Note: Clarification of OAI in controlled environment added as per reviewer comment. Jenn Riley 10/8/05
Note: Summary of best practices added. Jenn Riley 10/11/05
 Expressing Rights for Metadata within the OAI Protocol
 Summary of Best Practices
- Follow suggestions in the OAI Implementation Guidelines to express rights over metadata.
- Only restrict use of metadata exposed via OAI in specialized circumstances.
The OAI protocol does provide a way to express rights over the metadata at the record, set, and repository levels. The <rights> container used within the protocol refers only to rights information about the metadata and does not refer in any way to the resources described by the metadata. Rights information about the resources described by the metadata should be contained within the metadata record itself.
In May 2005, the document Conveying rights expressions about metadata in the OAI-PMH framework was released as part of the OAI Implementation Guidelines. It is best practice to follow these guidelines to describe rights for metadata at the record, set, and repository level. One important caveat is that the OAI-PMH does not provide a mechanism for enforcing restrictions or conditions that data providers place on the use of their descriptive metadata.
Data providers should think very carefully before attaching restrictions or conditions to the use by OAI service providers of the descriptive metadata associated with digital resources. Doing so imposes burdens on OAI service providers who wish to harvest the metadata and incorporate it into a specific service, and therefore can restrict the exposure of these resources gained by participating in OAI.
Some data providers use the OAI-PMH to surface metadata for harvesting in a more closed environment, where metadata being shared are intended for use only within a defined community. In these cases, data providers should provide a rights statement relating to use of their descriptive metadata. This statement can supplement access controls and restricted distribution of a repository baseURL to ensure metadata being exposed is used as intended.
See also the About Container section of the Best Practices for OAI Data Provider Implementations.