Inferensys

Glossary

TDM Reservation Protocol

A technical specification, often implemented via the robots.txt parser or HTTP headers, that allows rights holders to communicate a reservation of rights for text and data mining purposes to automated agents.
Developer demonstrating multi-agent tool use, agent tool selection interface on laptop, casual tech demo moment.
TEXT AND DATA MINING RIGHTS

What is TDM Reservation Protocol?

A technical mechanism for rights holders to declare that their content is not available for text and data mining by automated agents.

The TDM Reservation Protocol is a machine-readable specification that allows content owners to formally reserve their rights to text and data mining (TDM), effectively communicating an opt-out from unauthorized AI training ingestion. It is typically implemented via the robots.txt parser or HTTP response headers, providing a standardized method for rights holders to express usage restrictions to compliant crawlers and automated agents.

This protocol addresses the legal gap between general web crawling permissions and the specific act of extracting data for foundation model training. By signaling a reservation of rights, content owners establish a technical assertion of copyright and database rights, creating a verifiable boundary that distinguishes between permissible indexing for search and prohibited extraction for generative AI corpora.

MECHANISM BREAKDOWN

Key Features of the TDM Reservation Protocol

The TDM Reservation Protocol is a machine-readable rights expression that overrides general crawling permissions. It provides a technical mechanism for content owners to declare that their works are not available for text and data mining, specifically targeting AI training ingestion by compliant automated agents.

01

Robots.txt Integration

The protocol is implemented directly within the robots.txt file, the primary access control point for automated crawlers. A dedicated directive targets AI-specific user agents:

  • Syntax: User-agent: AI-Crawler followed by Disallow: /
  • Granularity: Supports wildcard path exclusion to block specific directories while allowing others
  • Precedence: TDM reservation directives override general Allow rules for compliant bots

This leverages existing web infrastructure without requiring new protocols, making adoption straightforward for site administrators.

02

HTTP Header Signaling

Beyond robots.txt, the protocol can be communicated at the response level using HTTP headers, providing page-level granularity:

  • X-Robots-Tag: Set to noai or noarchive to prevent training ingestion
  • TDM-Reservation: A dedicated header with value 1 signals a full reservation of rights
  • TDM-Policy: Can reference a URL pointing to a machine-readable policy document

Header-based signaling is critical for non-HTML resources like PDFs, images, and API responses where meta tags cannot be embedded.

03

Compliant Agent Recognition

The protocol relies on voluntary compliance by AI crawler operators. Recognized agents identify themselves via distinct user-agent tokens:

  • Google-Extended: Google's dedicated AI training crawler that respects TDM opt-outs
  • GPTBot: OpenAI's crawler that can be blocked via robots.txt directives
  • CCBot: Common Crawl's bot, used by many training datasets

Non-compliant or unidentified crawlers may ignore these signals entirely, making the protocol a trust-based system rather than an enforceable technical barrier.

04

Legal Standing & Copyright

The TDM Reservation Protocol serves as a machine-readable expression of copyright reservation, strengthening legal positions:

  • EU Copyright Directive: Article 4 provides a legal basis for TDM opt-outs expressed via machine-readable means
  • Constructive Notice: The protocol establishes that crawlers had technical notice of usage restrictions
  • Licensing Gateway: Reserved content can link to commercial licensing APIs, converting opt-outs into revenue opportunities

This transforms robots.txt from a courtesy convention into a potential legal instrument for rights enforcement.

05

Relationship to Preference Signals

TDM Reservation operates alongside broader consent frameworks to create a layered rights expression architecture:

  • Global Privacy Control (GPC): Browser-level signal that can extend to AI training preferences
  • Content Credentials (C2PA): Cryptographically signed metadata that persists through content redistribution
  • Consent Receipts: Auditable records proving that opt-out signals were transmitted and acknowledged

This multi-signal approach ensures that rights reservations survive content syndication and are detectable even when content leaves the origin server.

06

Limitations & Enforcement Gaps

The protocol has significant technical and practical limitations that content owners must understand:

  • No Retroactive Effect: Content already scraped before opt-out implementation remains in training datasets
  • No Deletion Mechanism: The protocol cannot force removal of data already ingested into model weights
  • Jurisdictional Variance: Legal enforceability varies dramatically between the EU, US, and other regions
  • Synthetic Reproduction: Models may reproduce memorized content even after opt-out, requiring separate takedown processes

These gaps highlight why TDM Reservation is a necessary but insufficient component of a comprehensive AI governance strategy.

TDM RESERVATION PROTOCOL

Frequently Asked Questions

Clarifying the technical and legal mechanisms for reserving rights against text and data mining by automated agents.

The TDM Reservation Protocol is a technical specification that allows rights holders to communicate a reservation of rights for text and data mining (TDM) to automated agents. It functions by expressing an opt-out through a robots.txt directive or an HTTP response header, specifically targeting compliant crawlers. The protocol extends the Robots Exclusion Protocol to semantically distinguish between general search indexing and the extraction of data for foundation model pre-training. When a compliant AI crawler encounters a TDM-Reservation: 1 header or a specific Disallow rule scoped to its user-agent, it must cease scraping that resource for training corpora. This mechanism bridges the gap between legal rights reservation under directives like the EU's CDSM Directive and the technical reality of automated web-scale ingestion, providing a machine-readable enforcement layer for copyright and database rights.

Prasad Kumkar

About the author

Prasad Kumkar

CEO & MD, Inference Systems

Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.

His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.