In the CW article, pseudonymous Mathias Thurman describes a demonstration of Microsoft's Rights Management Services product. The audience of executives identify a number of "Suppose..." scenarios, which the author dismisses as merely research subjects, concluding that "...the goal of this proof of concept was to introduce a group of executives to a technology that, if deployed properly, could prevent the theft of intellectual property and save the company money. I believe I accomplished that goal."
I suppose, for a number of values of "could", this is true.
But looking at the EFF's material, specifically, "How DRM Doesn't Work ?" I'm convinced that there's a logical fallacy in DRM that makes the entire idea logically impossible. Specifically, you're looking to control an end-users computer. Generally, controlling someone else's computer is a criminal activity when we consider viruses and DDoS attacks. Further, there are inevitable "support" issues because of upgrades, failure to upgrade and incompatibilities with other DRM schemes that the user is trying to be part of.
In short, DRM can't be made to work.
And the glorious part of the CW article is that the logical fallacies are framed as "Suppose..." questions. The two that are included in the article are marvelous. I'd love to see the whole list of 15 or so. That would like be a list of 15 more reasons why DRM can't be made to work.
Two Specific Scenarios
Here are two specific scenarios from the article: “Suppose that I needed to view a protected document at a customer site,” or, “Suppose I wanted to send a protected document to someone who wasn’t an employee.”
Both of these are the kind of monumental obstacles that reveal the logical impossibility of DRM.
Viewing protected content when you don't have access to the authorization server is a serious restriction that is insurmountable. While you can -- in principle -- create an indefinite number of customer VPN connections, you will inevitably have issues with a customer. Either it will be technical (their stuff is too old, too new or too Linux) or it will be legal (they don't permit that kind of thing.)
Giving a protected document to a non-employee means that you have to admin an indefinite number of unknown individuals into your protection scheme. Employees -- at least in principle -- are trustworthy. Except the ones you have to fire for criminal activity on company property. Non-employees must be untrustworthy, requiring them to be vetted as if they were prospective employees: background checks, interviews, photo ID checks, immigration paperwork, etc. All of which inhibits potentially valuable use of the intellectual property by increasing the cost of access -- possibly to an unacceptable level.
These aren't technical nits, to be overcome with clever use Live ID or Active Directory. These are logical impossibilities. You can't reach into everyone's computer and everyone's network to secure your intellectual property. You can't vet every potential user and still have a reasonable cost-to-use. Either you can't let it out of the server room, or you have to trust someone.
The other choice is to make the IP so compellingly valuable that you'll make money anyway. The Red Hat business model strikes me as a better direction in which to head. While Copy-Friendly business models are too new, it makes more sense to monetize what people want to do (spread your IP around). If spreading your IP around can find more customers, isn't that better than locking it away in the server room?