ODRL

The Open Digital Rights Language (ODRL) is a policy expression language that provides a flexible and interoperable information model, vocabulary, and encoding mechanisms for representing statements about the usage of content and services. ODRL became an endorsed W3C Recommendation in 2018.

An example of ODRL policy follows, which can be simply interpreted as "John Doe can Play the asset mysong.mp3".

ODRL History
ODRL was initially created in 2000, to address the burgeoning needs of the DRM-sector when media players were first introduced to the marketplace. Version 1.1 of the ODRL language was quickly adopted by the Open Mobile Alliance (OMA) as their core standard for mobile media content protections and for managing digital objects. To date, ODRL is arguably the largest mobile implementation of a rights language, currently operating on over a billion compatible devices.

ODRL was managed by an independent Initiative, hosted by IPR Systems and led by Renato Iannella, before becoming a W3C Community Group in 2011. This move has provided long-term stability of the specifications and a transparent governance model.

In 2013, two new media sectors adopted ODRL: the eBook publishing and news industries. The International Press and Telecommunication Council (IPTC) news consortium adopted ODRL for the communication of usage policies, primarily in association with the licensed distribution and use of news content in the online news marketplace.

In the current virtual goods environment, content assets purchased or permissioned by a consumer are often locked into the same platform where content was initially consumed due to interoperability of rights expressions across platforms. ODRL Version 2.0 recognized it is equally important to state Permissions and Prohibitions in an expression language representing both DRM and non-DRM digital objects, broad adoption of this advanced model can reduce friction across digital devices and enable transparent transactions between machines in accordance with the specified policy language.

ODRL policy model framework currently supports traditional rights expressions for commercial transactions, open access expressions, and privacy expressions for social media.

ODRL Specifications and Profiles
ODRL is specified in two World Wide Web (W3C) Recommendations published in February 2018:
 * ODRL Information Model 2.2
 * ODRL Vocabulary & Expression 2.2

Included within the ODRL documentation are a number of basic use cases demonstrating how to implement policy expressions using the Core Model with terms from the Common Vocabulary. ODRL is fully extensible and provides a mechanism for new communities to extend and/or deprecate the ODRL Common Vocabulary used in conjunction with the Core Model.

An example of how the ODRL Profile and Vocabulary may be extended is found in the IPTC RightsML profile. The robust framework of ODRL allows for a wide variety of business models to be expressed and to address the requirements of multiple communities, such as social networks, publishers, image libraries, and education. Other profiles, such as the ODRL profile of Creative Commons were developed.

The ODRL Community Group is a World Wide Web (W3C) Community Group still supports the promotion and future development of the W3C ODRL recommendations.

Other W3C Community Groups have adopted ODRL as the core Policy language and have developed a Profile to meet their community requirements, such as the Rights Automation for Market Data Community Group for pricing and trading data for financial instruments.

ODRL Core Model
In the ODRL Core Model, the Policy is the central entity that holds an ODRL policy together. In its encoded form, e.g. in a JSON or XML document, it makes the policy addressable from the outside world via its unique UID attribute. A policy can refer to multiple permissions, duties and prohibitions.

A Permission allows a particular Action to be executed on a related Asset, e.g. “play the audio file abc.mp3″. A Constraint like “at most 10 times” might be added to specify the Permission more precisely. The Party that grants this Permission is linked to it with the Role assigner, the Party that is granted the Permission is linked to it with the Role assignee, e.g. “assigner VirtualMusicShop grants the Permission to assignee Alice”. Additionally, a Permission may be linked to Duty entities that means there are obligations on the assigner to fulfil in order to exercise the permission.

Similar to Permissions, a Duty states that a certain Action may be executed by the Party with the Role assignee for the Permission to be valid, e.g. “Alice must pay 5 EUR in order to get the Permission to play abc.mp3″. The Prohibition entity is used in the same way as Permission, with the key difference that it forbids the Action, e.g. “Alice is forbidden to use abc.mp3 commercially”.

ODRL Vocabulary
The ODRL Core Vocabulary defines the semantics for the concepts and terms from the ODRL Information Model. The ODRL Core Vocabulary represents the minimally supported terms for ODRL Policies.

In addition, the ODRL Common Vocabulary defines semantics for generic terms that may be optionally used in ODRL Profiles by communities.

ODRL Encodings
ODRL can be implemented in three serializations: JSON, XML, and Turtle. Communities adopting ODRL can use standardized actions for Permissions, Prohibitions, and Duties that are expressed in policy statements.