influence of Raymond’s work, many researchers in the field tried to situate motivations and incentives in the field in terms of self-interest and altruism. For example, Lerner and Tirole [21, 22] formulate motivations underlying contribution to open source in terms of career advancement and reputation. According to them, contribution to open source is connected with an expectation of delayed return in career and economic terms due to gain in reputation and an associated ego boost. Bonaccorsi and Cristina also mention a combination of altruistic or self-interested motives, but they also find that these motivations differ between firms and individuals. According to their survey, individual programmers have a tendency to have social and altruistic motives, such as contribution to the movement and belief in non-proprietary code [9]. Others such as Hars and Ou, and Roberts et al. differentiate between intrinsic and extrinsic motivations, as they associate intrinsic motivations with societal contribution and extrinsic motivations with economic and reputational gains [4, 6, 29].

While the research Raymond’s work inspired sought to shed more light on motivations to participate in open source, research focusing on motivations in implementations of PbD features is more sparse. More recent work by Spiekermann [32] and Bednar et al. [5] further indicate the need for research and intervention in the field by documenting the reluctance to implement PbD. Using both qualitative and quantitative data, their findings indicate organizational and individual components to the low motivation for ethical system development and implementing privacy features [5, 32].

FOSS and Non-monetary Incentives. Lin points out that the reductionist instrumentalist approach to developer motivations is inadequate, since FOSS development is not characterized by a universal activity: the actors in FOSS development assume different identities (e.g. leader, follower, developer, user, hacker) and competitive and cooperative strategies that change between different social circles [23]. Moreover, as Gabriella Coleman notes, individual motivations and ethical commitments do not remain constant, but change over the course of projects, adding another level of complexity to the mosaic of ethical and motivational parameters [15]. In addition, there are other actants in the field such as corporations, NGOs, legal administrative bodies and platforms such as GitHub^{Footnote 5} and SourceForge^{Footnote 6} which further complicate matters.

Following from these criticisms, it can be argued that an account of developer motivations needs to move beyond the assumption that monetary and legal incentives will work universally as sources of motivation, and take into account the diverse social contexts of FOSS developers and sources of motivation specific to them. In this regard, following Bourdieu [14], recognizing the non-monetary forms of capital in the field of FOSS development can be valuable in understanding motivations. For example, recognition and reputation, which are forms of symbolic capital, have been referred as an alternative to monetary capital by Roberts and other researchers following him [4, 6, 29]. This type of symbolic capital is not necessarily antagonistic to commercial interests in FOSS development^{Footnote 7}, since the reputation and experience gained in open source projects are reasonably aligned with developers’ career progression goals. However, this brings the pitfall of adopting an overly reductionist approach which assumes that every decision in the field can be explained in terms of career goals and ignoring the rest of the cultural aspects of FOSS. As, e.g., Gabriella Coleman argues in Coding Freedom [15], participation in FOSS development and hacking has important ethical and political aspects. Similarly, Linus Torvalds’s autobiography ‘Just for Fun’ [33] can be seen as a narrative on how ‘fun’ can be considered a source of motivation in FOSS. Bednar et al. [5] find that developers describe implementation of privacy features using terms such as ‘inconvenient’, ‘not pleasing’, ‘challenging’, ‘nightmare’, or ‘interesting’, ‘exciting’ and ‘satisfying’ respectively. As these findings show, the forms of capital and sources of motivation in software development involve diverse elements, including symbolic capital (reputation, recognition), politics, ethics, excitement, convenience and fun.

3 Research Agenda

As stated in the previous sections, the field of FOSS development has many types of non-monetary rewards, incentives, values and goals related to developers’ motivation. Due to this diversity and dependence on social context, an inquiry into motivations in this field needs to address these diverse and field-specific parameters. The research we propose hopes to bring about a social change towards the adoption of PbD principles in open source developer communities, based on a theoretical framework combining game theory and field theory. Our work examines FOSS development as a relatively autonomous field, with its specific rules, goals, values, and forms of capital, in order to understand the motivations of FOSS developers in implementing software features, and to effectively model objective functions based on them to bring about change towards a more favorable equilibrium.

