[−][src]Module pbd::dua
Background
The practice of implementing Data Usage Agreements addresses the following Privacy Design Strategies:
- Inform
- Control
- Enforce
- Deomnstrate
Whenever data is passed between Actors (e.g.: data collection between an online portal and the backend service to order the product), it is important to ensure that the owners' consent for how the data wil be used doesn't become lost in translation.
A privacy engineering practice that supports this promise to adhere how the data may be used is defined in the Data Usage Agreements that are sent with the data.
Usage
-
The requestor adds a HTTP header
Data-Usage-Agreement
with the json array of the DUA objectsJSON Structure [ { "agreement_name": String, "location": String, "agreed_dtm": Unix Epoch Number } ]
HTTP Header Data-Usage-Agreement: [{"agreement_name":"billing","location":"www.dua.org/billing.pdf","agreed_dtm": 1553988607}]
One way is to incorporate the use of DUA objects is directly in the code.
extern crate pbd; use pbd::dua::DUA; fn main() { let serialized = r#"{ "agreement_name": "For Billing Purpose", "location": "www.dua.org/billing.pdf", "agreed_dtm": 1553988607 }"#; let dua = DUA::from_serialized(&serialized); match dua.agreement_name.as_ref() { "For Billing Purpose" => println!("We can use the data for sending a bill."), _ => println!("Oops: We can't use the data this way!") } // Addtionally, check which version of the agreement aligns with the agreed_dtm (if the agreement is under version control). }
Modules
error | |
extractor | |
middleware | To run the Middleware Example, run |
Structs
DUA | Represents a Data Usage Agreement (DUA) |
Statics
DUA_HEADER | The standard header attribute for list (array) of the Data Usage Agreements |