How is this different from Google Analytics?

Google Analytics shows you traffic. Shadow shows you traffic, AI bot activity, what AI platforms say about your brand, AND tells you what to do about all of it. It's analytics + AI intelligence + action steps in one tool.

Do I need to install anything?

For basic monitoring (bot detection, AI perception, readiness score) — nope, just enter your URL. For full visitor analytics (clicks, behavior, sessions), add one script tag. One-click integrations for Vercel, Shopify, WordPress, and more.

Will it slow down my site?

No. The script is under 5KB and loads async. Zero impact on page speed or Core Web Vitals. External monitoring has literally no impact — it watches from the outside.

What AI bots does Shadow detect?

All of them. GPTBot, ClaudeBot, PerplexityBot, Google-Extended, Bytespider, Amazonbot, and dozens more. The Shadow Network means new bots get identified across all users instantly.

What do you mean by "actionable steps"?

Shadow doesn't just show you graphs. It says things like: "ChatGPT has your pricing wrong — add structured data to /pricing to fix it" or "Your bounce rate on /features is 68% — here's why and what to change." Specific, do-it-today recommendations.

Can Shadow block bots?

Shadow is a telescope, not a shield. It shows you who's visiting and what AI says about you. It generates block rules and robots.txt configs you can apply — but it doesn't intercept traffic.

Yes. Shadow never collects PII. IP addresses are hashed after classification. No cookies on your visitors. All Shadow Network data is anonymized. GDPR compliant by design.

TDMRep (Text and Data Mining Reservation Protocol) is a W3C community specification that lets website owners declare whether their content can be used for text and data mining purposes, including AI model training. It provides three implementation methods: HTTP headers, a well-known JSON file, and HTML meta tags.

How is TDMRep different from robots.txt?

robots.txt is a technical convention with no legal standing — crawlers can (and do) ignore it with no legal consequence. TDMRep is explicitly referenced by the EU AI Act and CDSM Directive as a 'machine-readable means' of reserving TDM rights. Under EU law, if you express a TDMRep reservation, AI companies must respect it or face legal liability. robots.txt says 'please don't crawl'; TDMRep says 'I legally reserve my rights.'

Can I use TDMRep and robots.txt together?

Yes — and you should. robots.txt and TDMRep serve complementary purposes. robots.txt tells crawlers not to access specific paths; TDMRep declares your legal rights over content that has already been accessed. Think of robots.txt as a 'no trespassing' sign and TDMRep as a legally filed property deed. Use both for maximum protection.

Which TDMRep implementation method should I use?

Use the tdmrep.json well-known file for site-wide coverage (simplest). Add HTTP headers if you need per-resource control. Use HTML meta tags for individual pages where you want different policies. For maximum coverage, implement all three — they complement each other and different crawlers may check different signals.

W3C Standard·9 min read

TDMRep: The W3C Protocol That Gives Your AI Opt-Out Legal Teeth

robots.txt is a gentleman's agreement — crawlers can ignore it with zero legal consequence. TDMRep is backed by EU law. Here's how to implement it in under 10 minutes.

robots.txt vs. TDMRep: The Legal Difference

robots.txt is a technical convention from 1994. It was designed for search engine crawlers and has no legal enforcement mechanism. AI companies can and do ignore it with zero legal consequence.

TDMRep is explicitly referenced by the EU AI Act (2024/1689) and the EU Copyright in the Digital Single Market Directive (CDSM, Article 4) as a "machine-readable means" of reserving TDM rights. Under EU law, if you express a TDMRep reservation, AI companies operating in or selling to the EU must respect it — or face legal liability.

What Is TDMRep?

TDMRep (Text and Data Mining Reservation Protocol) is a W3C community specification that allows website owners to formally declare whether their content may be used for text and data mining purposes — including AI model training. It provides a machine-readable signal that can be checked automatically by compliant crawlers and used as evidence in legal proceedings.

Think of it this way: robots.txt is a "no trespassing" sign. TDMRep is a legally filed property deed. Both are useful. Together, they're much stronger than either alone.

Three Ways to Implement TDMRep

TDMRep offers three implementation methods. Use one, two, or all three for maximum coverage:

1. The tdmrep.json File (Recommended)

Place a tdmrep.json file at /.well-known/tdmrep.json on your domain. This covers your entire site with a single file.

/.well-known/tdmrep.jsonReserve all TDM rights site-wide

{
  "tdm": [
    {
      "policy": "https://yoursite.com/tdm-policy",
      "tdm-reservation": 1
    }
  ]
}

tdm-reservation: 1 means "I reserve my TDM rights — you may not mine this content without permission." A value of 0 means "I do not reserve rights — mine freely."

