ODRL is a W3C rights language that has existed since 2000 and has long been able to say “you may use this asset under these constraints” in machine-readable form. What it could not cleanly say, until a preprint submitted on 23 June 2026, is who holds the authority to declare that a rule was violated, or even whether “permitted” should be read as “not prohibited” or “explicitly allowed.” arXiv:2606.24344 grounds ODRL’s permissions, prohibitions, and duties in the UFO-L legal ontology and extends legal-position coverage from two to eight, and its real pitch is not academic tidiness: it is the audit layer that vendor usage policies, enforced today as opaque server-side prose, have never had.
What ODRL actually is, and why “permission” is underspecified
ODRL, the Open Digital Rights Language, is a W3C Recommendation whose Information Model and Vocabulary reached version 2.2 in February 2018, though its lineage runs back to digital rights management work in 2000. It serializes policies to formats including JSON-LD, and its core job is to express permitted, prohibited, and obligated actions over an asset.
The underdetermined part is what “permitted” means once you actually run it through an evaluator. The W3C Formal Semantics document defines an ODRL Evaluator that takes a policy, a state of the world, and an evaluation request, and returns whether an action is permitted, prohibited, violated, or fulfilled. For actions that a policy neither explicitly permits nor prohibits, the evaluator’s behaviour depends on an optional parameter with two values: open, where anything not prohibited is permitted, and closed, where anything not permitted is prohibited.
That is not a footnote. It means the same policy can resolve to opposite verdicts depending on a world assumption the policy itself does not encode. “Permission,” in other words, is underspecified across the one parameter that decides whether silence is consent or denial. The arXiv paper makes exactly this point: permission is underspecified across its behaviour parameter (open versus closed world). A rights language whose central verb is ambiguous about its own default cannot, on its own, be an auditable record of what a vendor actually allows.
The June 2026 UFO-L grounding, from two to eight legal positions
The new paper, “What Does ODRL Mean?,” by Daham Mustafa and colleagues, was submitted 23 June 2026 and accepted at FOIS 2026 (the 16th International Conference on Formal Ontology in Information Systems) in Vitória, Brazil. Its move is to ground ODRL in UFO-L, a foundational legal ontology, and map each activated ODRL rule to a simple legal relator.
The headline result is coverage growing from two legal positions to eight. That matters because a policy is not just a list of verbs; it is a structure of positions that a legal ontology can distinguish and a prose terms-of-service cannot. Under the UFO-L mapping, prohibition is sanctioned: violation is possible and consequential, not merely a cosmetic state. Permission’s behaviour ambiguity becomes an explicit modeling choice rather than a hidden parameter. And the formal semantics, the authors establish, covers achievement obligations only: duties whose fulfillment is the performance of a concrete action, not open-ended maintenance duties that prose policies routinely imply.
All of the paper’s axioms are mechanically verified in Isabelle/HOL and checked across a 39-problem benchmark under the Vampire, E, and Z3 automated theorem provers. That verification is worth reading precisely. It establishes that the ontology is internally consistent, that the axioms do not contradict each other, and that the legal-relator mappings hold as logical claims. What it does not establish is that the ontology faithfully captures what a given natural-language license clause meant when a lawyer drafted it. The consistency proof and the faithfulness problem are different claims, and conflating them is the easy mistake to make with this kind of work.
The Cross-Level Design Principle: conduct positions versus competence positions
The paper’s organizing claim is what it calls the Cross-Level Design Principle: any normative language with violable, consequential norms requires two levels of legal position at once. The conduct level covers Permission, Duty, Right, and No right, the things that say what an actor may do or must do. The competence level covers Power, Subjection, Immunity, and Disability, the things that say who can change, waive, or declare those norms in the first place.
ODRL has historically operated almost entirely at the conduct level. Its rules say what is permitted and prohibited; they do not say who is authorized to pronounce a violation authoritative enough to carry a consequence. The principle’s value is that it makes this omission visible as an omission, not as a feature of the language. A rights model that has duties but no account of the authority to enforce them is, in the paper’s framing, missing half the structure that makes norms consequential.
