POE.UC.01: Permissions and obligations for language resources

Víctor Rodríguez on behalf of W3C Linked Data For Language Technology Community Group

Language resources (lexicons, dictionaries, machine translation, etc.) are collected in repositories. Publishers would like to express what is permitted and what it is not.

Language resources are highly valuable resources now being massively translated to Linked Data. See the diagram here: Linguistic Linked Data Cloud. Different Language Resource Catalogs exist, like the one of CLARIN, or the one of META-SHARE, LRMAP, Linghub, etc. These resources need to be browsed and queried, and the permissions information must be in a machine-readable form in order to facilitate search-by-permission and in order to allow the automated processing of permission expressions.

POE.UC.02: Conditional Access to Linked Data

Víctor Rodríguez and Nandana Mihindukulasooriya (UPM) on behalf of the ODRL Linked Data profile editors.

A publisher of Linked Data (or in general a RDF dataset) wants to selectively make available parts (e.g. named graphs) of a dataset. Availability depend on ODRL policies, the context and the ODRL Request and ODRL Ticket. For example, given a dataset, one might want to serve it under the following conditions: "Anybody can access named graph ex:graph1, but can only access ex:graph2 during 2016. Individual triples in ex:graph3 can be accessed at the price of 1 € cent."

POE.UC.03: Published article with embargoed dataset

Phil Archer & Keith Jeffery on behalf of the VRE4EIC Project

Researchers are strongly encouraged (and now routinely required) to publish data supporting their scholarly published papers. Irrespective of the terms under which the paper is published (although usually open access), the data is generally expected to be made freely and openly available. However, this may happen after an embargo period. The purpose of the embargo period is to allow the researcher or research team creating the dataset to have a publication based on it published before colleagues can access the dataset and generate their own publications.

POE.UC.04: Technical documents rules for business process regulatory compliance

Serena Villata (joint work with Guido Governatori) in the context of the MIREL Project

Technical documents describe how to handle and what are the functionalities of a certain product or process (e.g., telecommunication codes). They are intended to provide information about what can/cannot be done with the product or within a certain process. Given the huge dimension of this kind of legal texts and their diffusion in the companies, the advantages of returning a machine-readable representation of such texts would allow to have in this representation a kind of summary of the main constraints expressed in the documents, with invaluable time saving for every person that is expected to read the whole document before obtaining this information. A specific usage of such a kind of texts is that of manually extracting the set of obliged/prohibited/permitted actions in order to check whether certain business processes are compliant with the legal text they should refer to. Moreover, issues related to the merging of updated versions of the documents, with amendments with respect to the policies and duties expressed in the former versions.

POE.UC.05: Determine an identifier representing the audience who can access a digital resource

Mo McRoberts, BBC

The Research & Education Space platform, developed jointly by the BBC and partners, indexes Linked Open Data describing media that is available both to the public, and specifically for those in formal education, primarily in the UK. Even within this latter group, there are a range of different licensing schemes and access mechanisms which are not mutually-exclusive. For queries against the index to return appropriate results for a user, we must track which schemes they (or their institution) is a member of and filter based upon these, which therefore translates into a requirement for the metadata being indexed to include information identifying which are applicable (we term these "audience URIs"). Note that this is not an access-control mechanism (this should be implemented and enforced at the media location), rather a means of ensuring that an optimal user experience is delivered.

POE.UC.06: OpenPHACTS

Phil Archer for the Big Data Europe Project

OpenPHACTS integrates pharmacological data from a wide range of sources and provides an API through which different identifiers for the same thing can be reconciled, reducing barriers to drug discovery in industry, academia and for small businesses. Some data is open but not all. It may come with a variation of a Creative Commons License; some data is visible to all users, some to members, some only to the original data owner.

Rather than attempt to make assertions about what an end user can or cannot do with the data available through its API, OpenPHACTS is careful to simply make clear to its users where data came from and under what terms. It is then up to the end user to assess whether their intended use is, or is not, compliant with those terms.

POE.UC.07: News Permissions and Restrictions

Stuart Myles

In the news industry, rights holders and editors need to establish the permissions and restrictions associated with content.

What Do Rights Holders Want?

