1 of 1

Data Licenses

Data licenses describe the terms and conditions for using data. BDI recognises a layered licensing structure. Licenses are used in authorisations for data transactions and are defined in this building block of the BDI framework.

Purpose of the building block

The purpose of the data licenses building block is to allow Data Owners to control what Data Consumers are allowed to do with their data by providing instructions on how a service may be consumed or under which conditions data may be exchanged.

Concepts

The following concepts (from the BDI Glossary) are particularly relevant in this building block:

Concept

Meaning

Data licenses

Descriptions of the terms and conditions for using data
Either in free form text or in ODRL

Data Owner

Has control over data and access to data,
Controls decisions on Data Sovereignty and Trust Sovereignty
Controls authorisation policies, representation rules, professional qualification verification of staff and contractors
Controls subscription to the Event Pub/Sub Service and publishing of events to subscribers
Controls discovery and endpoints
Controls roles assumed by entity

Data Consumer

Requests access to data and/or Representation Register and/or Professional Qualification Register of the data owner
Controls discovery and endpoints
Requests subscription to data owner’s Event Pub/Sub Service, receives and evaluates events

Risks

When not selecting the correct license, the Data Consumer might not be sufficiently legally bound to the right terms and conditions for using their data, which could result in data abuse and thereby in financial or reputational damage to the Data Owner, or (indirectly) the Data Service Provider.

However well the licenses are implemented, there is no technical guarantee that the data is used in conformance with the applicable licenses. The legal context of the framework mitigates this risk, but a residual risk remains.

BDI encourages participants (particularly Data Consumers) to implement proper data management and or data governance to ensure proper handling of data.

Interlinkages with other building blocks

This building block is closely tied to Authorization, since a license may be part of an authorisation. The authorisation defines:

Which party
Is allowed to access which data attributes
(Optionally) at which Data Service Provider
(Optionally) with which terms and conditions for using the data (licenses)

Elements and their key functions

Licenses are defined in framework documentation (see below). In Authorisations, licenses are applied. As defined in Authorization, and particularly in the iSHARE data model for authorisations, one or more licenses ("stacking") can be applied to an Authorisation. Data Owners must make sure that when more then one license is used, the licenses must not be contradictory.

Example of acceptable stacking of licenses

0004 Licensee may enrich received data with own data before re-sharing
XXXX Licensee may use received data in the region Europe

Core design decisions

Licenses are defined on three layers:

iSHARE layer. The available licenses are defined in the iSHARE Trust Framework.
BDI layer. The available licenses are defined in this building block.
Association layer. The available licenses are defined in the framework agreements of a BDI Association (when these exist).

BDI layer licenses

There are currently no specific BDI licenses defined.

Combined list of available licenses

Future topics

Future topics that are of interest to this building block are:

Research how Incoterms can be applied in the context of licenses.
Research which technical controls are available to enforce adherence to licenses.
Align with other data spaces initiatives on the topic of policy enforcement.
Contribute to iSHARE's licenses framework through the iSHARE's Change Management process, particularly through RFC037 (including improved specification on the usage of ODRL).

Data Licenses

Purpose of the building block

Concepts

The following concepts (from the BDI Glossary) are particularly relevant in this building block:

Concept

Meaning

Data licenses

Descriptions of the terms and conditions for using data
Either in free form text or in ODRL

Data Owner

Has control over data and access to data,
Controls decisions on Data Sovereignty and Trust Sovereignty
Controls authorisation policies, representation rules, professional qualification verification of staff and contractors
Controls subscription to the Event Pub/Sub Service and publishing of events to subscribers
Controls discovery and endpoints
Controls roles assumed by entity

Data Consumer

Requests access to data and/or Representation Register and/or Professional Qualification Register of the data owner
Controls discovery and endpoints
Requests subscription to data owner’s Event Pub/Sub Service, receives and evaluates events

Risks

BDI encourages participants (particularly Data Consumers) to implement proper data management and or data governance to ensure proper handling of data.

Interlinkages with other building blocks

This building block is closely tied to Authorization, since a license may be part of an authorisation. The authorisation defines:

Which party
Is allowed to access which data attributes
(Optionally) at which Data Service Provider
(Optionally) with which terms and conditions for using the data (licenses)

Elements and their key functions

Example of acceptable stacking of licenses

0004 Licensee may enrich received data with own data before re-sharing
XXXX Licensee may use received data in the region Europe

Core design decisions

Licenses are defined on three layers:

iSHARE layer. The available licenses are defined in the iSHARE Trust Framework.
BDI layer. The available licenses are defined in this building block.
Association layer. The available licenses are defined in the framework agreements of a BDI Association (when these exist).

BDI layer licenses

There are currently no specific BDI licenses defined.

Combined list of available licenses

Future topics

Future topics that are of interest to this building block are:

Research how Incoterms can be applied in the context of licenses.
Research which technical controls are available to enforce adherence to licenses.
Align with other data spaces initiatives on the topic of policy enforcement.
Contribute to iSHARE's licenses framework through the iSHARE's Change Management process, particularly through RFC037 (including improved specification on the usage of ODRL).

Data Licenses

Purpose of the building block

Concepts

Risks

Interlinkages with other building blocks

Elements and their key functions

Core design decisions

BDI layer licenses

Combined list of available licenses

Future topics

Further reading

Data Licenses

Purpose of the building block

Concepts

Risks

Interlinkages with other building blocks

Elements and their key functions

Core design decisions

BDI layer licenses

Combined list of available licenses

Future topics

Further reading