A TDM Opt-Out is a technical declaration that reserves the right to perform text and data mining on a copyrighted work, explicitly prohibiting its use for commercial AI model training. It functions by overriding general crawling permissions granted in robots.txt through a specific machine-readable signal, such as the TDM-Reservation: 1 HTTP response header or a dedicated tdm-opt-out directive, thereby communicating to compliant automated agents that ingestion is forbidden without a separate license.
Glossary
TDM Opt-Out

What is TDM Opt-Out?
A machine-readable protocol enabling content owners to declare that their copyrighted works are reserved for Text and Data Mining, overriding general crawling permissions to prevent unauthorized AI training ingestion.
This protocol addresses the legal gap between standard web crawling and AI training ingestion under the European Union's CDSM Directive, which requires rights holders to expressly reserve their rights. Unlike a broad Disallow rule that merely blocks access, a TDM Opt-Out establishes a legally significant preference signal that, when paired with a Data Processing Agreement, provides a technical foundation for enforcing copyright compliance and preventing unauthorized inclusion in permissioned corpora.
Key Characteristics of TDM Opt-Out
The TDM Opt-Out is a machine-readable declaration that reserves the right to prevent text and data mining, overriding general crawling permissions. Below are the core technical and legal characteristics defining this protocol.
Machine-Readable Reservation
The TDM Opt-Out functions as a protocol-level declaration rather than a human-readable legal notice. It is implemented via:
- robots.txt directives: Specifically targeting AI crawler user-agents with
Disallowrules. - HTTP response headers: Utilizing
X-Robots-Tag: tdm-reservationto signal opt-out status at the page level. This structured format allows compliant automated agents to parse the reservation without manual interpretation.
Overrides General Crawling Permissions
A critical distinction exists between indexing and mining. A site may allow indexing via Googlebot for search visibility while explicitly disallowing AI training crawlers.
- Granularity: The protocol supports granular path exclusion, reserving specific directories for TDM while leaving others accessible.
- Precedence: The TDM reservation takes logical precedence over broad
Allowrules for specific AI user-agents, creating a specific exception to general access.
Legal Basis in EU Copyright Law
Article 4 of the EU Directive on Copyright in the Digital Single Market (CDSM) provides the statutory framework. Key legal mechanics include:
- Article 4(3): Explicitly grants rights holders the ability to reserve their rights to prevent text and data mining.
- Opt-Out Mechanism: The reservation must be expressed in a machine-readable format, making the technical protocol a direct extension of legal compliance.
- Commercial Restriction: This right applies specifically to commercial entities and for-profit AI training, distinguishing it from scientific research exceptions.
Compliance Verification
The protocol relies on automated adherence by crawlers. Verification involves:
- Server-side logging: Monitoring access logs for
200 OKresponses to disallowed paths from known AI user-agents. - User-agent string analysis: Cross-referencing traffic against a maintained user-agent blocklist to identify non-compliant bots.
- Provenance checks: Auditing downstream training datasets for the presence of content from domains with active TDM reservations.
Relationship to Preference Signals
The TDM Opt-Out operates alongside broader digital consent mechanisms:
- Global Privacy Control (GPC): While GPC signals a general objection to data sales, the TDM Opt-Out is a content-specific directive targeting the act of mining itself.
- Consent Management Platforms (CMPs): These can syndicate TDM preferences, but the technical enforcement still relies on the server-side protocol.
- Do Not Scrape: The TDM Opt-Out is the legally grounded, machine-readable evolution of the conceptual 'Do Not Scrape' signal.
Enforcement and Limitations
The protocol's primary limitation is its reliance on voluntary compliance by crawler operators. Enforcement challenges include:
- Non-compliant actors: Malicious scrapers ignoring robots.txt entirely.
- Attribution difficulty: Proving that a specific model trained on opted-out content without a verified provenance chain.
- Jurisdictional scope: The CDSM directive applies to EU member states, creating a fragmented global enforcement landscape for non-EU AI developers.
Frequently Asked Questions
Clarifying the technical and legal mechanisms that allow content owners to reserve their rights against unauthorized text and data mining for AI training.
A TDM Opt-Out is a machine-readable protocol enabling content owners to declare that their copyrighted works are reserved for Text and Data Mining, overriding general crawling permissions to prevent unauthorized AI training ingestion. Technically, it is implemented via the robots.txt parser or HTTP response headers to communicate a reservation of rights to automated agents. Specifically, the TDM Reservation Protocol allows rights holders to signal that, while a page may be indexed for search, it cannot be used for commercial AI training or computational analysis. This is distinct from a simple Disallow directive, which blocks all crawling; a TDM Opt-Out permits indexing but restricts the purpose of the crawl, aligning with the legal framework of Article 4 of the EU's DSM Directive.
Enabling Efficiency, Speed & Accuracy
Intelligent Analysis, Decision & Execution
We build AI systems for teams that need search across company data, workflow automation across tools, or AI features inside products and internal software.
Talk to Us
Search across company data
Give teams answers from docs, tickets, runbooks, and product data with sources and permissions.
Useful when people spend too long searching or get different answers from different systems.

