odrl
odrl copied to clipboard
w3c
W3C Blog Post on ODRL Adoption
Dear Renato, Nicoletta, Victor,
I am happy to offer the ODRL co-chairs to write a W3C Blog post on the topic. It could be done by one of you, or a subset; your call. The team would review the draft.
I welcome anything you could add in the post to give an update on what happened since the https://www.w3.org/TR/?filter-tr-name=odrl 2.2 standards from Feb. 2018. By the same token, it would be great if the blog post also covered “what’s next for ODRL.”
You will find information around blogging at W3C here: https://www.w3.org/news-events/about-w3c-blog/
I suggest you work in a google document (or equivalent) and share with us (and give us edit or comment access) the link for review.
Coralie
Hello Tim, Ian, Ivan, and Coralie,
The World Wide Web Consortium (W3C) Open Data Rights (ODRL) recommendation has recently achieved several notable successes within the global community.
ODRL has been adopted by the JPEG Trust standard as the default policy language, as outlined in [1].
Furthermore, the European Union Intellectual Property Office recommends ODRL for expressing policies for open rights data exchanges, as detailed in [2].
These developments provide valuable insights that could be incorporated into a W3C Press Release.
Cheers…
Renato Iannella Strategic Advisory Consultant, TRIPLES Co-Chair, W3C ODRL Community Group
[1] https://ds.jpeg.org/documents/jpegtrust/wg1n100972-105-REQ-Terms_and_definitions_for_JPEG_Trust_v2_0.pdf [2] https://www.europarl.europa.eu/meetdocs/2024_2029/plmrep/COMMITTEES/JURI/DV/2025/05-12/2025.05.12_item6_Study_GenAIfromacopyrightperspective_EN.pdf
=== However, the image is used in slide 18 of: https://cawg.io/meeting-notes/_attachments/2025-01-21/jpeg-trust-presentation.pdf (from one of the JPEG people I chatted to)
While I’m not sure how relevant this is, ODRL continues to be considered in various Dataspaces initiatives.
For example, the International Data Spaces Association (IDSA) includes ODRL in its Reference Architecture Model (RAM) Version 4, specifically in section 4.1.6, where it is considered within the security and usage control perspective. You can find more details here: IDSA RAM 4.
Additionally, Gaia-X has explored ODRL for integration into a policy reasoning engine, aiming to facilitate automated policy enforcement within data-sharing frameworks: Gaia-X Policy Reasoning Engine.
Finally, the Data Spaces Support Centre (DSSC) has examined ODRL’s application in enforcing access and usage policies, further reinforcing its relevance in shaping governance mechanisms for data spaces: DSSC Access & Usage Policies.
There might be some more news/outcomes from the EU copyright work [2] after the 16th of June.
There's also a revised version of the CAWG document and the incorporation of CAWG and ODRL as an example of a more extensible way to "opt-in/opt-out/compensate" that has been presented several times, but I can only find the draft sent to me.
Australian National Data Service (ANDS) adopting IDSA - https://ardc.edu.au/resource/australian-dataspaces-an-introduction-and-faqs/
TITLE: W3C ODRL Policy Recommendation Gaining Industry Adoption
The W3C ODRL Policy recommendations (the Model [1] and the Vocabulary [2]) were finalised in 2018 and has recently achieved several notable adoptions across the global community.
ODRL has been adopted by the JPEG Trust standard as the default policy language to describe usage policies for images used by the international standard [3]. The JPEG Trust use cases include ODRL expressing the relevant Parties, Rights-holders, Terms and Conditions, and Compensation. [4]
The International Data Spaces Association (IDSA) includes ODRL in its Reference Architecture Model [5]. The IDSA Usage Control Language is an extension of the ODRL Policy language that provides machine-readable specifications of Usage and Security Control policies. These are also subsequently adopted by other national implementers of data spaces, such as the Australian DataSpaces [6].
The Data Spaces Support Centre (DSSC) has examined ODRL’s application in enforcing access and usage policies, further reinforcing its relevance in shaping governance mechanisms for data spaces. [7]
The Gaia-X consortium's goal is to establish innovation through a digital sovereignty ecosystem, whereby data is shared and made available in a trustworthy environment. They have developed an ODRL Profile for attribute based access and usage control using Verifiable Credential claims [8].
