Negotiate before sharing: how smart contracts and ODRL policies govern data exchange

AI Open Space

Negotiate before sharing: how smart contracts and ODRL policies govern data exchange

In the physical world, no company shares critical data without a contract. In a data space, that logic remains, but the contract stops being a PDF signed by email and becomes an automated, verifiable, and traceable process. Our data space implements the IDS standard contract negotiation protocol, which establishes how provider and consumer agree on usage terms for each dataset before a single byte is transferred.

The state machine: six steps to an agreement

Every negotiation in a data space follows a rigorous sequence of states. This is not bureaucracy: it is the guarantee that both parties have explicitly consented to each term.

  • REQUESTED. The consumer sends a request indicating which dataset they want and under what conditions.

  • OFFERED. The provider responds with an offer that may match the request or propose different terms.

  • ACCEPTED. The consumer accepts the provider's offer.

  • AGREED. The provider formalizes the agreement with the exact accepted terms.

  • VERIFIED. The consumer verifies that the agreement matches what was agreed.

  • FINALIZED. The provider marks the negotiation as complete. The agreement is active and enables data transfers.

At any point before finalization, either party can terminate the negotiation with a reason code, leaving an auditable record of why no agreement was reached.

Counter-offers: real negotiation

Unlike systems that only allow "accept or reject," our data space supports real counter-offers. If the provider offers 6-month access and the consumer needs 12, they can send a counter-request modifying that term. The provider can then accept, reject, or propose an alternative.

This back-and-forth continues until both parties converge or one decides to terminate. Every exchange is recorded in the negotiation history, creating a complete trace of the process.

ODRL policies: the language of data rights

The terms of each negotiation are expressed in ODRL (Open Digital Rights Language), a W3C standard specifically designed to describe permissions, prohibitions, and obligations on digital assets.

In practice, an ODRL policy in our data space can establish conditions such as: the consumer has permission to use the data until December 31, 2026, is prohibited from redistributing it to third parties, and has the obligation to cite the source in any derived publication. Each rule can include additional constraints, such as time, geographic, or purpose limitations.

The advantage of using a standard like ODRL is that policies are readable by both machines and humans, and interoperable with any other data space implementing the same standard.

Payments and subscriptions: native data monetization

Our data space extends the IDS protocol with an integrated payment mechanism. A provider can publish a dataset with a payment obligation: "to access this data, the consumer must pay 50 EUR per month via Stripe."

When the consumer initiates the negotiation, the system automatically generates a payment link. Once payment is completed, the agreement is automatically formalized without manual intervention. If the payment is a subscription, the consumer can cancel it at any time, which automatically triggers agreement cancellation.

This mechanism opens the door to data-based business models within the data space itself, without requiring external commercialization platforms.

Clearing House registration: verifiable trust

When a Clearing House (trusted third party) is configured, the negotiation flow includes additional registration steps. Both provider and consumer digitally sign the agreement and register their signatures with the Clearing House, which in turn registers them on blockchain.

If a subsequent dispute arises ("I didn't agree to those terms"), the digital signatures stored on blockchain provide irrefutable cryptographic proof of what each party accepted. The Clearing House also offers a structured dispute messaging system for parties to resolve disagreements.

Policy engine: automating decisions

Our data space includes a policy engine that can automatically evaluate incoming requests and act according to predefined rules. For example, an organization can configure its connector to automatically accept any negotiation from a participant with a valid attestation from a specific trusted issuer, reducing administrative burden without sacrificing control.

Sharing data with guarantees, not blind faith

Contract negotiation is not an obstacle to data flow: it is what makes it possible at scale. Without verifiable guarantees about what each party can do with data, organizations simply don't share. The IDS negotiation protocol with ODRL policies transforms what was once a manual, slow, and legally fragile process into an automated, auditable, and legally robust flow.

In our data space, every piece of data shared has an explicit contract behind it, verified by both parties and, if desired, registered on blockchain. That's not bureaucracy: it's trust.