3.1 Model Assumptions

Game theory assumes an individual that develops rational strategies consisting of actions oriented towards a goal [30]. In sociology, the notion of rational individual is used not as an accurate and realistic representation, but as a simplification that allows for accounting for complex mechanisms [2]. Despite this acknowledgment, this assumption is criticized for being too narrow, and rarely coinciding with social reality, ultimately defeating its purpose [2].

Goldthorpe [19] (as cited in Glaesser [18]), who favors rational action theory over the concept of habitus for large-scale data, acknowledges that actors do not act purely on rational terms in individual cases. He puts forth a notion of subjective rationality based on the idea that

[...] actors may hold beliefs, and in turn pursue courses of action, for which they have ‘good reasons’ in the circumstances in which they find themselves, even though they may fall short of the standard of rationality that utility theory would presuppose. [18]

This view contextualizes actors’ courses of action in terms of their social circumstances, which also includes the information available to them. As actors do not necessarily have the resources or disposition to access the ‘best information imaginable’, they usually act on the available information [18]. They may be aware or unaware of their lack of information or the costs of accessing additional information and thus act on incomplete information [18].

The assumption of rational choice is similarly criticized within game theory since rational action is sometimes dependent on extra-game circumstances including ‘history of past interactions, existing customs and practices, or contingently salient features of the particular instantiation of the game’ [30]. This echoes the criticisms from sociology, as it implies that a simplified and universalized model of an individual acting optimally on the best information ignores the diversity of individual and social contexts.

The complex social circumstances of FOSS development culture warrants taking these views into account. On one hand, the field of FOSS development is diverse, with various developer agents and other actants having a large spectrum of backgrounds and motivations. Secondly, as previous research on the issue attests, goals, norms and practices in the field are varied and contextual [23]. To factor this complexity, brought about by the diversity of individual cognitive structures and social contexts in FOSS development, we make an assumption based on Pierre Bourdieu’s concepts of field and habitus [10, 11]. Our assumption is that actors in the field are limited in their capacity of making rational and optimal choices by their habitus and specific rules and goals of the subfield.

Habitus. Bourdieu defines habitus as “systems of durable, transposable dispositions, [...] principles which generate and organize practices and representations” [11]. Habitus is a system of cognitive and motivating structures associated with past individual and class experience. Although Habitus can result in mastery in actions towards goals without conscious motivation, it also includes strategic thinking involving “an estimation of chances presupposing transformation of the past effect into an expected objective” in the light of present “objective potentialities” [11].

As Bourdieu’s concept of habitus does not exclude rational choice but contextualizes it within past experience and present conditions, it has the potential to make up for the shortcomings of a purely rational model of individual in studying goal-oriented choices and motivation. One example is a study on education choices in Germany and England by Glasser and Cooper, who find that young individuals make their educational choices rationally and oriented towards goals, yet these choices are also informed by their class and the culture of their educational institute, confirming habitus as a factor that affects the decision space and actions available to individuals [18].

To summarize, despite the tendency to represent habitus and rational choice as polar opposites or mutually exclusive concepts, habitus is inclusive of rational choice, although based on limited information or class/individual experience. Consequently, we take both habitus and rational choice as important components of the cultures that we chose to study, informing and conditioning each other.

Specific Rules and Goals of the Subfield. According to Bourdieu, the social world is composed of semi-autonomous systems called fields, which are not completely independent but rather have their own laws and forms of capital [10]. It follows that a field, such as literature, can have its own, non-monetary forms of capital such as recognition, prestige and autonomy [13]. Fields have their own specific logic by which individuals can take positions within them or forms of capital such as monetary capital that can be converted into other forms and vice-versa [10, 13].

The goals, forms of capital, the logic of their accumulation and conversion, and the rules of a field do not necessarily coincide with other fields and society as a whole. This difference affects the capacity of the agents to take rational actions in it, as well as complicating our means of interpreting these actions in purely rational psychological terms. Therefore, our second assumption is that the specific conditions, rules and goals of the field leading to courses of action do not necessarily coincide with rational choice.

Thus, our ability to analyze developer motivations in FOSS development as actions oriented towards goals, and formulate them as objective functions require taking into account the specific cognitive structures of these agents and the rules specific to the field. This context-specific information cannot be derived from macro-sociological accounts or overly-general assumptions about individual cognition. Our research addresses this issue by integrating a qualitative field study aimed towards understanding the habituses of the developers in this field, and the rules specific to the field. This insight into the contextualized motivations enable us to use field-specific variables in our objective functions, rather than generalized notions of utilitarian or altruistic choices.