In general, rights holders will require that a set of permissions, restrictions, and duties be obeyed for a defined set of content. And they can require additional restrictions or duties for individual items within the larger content set. Rights holders wish to restrict the use of their content by factors such as:

• Geography (e.g. "No use in China")
• Time (e.g. "No archive after 3 days")
• Distribution channel (e.g. "No mobile")

They also want to enforce duties such as:

• Payment (e.g. "You can use this photo online for EUR80")
• Attribution (e.g. "Credit Kyoto News")

Often, rights holders need to constrain the use of their content in complex ways, i.e., with combined constraints (e.g, "No use in UK after 7 days"). Generally, rights holders want to be able to:

Create a bundle of permissions, restrictions and duties

The rights holder creates a set of permissions and restrictions with constraints, together with any duties that the editor must perform, in order to unlock the permissions. The set may be associated with one or more sets of content. Therefore the policy bundle must have a unique identifier.

Identify one or more items of content to be treated as a set

The rights holder defines one or more content items which are to be treated as a set. The set must have a unique identifier.

Bind a policy to a set of content

The rights holder asserts that a given set of content is governed by a given policy. Note that a given content item might be a member of more than one set of content. Therefore, a given content item may have more than one policy associated with it.

What Do Editors Want?

Ideally, not to worry about rights at all. Essentially, editors want to know the answer to the question "Can I use this content in this way?" and, if the answer is yes, "Are there any duties?". It is not unusual for editors to have access to content that they are not permitted to republish. Or that they can only republish in certain ways (e.g., only in print but not on a mobile app). Editors want to be able to:

Create a bundle of action and context"

An editor identifies a content use in context, meaning a particular action they propose to take with pieces of content (e.g. "print", "distribute", "archive") and any relevant context for that action (e.g. location="France"). The types of context for an action correspond to possible constraints which could apply to the use of a piece of content. The use is not tied to one particular piece of content. The use must have a unique identifier.

Determine whether a use is permitted for a particular content item

At the point where an Editor wishes to use a particular piece of content in a particular way, the policies must be evaluated to determine whether it is permitted and whether there are any duties that must be fulfilled. The possible results are therefore: "yes", "no" or "maybe".

POE.UC.08: Atomic Understanding of Common Licenses

Phil Archer

The European Data Portal (EDP) harvests and republishes metadata from across Europe. It therefore has to handle a wide variety of inputs, including a variety of licenses attached to datasets (and datasets with no license attached). In order to manage this, the EDP has examined each of the most commonly found licenses and derived a set of atomic permissions and obligations expressed in those licenses with the intention that users can assess whether or not a particular combination of datasets is permissible and, if so, under what conditions. Their work itself is available on the European Data Portal as Licence Assistant: European Data Portal Licence Compatibility Matrix.

POE.UC.09: Base Product

Ben Whittam Smith on behalf of Thomson Reuters

A bundled data product, which is sometimes called a 'base product', brings together a set of permissions that can be separately bought into a policy [or package] that is sold for a single price - or provided for free. It is important that the pricing is set at the aggregate level.

POE.UC.10: Pay-by-Use

Ben Whittam Smith on behalf of Thomson Reuters

Sometimes things are paid for on a per-usage basis. For instance a SaaS product might charge per account (or per seat), or a definition in legal treatise might be charged for every time it is printed or included in a PDF.

POE.UC.11: Third-Party Rights Management

Ben Whittam Smith on behalf of Thomson Reuters

There are some common obligations that must be transmitted if you are acting as an intermediary between the data owner and the data user. Often the owner and the user must sign a contract, the user must acknowledge the copyright of the owner, and the user must acknowledge some other documentation (like a 'Restriction On Distribution Statement').

POE.UC.12: Tracing Permissions and Obligations through Aggregations and Derivations

Ben Whittam Smith on behalf of Thomson Reuters

Data sets are often combined (aggregation) and analysed to generate new data sets (derivation). Big data analytics generates extended workflows of such operations. What policies control each step of the process? For example, a synthetic instrument might be generated by following a simple rule: (equity price on NYSE - equity opening price on NYSE) * equity weighting on MSCI Technology Index)

Let's say we know the three policies that control equity prices on the New York Stock Exchange, their opening prices, and their index weighting. Then what is the policy that controls the resulting synthetic instrument?