Automate internal workflows
Use AI to route work, draft outputs, trigger actions, and keep approvals and logs in place.
Useful when repetitive work moves across multiple tools and teams.

Add AI to products and internal tools
Build assistants, guided actions, or decision support into the software your team or customers already use.
Useful when AI needs to be part of the product, not a separate tool.
Related Terms
Explore the technical protocols, legal frameworks, and governance mechanisms that constitute the Text and Data Mining opt-out infrastructure.
Content Exclusion Header
An HTTP response header used to signal to compliant crawlers that specific content should be excluded from AI training datasets. Unlike meta tags, this operates at the transport layer, providing granular control over generative model corpora ingestion. Key directives include:
X-Robots-Tag: noaiX-Robots-Tag: noarchiveX-Robots-Tag: noindex
Right to Object
A legal provision under GDPR Article 21 granting individuals the absolute right to object to the processing of their personal data. This can be invoked against AI profiling and training, compelling data controllers to cease processing unless they demonstrate compelling legitimate grounds that override the data subject's interests. This right is unconditional when data is processed for direct marketing purposes.
Data Lineage
The automated tracking of data's origin, movement, and transformation over time. In the context of TDM opt-outs, data lineage provides a forensic audit trail to verify that training data has not been contaminated by unauthorized or opted-out sources. It maps the complete journey from ingestion to model weight, enabling compliance verification and supporting Right to Erasure requests.
Content Credential
A tamper-evident metadata structure standardized by the C2PA (Coalition for Content Provenance and Authenticity) . It attaches cryptographically signed provenance information to digital content, signaling ownership and usage rights to AI ingestion systems. This allows crawlers to programmatically identify whether content is licensed for training or subject to a TDM opt-out declaration.
Purpose Limitation
A legal constraint under GDPR Article 5(1)(b) requiring that data collected for one explicit purpose cannot be repurposed for incompatible secondary uses. This directly challenges the common practice of scraping publicly available web data for foundation model training. Organizations must demonstrate that AI training is compatible with the original collection purpose or obtain new, specific consent.

About the author
Prasad Kumkar
CEO & MD, Inference Systems
Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.
His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.
Partnered with leading AI, data, and software stack.
How We Work
Custom AI workflows for your Business
One-fit-all AI don't work for modern businesses. At Inferensys, we aim to understand your business & custom requirements; which we use to define most efficient agentic workflows, the data, and the tools for your business.
01
Review the use case
We understand the task, the users, and where AI can actually help.
Read more02
Pick the right approach
We define what needs search, automation, or product integration.
Read more03
Build the first useful version
We implement the part that proves the value first.
Read more04
Improve from there
We add the checks and visibility needed to keep it useful.
Read moreThe first call is a practical review of your use case and the right next step.
Talk to Us