The European Union Intellectual Property Office recommends the use of ODRL for expressing policies for open rights data exchanges. The Copyright Infrastructure Task Force indicates ODRL as a relevant format to express obligations in a machine-readable way and it provides enough flexibility to express the agreements between parties [8].
These real-world examples are both significant in terms of the recognition of the applicability of W3C ODRL to a wide range of industry use cases, as well as clear indicator of industries emerging future needs for robust and flexible policy mechanisms. It is a testament to the vision of W3C and the unfaltering dedication of the ODRL community team over two decades of work.
[1] https://www.w3.org/TR/odrl-model/ [2] https://www.w3.org/TR/odrl-vocab/ [3] https://ds.jpeg.org/documents/jpegtrust/wg1n100972-105-REQ-Terms_and_definitions_for_JPEG_Trust_v2_0.pdf [4] https://cawg.io/meeting-notes/_attachments/2025-01-21/jpeg-trust-presentation.pdf [5] https://docs.internationaldataspaces.org/ids-knowledgebase/ids-ram-4/perspectives-of-the-reference-architecture-model/4_perspectives/4_1_security_perspective/4_1_6_usage_control#ids-usage-control-language [6] https://ardc.edu.au/resource/australian-dataspaces-an-introduction-and-faqs/ [7] https://dssc.eu/space/BVE2/1071256095/Access+&+Usage+Policies+Enforcement [8] https://gitlab.com/gaia-x/lab/policy-reasoning/odrl-vc-profile [8] https://www.europarl.europa.eu/meetdocs/2024_2029/plmrep/COMMITTEES/JURI/DV/2025/05-12/2025.05.12_item6_Study_GenAIfromacopyrightperspective_EN.pdf
One editorial suggestion:
- s/and has recently/ and have recently
Personally, I would love to see a paragraph at the end that says something like:
- ODRL was published as a W3C Recommendation in 2018
- Since then, discussions have continued in the ODRL Community Group
- Given growing industry interest in ORDL, we are seeking input from the community about whether it is time to plan standardization of the next versions of the specifications.
Congrats!
@riannella would it also make sense to mention national/international projects that use ODRL? there's some examples at https://github.com/w3c/odrl/tree/master/landscape
This may be a tangent for the original comment but since Beatriz linked to "landscape", I spotted the the following:
For example, projects like Solid considered ODRL for data usage control (see related github issues: https://github.com/solid/web-access-control-spec/issues/10, https://github.com/solid/web-access-control-spec/issues/87, https://github.com/solid/specification/issues/56#issuecomment-872020854, Authz), but these efforts stalled due to the lack of a formalized, systematic evaluation approach.
That statement appears to be an individual observation rather than a documented conclusion of the Solid CG.
The most "significant" areas in which Solid considered ODRL can be found here:
- https://github.com/solid/data-interoperability-panel/issues/31
- https://github.com/solid/authorization-panel/issues/55
If there was any "stalling", so to speak, it can be said that it was due to lack of implementations and a clear way of integrating ODRL alongside other Solid TRs. I believe Solid CG (as a group) didn't sufficiently dive into the depths of ODRL to be able to make a call that there was a lack of formalisation or a systematic evaluation approach.
The other explorations for Solid + ODRL was brought up in this repo:
- https://github.com/w3c/odrl/issues/12
- https://github.com/w3c/odrl/issues/21
To my knowledge, there is one application, dokieli, that makes use of the Solid Protocol and ODRL. An implementation experience was initially shared back in 2022 at https://github.com/solid/specification/issues/355#issuecomment-1140508784 where the application checks the compatibility of a storage's data policies with the user's preferred policies. The screencast of the demonstration is available at https://dokie.li/media/video/dokieli-odrl-storage-description.webm
Could the blogpost mention/link to dokieli as an application implementation?
@riannella when iterations on the W3C blog post are done, please kindly package a final version so that I don't risk missing any of the comments in this page. 🙏
@csarven Please add the link for dokieli to the ODRL "landscape"page (see bottom): https://w3c.github.io/odrl/landscape/
That will be linked from the Blog post
(belatedly) published 2005-10-23: https://www.w3.org/blog/2025/w3c-standard-odrl-policy-gaining-industry-adoption/