3.2 Data Collection

The research we propose uses mixed methods, i.e., combining qualitative and quantitative techniques. Due to their suitability for research projects that aspire to practical application and social transformation, mixed methods have been associated in social sciences with pragmatism [16, 27, 31]. The qualitative phase of the research is an exploration of FOSS development communities as a social field. A field consists of a structured set of positions; these positions differ from spatial positions in that they include alignments based on interpersonal relations and common goals [12, 24]. This first phase is intended to gather insight into the values, goals and forms of capital specific to the field of FOSS development, as well as the agents that take positions within it. This will be achieved through a combination of in-depth and focus-group interviews and participant observation in developer meet-up events such as conferences. While interviews will be useful in understanding individual and group motivations and shared goals, observations in developer conferences will supplement this knowledge to shed more light no interactions. The results of the first phase will facilitate selection of relevant parameters to be measured and thus will shape the quantitative inquiries that follow.

The second part of the research consists of developing questionnaires guided by feature vectors built according to the findings of the previous stage. At this stage, the individual data collected from developers will be used to examine the field using local network regression [25, 26], and to visualize it with dimensionality reduction techniques. After mapping the field as clusters based on individual features, we will be able to determine different subfields with their respective motivating goals, capital forms and habituses. This would enable us to distill objective functions to model a two-player game (developers and users) in order to change the equilibria of the subfields to a state favorable to PbD. Our aim at this stage is to be able to address the diversity of the subfields, avoiding the pitfalls of previous research and legal incentives, while keeping the model as simple and elegant as possible. After the dissemination of tools based on our game model, the final quantitative stage of the research is an assessment of the impact of our intervention, and proposal of strategies that encourage PbD based on our findings.

Sample. Our proposed study focuses on European FOSS mobile game developers. Mobile software is significant for the issue of privacy and security as it is a platform that is very susceptible to exploitation. As mobile games are easily installed, and are used almost ubiquitously by people of all ages and backgrounds, they represent an important risk with respect to privacy and security. For our field study, we strive for maximum variation in our sample of FOSS developers in terms of age, career stage, educational background and project size. This variation will facilitate exploration of a wide variety of subfields that include developers from diverse social backgrounds.

3.3 Engineer the Game: Mechanism Design

The modeling of the FOSS field is intended to describe and understand the current situation. A mere understanding, as detailed as it might be, does not bring about change. However, the aim of our research is to produce actionable advice for policy makers. To do this, we use an approach based on mechanism design. Here we will introduce the basic notions of mechanism design and present a thought experiment how to analyse the resulting games.

Mechanism design originated in economic theory or, more precisely, in game theory. It takes an engineering approach to design mechanisms, i.e. incentives, toward desired objectives. By informing this approach with the qualitative and quantitative results of our field research, as sketched in Fig. 1, we acknowledge the general critique of game theory, i.e. unrealistic assumptions about the rationality of agents and over-simplification [2].

Games: Objective Functions and Equilibria – Two Examples. For our thought experiment, let’s assume that we find in the analyses of our initial interviews and observations that our participants have different occupational statuses and organizational roles (e.g. junior, senior, student), and have different roles in the decision-making processes of their FOSS projects. They also have various motives for participating in FOSS (e.g. to build reputation for themselves or their organization, to have a project to show in job applications, to gain skills and knowledge, to contribute to society). They formulate the impact of their project in terms of their individual careers, contribution to the FOSS world, and society in general. Finally, let us say that we find that all of our participants think PbD features are important, but all are reluctant to implement them for differing reasons: Some state that PbD features take too much time and hinder the project, some think their skills are not sufficient for their implementation and are concerned that it will harm their reputation if they fail, and some do not want the ethical responsibility of implementing them correctly in case they fail.

Looking at these preliminary results, we develop our questionnaires. Our data can be roughly organized under habitus and forms of capital (education and skills, career, role in project or organization, reputation, money), values and goals (e.g. reputation, skills, contribution), strategies and positions (e.g. organizational and project hierarchy, career plans), and motivational factors (e.g. importance placed on PbD, time and resources or lack thereof, fear of losing reputation, wishing to contribute to society vs. fear of doing damage by developing insecure software). With the collected data and using local network regression [26] we will be able to cluster individuals and observe subfields formed on the basis of these features. This will help us develop a game model addressing the diversity of these clusters while remaining simple and elegant. Based on this model, we can develop tools to shift the equilibrium towards a more sensible state, followed by our assessment of impact.