2. HTTP Headers (Per-Resource Control)

Add a TDM-Reservation HTTP response header to individual pages or across your entire site via server configuration:

nginxSite-wide TDM reservation header

# Add to your nginx server block
add_header TDM-Reservation 1;
add_header TDM-Policy "https://yoursite.com/tdm-policy";

Apache .htaccessSite-wide TDM reservation

Header set TDM-Reservation "1"
Header set TDM-Policy "https://yoursite.com/tdm-policy"

3. HTML Meta Tags (Per-Page Control)

Add meta tags to the <head> of individual pages where you want to reserve TDM rights:

HTMLPer-page TDM reservation

<meta name="tdm-reservation" content="1">
<meta name="tdm-policy" content="https://yoursite.com/tdm-policy">

Implementing TDMRep in Next.js

For Next.js App Router projects, here's how to implement all three methods:

public/.well-known/tdmrep.jsonMethod 1: Well-known file

{
  "tdm": [
    {
      "policy": "https://yoursite.com/tdm-policy",
      "tdm-reservation": 1
    }
  ]
}

next.config.jsMethod 2: HTTP headers via Next.js config

module.exports = {
  async headers() {
    return [
      {
        source: '/(.*)',
        headers: [
          { key: 'TDM-Reservation', value: '1' },
          { key: 'TDM-Policy', value: 'https://yoursite.com/tdm-policy' },
        ],
      },
    ];
  },
};

app/layout.tsxMethod 3: Meta tags in root layout

export const metadata = {
  other: {
    'tdm-reservation': '1',
    'tdm-policy': 'https://yoursite.com/tdm-policy',
  },
};

Writing Your TDM Policy Page

The tdm-policy URL should point to a human-readable page on your site explaining your TDM rights reservation. This page serves as legal documentation. A minimal TDM policy should include:

Statement of rights reservation

A clear declaration that you reserve all text and data mining rights over your content.

Scope

Which content is covered (e.g., all content on the domain, or specific sections).

Contact information

How AI companies can reach you to request a license for TDM use.

Legal references

Reference to Article 4 of the EU CDSM Directive and/or the EU AI Act as the legal basis.

Licensing terms

Whether you offer licenses for TDM use, and under what conditions.

The EU Legal Framework

TDMRep's legal teeth come from two pieces of EU legislation:

📜

CDSM Directive, Article 4 (2019)

Allows rightholders to opt out of text and data mining by expressing a reservation in a "machine-readable means." TDMRep is explicitly designed to satisfy this requirement. If you reserve TDM rights via TDMRep, anyone mining your content in the EU without a license is infringing copyright.

⚖️

EU AI Act (2024/1689)

Requires providers of general-purpose AI models (like GPT, Claude, Llama, Gemini) to comply with TDM rights reservations expressed in machine-readable form. This is directly applicable to AI training — not just generic data mining. Non-compliance can result in significant fines.

Using TDMRep and robots.txt Together

TDMRep and robots.txt serve complementary purposes. Use both for maximum protection:

robots.txt

• Technical: tells crawlers not to access content
• No legal enforcement mechanism
• Respected voluntarily by most crawlers
• Prevents data collection at the access point

TDMRep

• Legal: declares your rights over content
• Backed by EU CDSM Directive and AI Act
• Creates legal liability for non-compliance
• Applies even if content was already accessed

Belt and suspenders

robots.txt stops compliant crawlers from accessing your content. TDMRep creates a legal record that your rights are reserved — useful if a crawler ignores robots.txt and you need to pursue legal action. Use both.

Frequently Asked Questions

Does TDMRep work outside the EU?

The legal backing is strongest in the EU. Outside the EU, TDMRep serves as a formal, machine-readable expression of your intent — which can strengthen your position in fair use disputes in the US, or under similar frameworks in the UK, Japan, and elsewhere. Having an explicit reservation on record is always better than silence.

Do AI companies actually check TDMRep?

Adoption is growing. The EU AI Act requires general-purpose AI model providers to comply with TDM rights reservations. As enforcement ramps up through 2025-2026, major AI companies operating in or selling to EU markets will need to check TDMRep signals. Early adoption puts you ahead of the compliance curve.

Which implementation method should I use?

Use tdmrep.json for site-wide coverage (simplest). Add HTTP headers for per-resource control. Use HTML meta tags for individual pages with different policies. For maximum coverage, implement all three — different crawlers may check different signals.

Does TDMRep affect my SEO or search rankings?

No. TDMRep is specifically about text and data mining rights. It has no relationship with search engine crawling, indexing, or ranking. Google, Bing, and other search engines do not use TDMRep to make crawling or ranking decisions.

Related Guides

noai & noimageai Meta Tags

HTML-level AI training opt-out

robots.txt for AI Bots (Complete Guide)

51+ crawlers, full reference table

AI Content Protection Tools

Full protection toolkit

How to Block CCBot

Common Crawl — TDM-Rep's primary target

Is your site protected from AI bots?

Run a free scan to check your robots.txt, meta tags, and overall AI readiness score.