POE.UC.13: Delegation

Ben Whittam Smith on behalf of Thomson Reuters

Assigners are often corporate entities. They may want to restrict the right to exercise the actions they 'own' to particular groups within their own organisation, or even to an individual. This doesn't feel like an rights assignment (as no rights are being assigned?) but a delegation.

POE.UC.14: A Vote for Extended Relations

Ben Whittam Smith on behalf of Thomson Reuters

Extended relations are an experimental feature of ODRL 2.1. In many cases, they would be necessary for commercial purposes. For example, it might be the case that on the 15th of every month the user must report usage by providing a list of either Access IDs OR Physical IDs. Extended relations would be a way of enabling this.

POE.UC.15: Real-time vs. Delayed Data

Ben Whittam Smith on behalf of Thomson Reuters

Permissions often vary depending on whether the data is used in real-time (expensive and restrictive) or after a specified delay (cheaper and less restrictive).

POE.UC.16: Accessing Historical Data

Ben Whittam Smith on behalf of Thomson Reuters

Access to historical data is often specified by the access period (how long can you go back in history) and access interval (how often can you sample the history). So a permission might be for access to 7 years of historical data but only on a monthly basis.

POE.UC.17: Asset in a set

James Birmingham on behalf of Digital Catapult

In order to manage a common offer which is applied to many assets, a one-to-many relationship is more preferable than a one-to-one. If the offer can target a set of assets, it must also be able to state that what is offered is n items from the set rather than the whole set.

POE.UC.18: Policy Assertion

Renato Iannella

A common use case is for a general policy statement to be asserted. This is simply a party stating what policy terms they believe they have. Either an assignee can assert what terms they have over an asset and/or an assigner can assert what terms they have over an asset. An assertion does not grant any of the statements. A policy assertion may state that a party is a general rights holder or other roles.

POE.UC.19: Relative Time Constraints

Michael Steidl

Sometimes it's required to be able to constrain the applicability of policies according to a relative point in time, e.g.:

• Organisers of sport events grant the use of photos or videos relative to the end of a sport event/game. (Note: the live publishing of photos/videos may be granted by a different license.)
• Speakers at a conference circulate a document with their speech in advance and they permit to publish it only after the speech has ended.

POE.UC.20: External Declaration of Payment Amount

Víctor Rodríguez-Doncel

META-SHARE is an open and secure network of repositories for sharing and exchanging language data, tools, and related web services. As of July 2016, it accounted more than 2700 resources. These resources are described with small pieces of metadata according to their schema.

While maintainers of META-SHARE's 32 repositories can edit simple metadata records, they are usually not skilled enough to edit ODRL expressions. Hence they would like to be able to:

1. Point to a license template (referred by a well-known URI), with a placeholder to for the price.
2. Add a metadata record indicating the specific price of the resource.

POE.UC.21: Specifying the Scope of Constraints

Víctor Rodríguez-Doncel

Depending on the use case, it's often necessary to specify constraints on properties of different kinds of entities (e.g., assets, parties or any other external entities). The exact subject for which those constraints must hold is currently not encodable in ODRL, but has to be inferred from the textual semantics of each of ODRL's 25 constraint terms; which not only leads to ambiguities in terms of interpreted semantics, but might also prove to be not capable of fully covering new usages of ODRL.

POE.UC.22: Technical documents rules for business process regulatory compliance

POE.UC.23: Deletions Must be Propagated

Brian Ulicny

Many data providers require that if a record or element of the data is deleted in the source, it must be deleted in any copy and/or aggregation of that data. For example, arrest records must be expunged in public datasets if they are expunged by a court. Twitter requires that deleted tweets not be used in datasets, and so on.

