It’s time to come clean. I have implemented two DRM “solutions” in my time, at the command of bosses.
The first was at the request of the organisation’s brand manager, who was understandably concerned that people would right-click the organisation’s logo on the website, download it and .. well, I’m not sure what. Make branded underwear with it and sell it to unsuspecting members of the public. Or other such nefarious plots.
I was over-ruled, and implemented this elegant code.
The second “solution” was a happy side-effect of a CMS that the organisation had bought which didn’t actually facilitate editing of HTML content. Therefore, the “website” was actually an HTML scaffolding for the delivery of non-web content, with the words “download the attachment below” and a PDF hanging off each URL. The web team suggested offering a Word document in addition to the PDF (that’s what the PDF was made from, anyway) as a blind user found Word more accessible with her screenreader.
However, our organisation had a local network at work, whereby anyone could edit Word docs in shared areas. A senior member of the Exec team believed that the web was the same – someone could download and edit a Word doc from our website, maliciously amend it and re-save it back to the server. PDFs, of course, are uneditable. Hence, we allowed only PDFs, some of which were locked in order to protect the logo.
The fact that no illicit underpants with the organisation’s logo were ever discovered shows the infallibility of these DRM “solutions”.