I was asked a question by our senior counsel that has me running in circles: How do we limit/restrict what a 3rd Party can do with our data once we send it to them?
Historically, they share documents with external partners and other law offices via physical media (DVD, USB, etc). He wants them to have the ability to view and print the documents therein, but limit their ability to copy/copy-paste the files and the data from the DVD to other media. This sounds like DRM to me, which we all know has failed miserably for years within the recording industries. It may be a "reasonable" level of protection, but there will still be ways for those 3rd-Parties to achieve what he is trying to block if we are sending them physical media. I mean, if they can print the docs, they can print straight to file/pdf so.......
What other options are out there? It seems to me that the only real way to achieve this is to host it in a cloud solution with all rights beyond read restricted, supply them with the locked down presentation app so that data is not read into local RAM on their end, and remove their ability to print. While we have no control over screen capture functionality, this would make copying searchable files very difficult without OCR capabilities of some kind and without lots of time spent on the "attackers" part.
Thanks in advance for any helpful feedback. At the very least this is a great thought exercise :)
You must sign in to rate content.