Geo (Digital) Rights Management - love and hate, love to hate?
I would have liked to have gone to last weeks OGC event about which Adena (http://www.directionsmag.com/article.php?article_id=3202) and Ed (http://www.edparsons.com/2009/06/the-tla-nobody-likes-drm/) have recently reported/blogged. Didn't go to Glastonbury or Hyde Park either but Springsteen honouring Strummer worth the nod of the title I think.
As you can imagine as a geoportal understanding licensing, sub-licensing and licence management, provising licence advice and so on are key competitive advantages for emapsite. However, we all know that getting to grips with licencesis something of an on-going challenge, be they public sector or commercial licences. We like to think we're on top of it and have worked very hard to provide appropriate components to the control module of our 'emapsite inside' web services platform (http://www.emapsite.com/corporate/Solutions_and_services-emapsite_inside-Overview.aspx).
Talking over the years with Graham Vowles, who heads up OGC's GeoRM activity, is always interesting if often conceptual and I do think that the work being done and published to date offerrs something of a road map for GeoRM implementation be it by geoweb specialists as part of their own services, by integrators, by technically literate mashers or even as stand alone on demand services in their own right.
Licences are essentially a set of rules - whether one likes them or not, if the licences are drawn up unambiguously (and they often aren't) they will (or should) be robust as far as the licence holder is concerned. The degree of ambiguity determines whether or not the legal 'encoding' can be formally computer 'encoded'. Thus, and as long as all the other licence dependencies (rules) are also captured in the licence then, as these details are effectively metadata, in a perfect world it should not be very difficult to deploy tools/technologies in a licence 'engine'. Such an 'engine' can for example ensure that users understand the implications of agreeing to obtain (and comply with) the rights they seek; even better a licence engine can advise users as to the 'correct' licence for a given scenario.
With web services (WMS or WFS) then implementation of the agreed licensing can be seen as a metadata conformance tracking (provenance is key for both licensor and licensee) component and can be reported equally unambiguously (enforcement always a dirty word in this arena).
In an other than perfect world, it is where licences are ambiguous or disingenuously linked to other licences that life becomes more difficult, legally and formally.
(Automated) rights management is essentially about ensuring that the mechanism by which a resource is processed into a deliverable (input-action-output) is 'permissible'. If any part of the request is not then there is no deliverable - by geography, by time, by user, by use or usage, by platform or by some other measure the request does not pass a series of comparisons relating to rights (ISO 21000 defnes 5 broad sets of rights that such tests would cover) within the agreed licence.
Sounds so simple! Especially as much of this can be built into user profiles associated with the authentication and authorisation integral to enterprise solutions. And GeoRM has a rights expression language (REL) to do this already.
This document can seem intimidating - http://www.opengeospatial.org/standards/as/geodrmrm - but bears sticking with because as Adena says its not easy but it is not beyond the comprehension of anyone who is truly interested and I would argue is essential to anybody who is. Not understanding licensing and the options available for implementation is no excuse for abuse.
The licence holders set the rules; few yet see the licence/rules as metadata so there is ambiguity in public and prvate sector licences so it can be difficult to offer any kind of dynamic licensing mechanism. This is a challenge for mid/small scale data provision but as this is the kind where most of the pressure for 'simpler' licensing falls, unambiguous licensing should eventually prevail and would allow licensees to implement along the lines of the GeoRM model.
I think Ed's cart/horse reference must relate to ambiguity in geodata licences undermining the GeoRM model. My own take is that the vital need to formally encode geodata licences that a GeoRM model demands means that those drafting the licences need to ensure incorporation of unambiguous rights within the licence. The same might be said of all those 'catch-all' terms of use licences though! Paid for or otherwise users need to understand their rights - licence engines (in and beyond geo) based on formal encoding and clear language have the capacity to offer much needed clarification of a relationship between licensor and licensee that is oft mired in rhetoric.
As you can imagine as a geoportal understanding licensing, sub-licensing and licence management, provising licence advice and so on are key competitive advantages for emapsite. However, we all know that getting to grips with licencesis something of an on-going challenge, be they public sector or commercial licences. We like to think we're on top of it and have worked very hard to provide appropriate components to the control module of our 'emapsite inside' web services platform (http://www.emapsite.com/corporate/Solutions_and_services-emapsite_inside-Overview.aspx).
Talking over the years with Graham Vowles, who heads up OGC's GeoRM activity, is always interesting if often conceptual and I do think that the work being done and published to date offerrs something of a road map for GeoRM implementation be it by geoweb specialists as part of their own services, by integrators, by technically literate mashers or even as stand alone on demand services in their own right.
Licences are essentially a set of rules - whether one likes them or not, if the licences are drawn up unambiguously (and they often aren't) they will (or should) be robust as far as the licence holder is concerned. The degree of ambiguity determines whether or not the legal 'encoding' can be formally computer 'encoded'. Thus, and as long as all the other licence dependencies (rules) are also captured in the licence then, as these details are effectively metadata, in a perfect world it should not be very difficult to deploy tools/technologies in a licence 'engine'. Such an 'engine' can for example ensure that users understand the implications of agreeing to obtain (and comply with) the rights they seek; even better a licence engine can advise users as to the 'correct' licence for a given scenario.
With web services (WMS or WFS) then implementation of the agreed licensing can be seen as a metadata conformance tracking (provenance is key for both licensor and licensee) component and can be reported equally unambiguously (enforcement always a dirty word in this arena).
In an other than perfect world, it is where licences are ambiguous or disingenuously linked to other licences that life becomes more difficult, legally and formally.
(Automated) rights management is essentially about ensuring that the mechanism by which a resource is processed into a deliverable (input-action-output) is 'permissible'. If any part of the request is not then there is no deliverable - by geography, by time, by user, by use or usage, by platform or by some other measure the request does not pass a series of comparisons relating to rights (ISO 21000 defnes 5 broad sets of rights that such tests would cover) within the agreed licence.
Sounds so simple! Especially as much of this can be built into user profiles associated with the authentication and authorisation integral to enterprise solutions. And GeoRM has a rights expression language (REL) to do this already.
This document can seem intimidating - http://www.opengeospatial.org/standards/as/geodrmrm - but bears sticking with because as Adena says its not easy but it is not beyond the comprehension of anyone who is truly interested and I would argue is essential to anybody who is. Not understanding licensing and the options available for implementation is no excuse for abuse.
The licence holders set the rules; few yet see the licence/rules as metadata so there is ambiguity in public and prvate sector licences so it can be difficult to offer any kind of dynamic licensing mechanism. This is a challenge for mid/small scale data provision but as this is the kind where most of the pressure for 'simpler' licensing falls, unambiguous licensing should eventually prevail and would allow licensees to implement along the lines of the GeoRM model.
I think Ed's cart/horse reference must relate to ambiguity in geodata licences undermining the GeoRM model. My own take is that the vital need to formally encode geodata licences that a GeoRM model demands means that those drafting the licences need to ensure incorporation of unambiguous rights within the licence. The same might be said of all those 'catch-all' terms of use licences though! Paid for or otherwise users need to understand their rights - licence engines (in and beyond geo) based on formal encoding and clear language have the capacity to offer much needed clarification of a relationship between licensor and licensee that is oft mired in rhetoric.