Table 1. Payoff matrix of our example game: the privacy battle.

Full size table

To illustrate the type of conclusions we envision from this process, we briefly sketch a game that reflects a very rough view on the situation that we set out in our introduction, then discuss the expected equilibria. The most basic game has two players, both of which can play two strategies: producer p, which can opt to provide a privacy-friendly product or a product without privacy protection but with equal functionality otherwise. Moreover, the consumer c might chose to buy a privacy-aware or non-privacy-aware product. In Table 1, we illustrate this game. It describes the following situations:

The producer implements a privacy-enhanced service (\(p=pet\)). In doing so, the service becomes more expensive, which might have a negative impact on the profit margin.
If the consumer requires privacy (\(c=pet\)), the producer will reach some satisfaction, but at higher implementation costs, while the consumer will be fully satisfied. Hence the consumer payoffs are relatively higher.
If the consumer is willing to give up privacy (\(c=\overline{pet}\)) for a lower priced product, both consumer and producer might be unsatisfied, because the consumer might not be willing to pay the higher price of the privacy-enhanced product.
The producer implements a service without privacy (\(p=\overline{pet}\) ). By doing this, the service becomes less expensive, which might have a positive impact on the profit margin.
If the consumer requires privacy (\(c=pet\)), both consumer and producer might be unsatisfied, because the consumer might not be willing to give up privacy.
If the consumer is willing to give up privacy (\(c=\overline{pet}\)) for a lower-priced product, the producer will be fully satisfied but the consumer will need to surrender some of their revenue in the form of privacy.

From today’s market observation, we expect a payoff matrix similar to that described above. That is, if both players opt for the more privacy-aware option c, will get their highest payoff and p some payoff lower than that. If, on the other hand, both opt for a less privacy-friendly option, p will get their highest payoff and c some lower payoff. In the remaining cases, no player will get any payoff since either the consumer is not willing to pay the higher price or is not willing to give up their privacy. Further research is needed to determine more precise figures. Note in the fundamental game theory literature, games of this form are often introduced as “battle of the sexes games”.

From everyday observation, which indicates a lack of privacy-friendly services, we venture to construct the following hypothetical analysis of the game: we know that “battle of the sexes” type of games have three Nash equilibria namely two pure, where both players opt for the same privacy preference, and one mixed. While the pure strategies are utility optimal, i.e. both ensure that the sum of all revenues is maximized, both are unfair: one party will always receive the higher revenue. On the other hand, the mixed strategy is highly inefficient. From the above, we conclude that consumers settle for a lower overall revenue due to the lack of better options.

While this simple game may broadly approximate the current situation, we do not assume that such a simple game will be sufficient to describe the current motives of FOSS developers. Hence we need to collect data to come up with a somewhat more complex game.

4 Conclusion

In this paper, we have attempted to provide a road map for research on FOSS developer motivations, with the aim of bringing about social change towards privacy-friendly features, while taking into account and learning from the shortcomings of previous research. We argued that the problems in previous research on this topic stem from the fact that it is mostly based on assumptions about developers that do not reflect the specific conditions of the FOSS development scene. More specifically, the research we see in the literature typically assumes that the developers are hedonistic rational individuals that make self-interested choices, or assumes that they take part in FOSS development due to altruistic motives. Neither of these models successfully explains the reluctance to implement privacy features or the failure of legal incentives obliging the implementation of PbD. More recent research, such as Spiekermann [32] and Bednar et al. [5], go beyond such limited explanations and point to organizational and individual reasons underlying this reluctance, indicating the necessity for research that takes into account the specific individual and social contexts surrounding developer motivations.

To address this, we have proposed an approach combining field theory and game theory into a mixed methods research endeavour with the aim of gaining deeper insight into FOSS communities and of suggesting relevant policy changes. From field theory, we take the concept of field and habitus in order to replace the general/universal models of individual with a historically and socially contextualized understanding of FOSS developers. This approach enables us to explore the field of FOSS development and the developer motivations with respect to field specific rules, goals, forms of capital and the collective past experience of the individuals therein. The findings will be used to develop games based on social context rather than dehistoricized assumptions about developers. The insights from the field study and game model will then be used to develop guidelines, tools and policy suggestions aimed at social change towards privacy-friendly software.