POE.UC.24: Synchronization in a multilayer music description environment

Laboratorio di Informatica Musicale (LIM), Department of Computer Science, Universitá degli Studi di Milano

IEEE 1599 is an international XML-based standard that aims to comprehensively describe music content by supporting the representation of heterogeneous music aspects within a single XML document. Moreover, IEEE 1599 lets spatio-temporal relationships emerge among such materials, thanks to the identification of music events inside a common data structure known as the spine: in this way, events can be described in different layers (e.g., a chord's graphical aspect and its audio performance), as well as multiple times within a single layer (e.g., different music performances of the same events). Consequently, the IEEE 1599 multilayer environment presents two complementary synchronization modes: inter-layer and intra-layer synchronization. Coupling these two categories of synchronization makes it possible to design and implement frameworks that allow new kinds of interaction with media contents and novel music-experience models, as shown in the Music Box area of the EMIPIU web framework (see URL above). Recognizing music events and their synchronization can be seen as an additional intellectual achievement that on one side does not affect the already existing IP rights on media contents, but on the other side requires adequate protection. Consequently, it is desirable to consider a new permission which allows the producer to synchronize different media contents with respect to the other possibly existing permissions, restrictions and duties associated with media contents.

POE.UC.25: Magazine Media Permissions

Dianne Kennedy, Idealliance

In the Magazine Industry, magazine media companies need the ability to communicate the legal terms of usage permissions (known as licensing terms) that are associated with content (article text and rich media). Specifically:

• Magazine media companies wish to define the ability of editors and staff to modify content.
• Magazine media companies wish to define the ability of editors and staff to translate textual content by language.
• Magazine media companies also want to note the following duties:
  • Payment (e.g. "You can use this photo online for EUR80").
  • Attribution (e.g. "Credit Kyoto News")
  • Notification (e.g. "University of North Carolina")
  • Approval (e.g. "Major League Baseball")
• Magazine media companies wish to define their ability to use content for promotional purposes.
• Magazine media companies wish to restrict the primary distribution of their content by:
  • Geography/Spatial (e.g. "only (US, CA)")
  • Time (e.g. "No distribution before dd/mm/yyyy")
  • Territory/Recipient (e.g. "North America")
  • Editorial Delivery Channel (e.g. "Print only")
  • Promotional Delivery Channel (e.g. "email")
• Magazine media companies wish to define their ability to grant use of content to third party aggregator/syndicator.
• Magazine media companies wish to express to third party aggregator/syndicator any legal restrictions on the redistribution of content.

POE.UC.26: Data Quality Policy

Antoine Isaac, Riccardo Albertoni

Example from the W3C Working Group Data on the Web Best Practices [dwbp], more specifically for the Data Quality Vocabulary [vocab-dqv]. This example specifies that the serviceProvider grants the permission to access the dataset and commits to serve the data with a certain quality, more concretely, 99% availability of a SPARQL endpoint associated with the dataset. This is expressed as a duty on the service provider with a constraint that is defined using a DQV metric (:sparqlEndpointUptime) that has to be greater than a certain value (e.g., 99). The odrl:assignee is the recipient of the policy statement and the odrl:assigner is the issuer of the policy statement. For discussion about this example see http://lists.w3.org/Archives/Public/public-odrl/2016Feb/0000.html

The expression of constraints in ODRL seems quite unfit with expressing general constraints on values in RDF graphs, as we would require here. However, ODRL can be easily extended, and is schedule to undergo refinement in the context of the W3C Permissions & Obligations Expression Working Group. In the future DQV implementers should investigate whether a general constraint expression language like the coming SHACL provides a more appropriate mechanism to be used on top of ODRL permissions and duties.

POE.UC.27: RightsStatements.org - Vocabulary of purpose

Antoine Isaac, Mark Matienzo

Data providers who are also the rights holders of the digital objects in question may want to allow reuse of their digital objects for educational purpose only. Hence, a mechanism allowing for extending existing or adding new purposes/actions should be provided.

<http://rightstatements.org/rs/ic-edu> a dcterms:RightsStatement, odrl:Policy ;
    skos:prefLabel "In Copyright - Educational Use Only"@en ;
    odrl:permission [
       odrl:action odrl:use ;
       odrl:constraint [
             odrl:leftOperand odrl:purpose ;
             odrl:operator odrl:eq ;
             odrl:purpose <http://rightstatements.org/purpose/education>
       ]
    ].

POE.R.DM - Data Model

POE.R.V - Vocabulary

POE.R.E - Encoding

POE.R.R - Processing Rules