This is where the work stops being purely formal and starts to pressure how usage terms get written. A vendor acceptable-use policy that lists prohibited uses but is silent on who judges a violation, and by what process, is relying on an implicit Power that no one has bothered to name. The UFO-L grounding does not invent that power. It names the thing the vendor was already assuming.
Who gets to declare a violation? The gap in every evaluator
The sharpest practical claim in the paper concerns violation-declaration authority. Every existing ODRL evaluator, the authors note, already does this implicitly: something inside the evaluator decides that a prohibition was violated and that the violation counts. Under the UFO-L grounding, that implicit authority becomes an explicit Power-Subjection pair. One party holds the Power to declare the violation; the other is in Subjection to it.
For the DRM and dataspace contexts where ODRL grew up, this is a tidying exercise. For AI usage terms it is the whole argument. When a model provider returns “blocked under our acceptable-use policy,” the provider is exercising a Power to declare a violation of a prohibition whose encoding no one outside the company can inspect. The blocked user is in Subjection. Neither position appears in any machine-readable form the user, a researcher, or a regulator can read. The decision is enforced server-side, in prose, with no auditable encoding of which clause fired, against which action, under which world assumption, and with what consequence.
Naming this as a Power-Subjection pair does not by itself make vendor policies auditable. But it gives the missing structure a vocabulary. A future rights encoding that said “the provider holds the Power to declare violations of clause X, with consequence Y, under closed-world assumption Z” would at least be inspectable, even if it left the provider holding all the power. Today’s terms cannot be inspected at all.
Description versus enforcement: why ODRL needs a separate layer
A second distinction the paper inherits and sharpens is between describing rights and enforcing them. ODRL is descriptive only. As the literature around it notes, it lacks built-in enforcement capabilities, which has historically limited its practical reach. Describing a prohibition precisely does not stop anyone from performing the prohibited action; it just means the violation is well-defined once it happens.
The enforcement gap is what the Open Digital Rights Enforcement framework addresses. ODRE adds an enforcement algorithm with open-source Python and Java implementations, turning descriptive ODRL policies into ones a system can actually act on. The W3C ODRL Landscape lists multiple open evaluator implementations and tracks ODRL’s shift since roughly 2020 away from DRM expression and toward access and usage control in dataspaces such as Gaia-X, IDSA, and Solid.
For the AI-usage-terms question this matters because enforcement is exactly where vendor opacity compounds. Even if a provider did encode its policy in ODRL, the actual block decisions are made inside closed infrastructure. A descriptive layer that a provider never exposes to enforcement-against-its-own-systems audit is not much better than prose. The UFO-L grounding plus ODRE together outline the full stack: a formally grounded, machine-checkable description of rights, and an enforcement layer whose verdicts can, in principle, be traced back to specific axioms. Neither half exists today for vendor AI terms.
What this means for machine-readable AI usage terms
The differentiator here, and the reason this paper deserves attention from people who do not normally read formal ontology, is that it connects ODRL to a problem that is felt rather than abstract. “Blocked under our acceptable-use policy” is the single most common, least contestable interaction a user has with a frontier-model provider. It is a denial issued under authority the user cannot inspect, against a rule the user cannot read in any structured form, with no recourse path defined in the policy itself.
The UFO-L grounding reframes that interaction as a missing rights-encoding problem. The provider is exercising a Power; the user is in Subjection; the prohibition was declared violated under some world assumption the policy does not state. Today all of that is implicit and server-side. The paper’s contribution is to show that ODRL, properly grounded, has the formal vocabulary to make it explicit. The practical question is whether anyone will hold providers to using it.
The audit-lever framing is the honest one. ODRL-as-standard will not arrive by vendor goodwill. But a regulator, a procurement team, or a researcher who wants to ask “what exactly did you block, under which clause, with what authority” now has an ontology that can host the answer. The cost of hand-waved compliance goes up once the missing structure has a name.