Notes

1.
https://www.openpgp.org.
2.
https://www.torproject.org.
3.
https://www.kernel.org.
4.
https://www.mozilla.org/.
5.
https://github.com.
6.
https://sourceforge.net.
7.
Unlike, for example, avant-garde art. See Bourdieu [13].

References

Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing directive 95/46/EC (General Data Protection Regulation). Official J. L 119/1. http://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32016R0679&from=DE
Adams, J.: The unknown James Coleman. Contemp. Sociol.: A J. Rev. 39(3), 253–258 (2010). https://doi.org/10.1177/0094306110367907
Article Google Scholar
High-Level Expert Group on Artificial Intelligence: Ethics Guidelines for Trustworthy AI (2019). https://ec.europa.eu/digital-single-market/en/news/ethics-guidelines-trustworthy-ai
Hars, A., Ou, S.: Working for free? Motivations for participating in open-source projects. Int. J. Electron. Commerce 6(3), 25–39 (2002). https://doi.org/10.1080/10864415.2002.11044241
Article Google Scholar
Bednar, K., Spiekermann, S., Langheinrich, M.: Engineering privacy by design: are engineers ready to live up to the challenge? Inf. Soc. 35(3), 122–142 (2019). https://doi.org/10.1080/01972243.2019.1583296
Article Google Scholar
Benbya, H., Belbaly, N.: Understanding developers’ motives in open source projects: a multi-theoretical framework. Commun. Assoc. Inf. Syst. 27 (2010). https://doi.org/10.17705/1CAIS.02730
Bezroukov, N.: Open source software development as a special type of academic research: critique of vulgar Raymondism. First Monday 4(10) (1999). https://doi.org/10.5210/fm.v4i10.696
Bezroukov, N.: A second look at the cathedral and the bazaar. First Monday 4(12) (1999). https://doi.org/10.5210/fm.v4i12.708
Bonaccorsi, A., Rossi, C.: Altruistic individuals, selfish firms? The structure of motivation in open source software. First Monday 9(1) (2004). https://doi.org/10.5210/fm.v9i1.1113
Bourdieu, P.: Distinction: A Social Critique of the Judgement of Taste. Harvard University Press, Cambridge (1984)
Google Scholar
Bourdieu, P.: The Logic of Practice. Stanford University Press, Stanford (1990)
Google Scholar
Bourdieu, P.: Sociology in Question. Sage Publications, Thousand Oaks (1993)
Google Scholar
Bourdieu, P.: The Rules of Art: Genesis and Structure of the Literary Field. Stanford University Press, Stanford (1996)
Google Scholar
Bourdieu, P.: The forms of capital. In: Readings in Economic Sociology, pp. 280–291. Blackwell (2002). https://doi.org/10.1002/9780470755679.ch15
Coleman, E.G.: Coding Freedom: The Ethics and Aesthetics of Hacking. Princeton University Press, Princeton (2012)
Book Google Scholar
Creswell, J.W., Creswell, J.D.: Research Design: Qualitative, Quantitative, and Mixed Methods Approaches. Sage Publications, Thousand Oaks (2017)
MATH Google Scholar
ENISA: ENISA threat landscape report 2018—15 top cyberthreats and trends (2018)
Google Scholar
Glaesser, J., Cooper, B.: Using rational action theory and Bourdieu’s habitus theory together to account for educational decision-making in England and Germany. Sociology 48(3), 463–481 (2013). https://doi.org/10.1177/0038038513490352
Article Google Scholar
Goldthorpe, J.H.: Rational action theory for sociology. Br. J. Sociol. 49(2), 167 (1998). https://doi.org/10.2307/591308
Article Google Scholar
Kilani, J.: Will the GDPR affect open source projects? (2020). https://www.termsfeed.com/blog/gdpr-open-source/
Lerner, J., Tirole, J.: The open source movement: key research questions. Eur. Econ. Rev. 45(4–6), 819–826 (2001). https://doi.org/10.1016/S0014-2921(01)00124-6
Article Google Scholar
Lerner, J., Tirole, J.: Some simple economics of open source. J. Ind. Econ. 50(2), 197–234 (2002). https://doi.org/10.1111/1467-6451.00174
Article Google Scholar
Lin, Y.: The future of sociology of FLOSS. First Monday (Special Issue 2) (2005). https://doi.org/10.5210/fm.v0i0.1467
Martin, J.L.: The Explanation of Social Action. Oxford University Press (2011). https://doi.org/10.1093/acprof:oso/9780199773312.001.0001
Martin, J.L., Slez, A., Borkenhagen, C.: Some provisional techniques for quantifying the degree of field effect in social data. Socius: Sociol. Res. Dyn. World 2, 1–18 (2016). https://doi.org/10.1177/2378023116635653. 237802311663565
Article Google Scholar
McMahan, P., Slez, A., Martin, J.L.: Local network regressions. Socius: Sociol. Res. Dyn. World 5, 1–7 (2019). https://doi.org/10.1177/2378023119845758. 237802311984575
Article Google Scholar
Morgan, D.L.: Paradigms lost and pragmatism regained: methodological implications of combining qualitative and quantitative methods. J. Mixed Methods Res. 1(1), 48–76 (2007). https://doi.org/10.1177/2345678906292462
Article Google Scholar
Raymond, E.: The cathedral and the bazaar. Knowl. Technol. Policy 12(3), 23–49 (1999). https://doi.org/10.1007/s12130-999-1026-0
Article Google Scholar
Roberts, J.A., Hann, I.H., Slaughter, S.A.: Understanding the motivations, participation, and performance of open source software developers: a longitudinal study of the Apache projects. Manag. Sci. 52(7), 984–999 (2006). https://doi.org/10.1287/mnsc.1060.0554
Article Google Scholar
Sensat, J.: Game theory and rational decision. Erkenntnis (1975-) 47(3), 379–410 (1997). http://www.jstor.org/stable/20012813
Shannon-Baker, P.: Making paradigms meaningful in mixed methods research. J. Mixed Methods Res. 10(4), 319–334 (2015). https://doi.org/10.1177/1558689815575861
Article Google Scholar
Spiekermann, S., Korunovska, J., Langheinrich, M.: Inside the organization: why privacy and security engineering is a challenge for engineers. Proc. IEEE 107(3), 600–615 (2019). https://doi.org/10.1109/jproc.2018.2866769
Article Google Scholar
Torvalds, L., Diamond, D.: Just for Fun: The Story of an Accidental Revolutionary. HarperCollins, New York (2001)
Google Scholar

