The Open Digital Rights Language is a policy expression language that provides a flexible and interoperable information model, vocabulary, and encoding mechanisms for representing statements about the usage of content and services. An example of ODRL policy follows, which can be interpreted as "John can play mysong.mp3".
ODRL History
ODRL was initially created in 2000, to address the burgeoning needs of the DRM-sector when media players were first introduced to the marketplace. Version 1.1 of the ODRL language was quickly adopted by the Open Mobile Alliance as their core standard for mobile media content protections and for managing digital objects. To date, ODRL is arguably the largest mobile implementation of a rights language, currently operating on over a billion compatible devices. ODRL was managed by an independent Initiative, hosted by IPR Systems and led by Renato Iannella, before becoming a W3C Community Group in 2011. This move has provided long-term stability of the specifications and a transparent governance model. In 2013, two new media sectors adopted ODRL: the eBook publishing and news industries. The International Press and Telecommunication Council news consortium adopted ODRL for the communication of usage policies, primarily in association with the licensed distribution and use of news content in the online news marketplace. In the current virtual goods environment, content assets purchased or permissioned by a consumer are often locked into the same platform where content was initially consumed due to interoperability of rights expressions across platforms. ODRL Version 2.0 recognized it is equally important to state Permissions and Prohibitions in an expression language representing both DRM and non-DRM digital objects, broad adoption of this advanced model can reduce friction across digital devices and enable transparent transactions between machines in accordance with the specified policy language. ODRL policy model framework currently supports traditional rights expressions for commercial transactions, open access expressions, and privacy expressions for social media.
ODRL Specifications and Profiles
ODRL is a specified in two World Wide Web Recommendations published in February 2018:
Included within the ODRL documentation are a number of basic use cases demonstrating how to implement policy expressions using the Core Model with terms from the Common Vocabulary. ODRL is fully extensible and provides a mechanism for new communities to extend and/or deprecate the ODRL Common Vocabulary used in conjunction with the Core Model. An example of how the ODRL Profile and Vocabulary may be extended is found in the IPTC RightsML profile. The robust framework of ODRL allows for a wide variety of business models to be expressed and to address the requirements of multiple communities, such as social networks, publishers, image libraries, and education. Other profiles, such as the ODRL profile of Creative Commons were been developed. The ODRL Community Group is a World Wide Web Community and Business Group still supports the promotion and future development of the W3C ODRL recommendations.
ODRL Core Model
In the ODRL Core Model, the Policy is the central entity that holds an ODRL policy together. In its encoded form, e.g. in an XML document, it makes the policy addressable from the outside world via its unique uid attribute. A Policy can refer to multiple Permissions and Prohibitions. A Permission allows a particular Action to be executed on a related Asset, e.g. “play the audio file abc.mp3″. A Constraint like “at most 10 times” might be added to specify the Permission more precisely. The Party that grants this Permission is linked to it with the Role assigner, the Party that is granted the Permission is linked to it with the Role assignee, e.g. “assigner VirtualMusicShop grants the Permission to assignee Alice”. Additionally, a Permission may be linked to Duty entities. Similar to Permissions, a Duty states that a certain Action may be executed by the Party with the Role assignee for the Permission to be valid, e.g. “Alice must pay 5 EUR in order to get the Permission to play abc.mp3″. The Prohibition entity is used in the same way as Permission, with the two differences that it does not refer to Duties and that it forbids the Action, e.g. “Alice is forbidden to use abc.mp3 commercially”.
ODRL encodings
ODRL can be implemented in three serializations: XML, RDF/OWL Ontology, and JSON. Communities adopting ODRL can use standardized actions for Permissions, Prohibitions, and Duties that are expressed in policy statements.
