[−][src]Module pbd::dua

Background

The practice of implementing Data Usage Agreements addresses the following Privacy Design Strategies:

Inform
Control
Enforce
Demonstrate

Whenever data is passed between Actors (e.g.: data collection between an online portal and the backend service to order the product), it is important to ensure that the owners' consent for how the data wil be used doesn't become lost in translation.

A privacy engineering practice that supports this promise to adhere how the data may be used is defined in the Data Usage Agreements that are sent with the data.

Usage

The requestor adds a HTTP header Data-Usage-Agreement with the json array of the DUA objects

JSON Structure

[ { "agreement_name": String, "location": String, "agreed_dtm": Unix Epoch Number } ]

HTTP Header

Data-Usage-Agreement: [{"agreement_name":"billing","location":"www.dua.org/billing.pdf","agreed_dtm": 1553988607}]

One way is to incorporate the use of DUA objects is directly in the code.

extern crate pbd;

use pbd::dua::DUA;

fn main() {
    let serialized = r#"{ "agreement_name": "For Billing Purpose", "location": "www.dua.org/billing.pdf", "agreed_dtm": 1553988607 }"#;
    let dua = DUA::from_serialized(&serialized);
 
    match dua.agreement_name.as_ref() {
        "For Billing Purpose" => println!("We can use the data for sending a bill."),
         _ => println!("Oops: We can't use the data this way!")
     }
     
    // Addtionally, check which version of the agreement aligns with the agreed_dtm (if the agreement is under version control).
}

Modules

error	Data Usage Agreement specific Errors
extractor	An Extractor that parses the HTTP header and pulls out a list of DUAs
middleware	Middleware for ensuring Data Usage Agreements are present and valid

Structs

DUA	Represents a Data Usage Agreement (DUA)

Statics

DUA_HEADER

The standard header attribute for list (array) of the Data Usage Agreements