Download references

Author information

Authors and Affiliations

KU Leuven, Leuven, Belgium
Oğuz Özgür Karadeniz
Université du Luxembourg, Esch sur Alzette, Luxembourg
Stefan Schiffner

Authors

Oğuz Özgür Karadeniz
View author publications
You can also search for this author in PubMed Google Scholar
Stefan Schiffner
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Stefan Schiffner .

Editor information

Editors and Affiliations

Fraunhofer ISI, Karlsruhe, Germany
Michael Friedewald
EURECOM, Biot, France
Melek Önen
Ghent University, Ghent, Belgium
Eva Lievens
Austrian Institute of Technology, Vienna, Austria
Stephan Krenn
Fachhochschule Nordwestschweiz, Windisch, Switzerland
Samuel Fricker

Rights and permissions

Reprints and permissions

Copyright information

About this chapter

Cite this chapter

Karadeniz, O.Ö., Schiffner, S. (2020). Get to Know Your Geek: Towards a Sociological Understanding of Incentives Developing Privacy-Friendly Free and Open Source Software. In: Friedewald, M., Önen, M., Lievens, E., Krenn, S., Fricker, S. (eds) Privacy and Identity Management. Data for Better Living: AI and Privacy. Privacy and Identity 2019. IFIP Advances in Information and Communication Technology(), vol 576. Springer, Cham. https://doi.org/10.1007/978-3-030-42504-3_12

Download citation

DOI: https://doi.org/10.1007/978-3-030-42504-3_12
Published: 06 March 2020
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-42503-6
Online ISBN: 978-3-030-42504-3
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Societies and partnerships

The International Federation for Information Processing (opens in a new tab)