Does formal grounding survive real license-language ambiguity?
The catch, and the paper’s honest limitation, is that a foundational-ontology grounding does not dissolve ambiguity. It relocates it. The axioms are proven consistent in Isabelle/HOL and across a 39-problem benchmark, but those proofs validate the ontology’s internal logic. They do not prove that the ontology faithfully captures the meaning of a real natural-language license term drafted by a lawyer who was hedging on purpose.
That gap is visible in adjacent work. LLM4ODRL, a 2025 paper by the same corresponding author, uses GPT-4 to auto-generate ODRL policies from natural-language instructions and reports up to 91.95% accuracy on a 12-use-case cultural-dataspace benchmark. Useful, and telling: the prose-to-ODRL translation layer is itself an open problem, and even that score leaves a residual gap. The cases the model gets wrong are exactly the space where a license clause’s intent is ambiguous, contested, or strategically vague, and where an ontology grounded in precise axioms will simply have to pick one reading.
This is why the W3C’s own ODRL Landscape document notes, as of September 2025, that the work on formalizing ODRL semantics is still “ongoing.” The formal machinery is incomplete at the standard level, and the arXiv paper is a research contribution that the W3C spec has not yet absorbed. Treating the two as the same thing, or as a finished system vendors could deploy, would be a misreading.
The defensible claim is narrower and stronger. ODRL can now distinguish a duty from a prohibition, name who holds the power to declare a violation, and do so under axioms a theorem prover has checked for consistency. That is a real advance over prose terms whose only enforcement is “trust us.” It does not yet solve the harder problem of translating a vendor’s deliberately vague policy language into that structure without losing the vagueness the vendor put there on purpose. Whether formal grounding survives contact with real license ambiguity is the open question, and it is the one that decides whether this work stays in the ontology literature or reaches the terms-of-service page.
Frequently Asked Questions
What verdict does an ODRL evaluator return for an action the policy never mentions?
It depends on a behaviour parameter the policy may not set, and the W3C Formal Semantics gives it three values, not two. Open treats anything not prohibited as permitted; closed treats anything not permitted as prohibited; and default, which is what an evaluator uses when the parameter is absent, resolves to closed. A policy that stays silent on the parameter therefore defaults to denial.
Which open evaluators can a team run against an ODRL policy today?
The W3C ODRL Landscape lists nine or more open implementations, among them ODRE, the ODRL Engine, ODRL-PAP, and the KNoWS ODRL Evaluator. Because ODRL is descriptive only, several ship with a separate enforcement layer; ODRE provides reference enforcement code in Python and Java.
What do Immunity and Disability capture that Power and Subjection do not?
Power and Subjection name who can authoritatively declare a violation and who is bound by that declaration. Immunity and Disability cover the other axis: whether a party’s position can be altered against its will, and whether a party lacks the competence to alter someone else’s. A vendor that rewrites its acceptable-use policy unilaterally holds the Power to change the terms; users, with no Immunity against that change, stay in Subjection to whatever the new text says.
Why can’t ODRL natively express open-ended maintenance duties?
Open-ended maintenance duties have no native construct; the formal semantics models duties only as achievement obligations that a concrete action can complete. Practitioners approximate ongoing duties with recurring time-bound constraints or scheduled re-evaluation, and the UFO-L grounding inherits that boundary rather than extending it. Prose policies that forbid a use indefinitely therefore lose precision when translated.
What would a regulator need to use ODRL against an AI vendor’s block decisions?
A regulator would need three artifacts from the provider: an ODRL encoding of the acceptable-use policy, exposed evaluator verdicts that identify the clause and world assumption invoked, and a third-party-runnable enforcement layer such as ODRE. The UFO-L grounding supplies the vocabulary for all three. No major model provider publishes any of them today, so the grounding is a lever, not a mandate.
