How do I prevent copying of my PDF files?

Question

One time while I was printing my documents at a copy center, I saw they dragged-and-dropped my PDFs from my flash drive to their desktop.

How do I protect my files without using password? Is there a way to make a file open once and after that encrypt it?

When you give a file to a copyshop for printing it, you have to trust that shop. There is no technical way for you to prevent them from keeping a copy after printing it. Depending on jurisdiction they might even be required by law to do so. — Philipp, Oct 15 '13 at 13:41
Fundamentally, they have to have the unrestricted contents of the document in order to print it out. This is like handing someone a note for them to copy, and asking if you can prevent them from memorizing it. — Stephen Touset, Oct 15 '13 at 17:45
I vaguely recall an event where there were some files on a flash drive that could not be copied from it. Is it perhaps possible to reprogram the flash drive microcontroller to prevent files from being copied? Of course one could still be read and rewrite data, so this is not a foolproof solution, but maybe the in the act of copying a file from a flash drive to the desktop the OS requests a ‘copy’ operation rather than a ‘read’ operation, which can then be distinguished and denied. — arxanas, Oct 15 '13 at 20:41
@arxanas no, reading a file for opening it with a program and reading a file for copying it to another filesystem is the same operation for the controller. — Philipp, Oct 15 '13 at 21:29
@arxanas: If you can read a file, then you have the data. When you have the data, you can write it to anywhere you have access to, like in your hard drive. So read access implies the ability to copy. — Siyuan Ren, Sep 26 '14 at 04:03

score 48 · Answer 1 · answered Oct 15 '13 at 13:49

As far as I know there is no feature like that in Adobe Reader. But even when there were such a feature, it couldn't be effective.

PDF is an open format, so they could just use another PDF-capable program to view it which doesn't support this feature
They could create a copy of the file before opening it. Adobe Reader couldn't know about that second copy, so it wouldn't be able to encrypt it too.
They could make the file write-protected which means that it can't be encrypted after opening it
They could log the generated print-job in the printer spool of the operating system
They could use a custom printer driver which outputs each printed document to a file
The printer itself could cache the print-job (likely it does by default - professional printers often come with quite large hard drives)

Bottom line: When you want to print a sensitive document, either find a copyshop you trust or print it yourself.

LateralFractal · Answer 2 · 2013-10-17T23:40:42.067

There is a way to distribute the risk such that any single print-shop gains no benefit from copying your files: Visual Cryptography.

But it is esoteric and it is hard-core - versus simply buying your own printer or eBook reader.

To print PDFs at untrusted print-shops with visual cryptography, you use special software to split each page into two parts - each which you print on a transparency (a/k/a lecture slide) at entirely separate print-shops*. You can then view the document by leafing through glued transparencies.

The resolution depends on a variety factors such as the intelligence of the separation algorithm but will be fairly low (1980's monitor resolution).

Example of visual cryptography

_{* Preferably while wearing a Groucho Marx disguise and providing fake ID if your totalitarian state requires it.}

score 20 · Answer 3 · answered Oct 15 '13 at 13:44

There's no technical way to solve this. The file (or, rather, a version of it) will be stored in the computer's cache for some time, and sent to the printer which will keep it there for some time. There are several places where a version of your file can be intercepted and stored.

If you don't trust the copy shop, get your own printer.

Mavaddat Javid · Answer 4 · 2016-10-17T21:10:17.327

4

This is achievable by several methods (besides passwording):

Acquiring and implementing a DRM (Digital rights management) licence or LiveCycle Rights Management.
Create using layers with JavaScript.

"Cover" the PDF pages with an opaque watermark, then use a script to uncover the PDF for a period. This is not a perfect method, but it is fail safe. Meaning that if JavaScript is turned off or it is opened in a 3rd party viewer, the content will be hidden. Source

Video of Acrobat representative explaining options.

edited Oct 17 '16 at 21:10

answered Oct 15 '13 at 17:11

Mavaddat Javid

288
1
7

17

These techniques would only be deterrents to casual snoops. – Roy Tinker Oct 15 '13 at 17:39
1

Preventing a copy will be hard, but Adobe LiveCycle definitely will allow you to prevent printing the PDF. Also Adobe Policy Server will allow you to remotely revoke PDF files (or replace them with an updated version). – fimez Oct 16 '13 at 08:02
2

@fimez If they have access to the hardware print spool (it's their printer) and thus can [re-save](http://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?lang=en&cc=us&sp4ts.oid=2512319&docId=emr_na-c00771412) the unencrypted raw print job, then file has been copied in a form visible and reusable on any other computer. – LateralFractal Oct 16 '13 at 08:28
@LateralFractal but for that you would first need to be able to print the document and you can deny printing in a reader extended PDF document. – fimez Oct 16 '13 at 09:03
@fimez I guess I assumed the question meant *'How do I prevent copying by the third party printing company?'* but technically the question doesn't ask that, merely implies. So your comments are valid, within the limits and provisos of the existing answers. – LateralFractal Oct 16 '13 at 09:06
@LateralFractal it's a difficult question. Once you actually allow printing, your spool argument will indeed defeat any other mechanisms. Even adding a policy and a password, entering that password once to print and then revoking the whole PDF won't even help. So I guess you only can prevent any of more esoteric copying techniques by not allowing printing at all, which kinda defeats the purpose. – fimez Oct 16 '13 at 09:36
The JavaScript-foo will prevent printing the PDF with commercial printers as no high-end RIP will be able to handle it (as they are PDF/PS-RIPs, not Browsers). – Martin Schröder Oct 17 '13 at 18:15

score 2 · Answer 5 · answered Oct 16 '13 at 09:28

There are copy-protected memory sticks which you can use - the content is encrypted and can only be opened/printed while the memory stick is actually in the computer. This will not help against printers printing to file etc., but can be useful to avoid casual copies.

See https://www.truscont.com/?page=38&id=4 for more info - I'm not affiliated with them but it's the solution we've used for securing files and software.

score 1 · Answer 6 · answered Oct 16 '13 at 05:46

In theory, you can create an application that will print the document on copyshop's printer and then destroy itself (example). However, not every copyshop will allow to launch your program instead of opening your document.

Also, they still will be able to intercept your data at printer level (driver/spool/device etc). Sure, your application in theory can behave like an advanced anti-rootkit tool and detect even this - but won't it be cheaper just to buy a printer rather than developing such product?

How do I prevent copying of my PDF files?

6 Answers6