When a document is converted from one form to another, two things happen - one, it suffers conversion-distortion. Two, it has now become much more accessible. Since it has been distorted, you need to correct it, by checking and entering corrections. However, unauthorized corrections can compromise the digital copy. Plus, for your own records, you would need to maintain the original unaltered copy. Imagine for instance that you received a payment by cheque for a thousand rupees. The scanning process introduces extra pixels to make it read one thousand and eight hundred rupees. So, a quality analyzer detects this problem and re-enters the figure on a copy of the scanned image and that is sent for further processing. Now, if this person had other intentions, he could have easily made the correction to read a hundred rupees or even lesser. This is why you would need the original scanned image so that someone with perhaps better skills or equipment can analyze it should a dispute arise.
Documents must be protected. Paper ones can be locked away in a safe or placed in bank lockers. Digital copies unfortunately are far more insecure. Once a document is on a computer, no amount of security can completely prevent unauthorized use or viewing. For example, if you protect a document saying 'deny copying contents', someone can easily take a screenshot of each page and distribute that. Or, they can copy it out using a screen-reader/dictation engine
combination. Digital rights (DRM) and copy-protection are severely limited in that they cannot enforce physical security.
Conventional document protection mechanisms include digital signatures, license based protection, activation-protection and limited client protection. With digital signatures, you are assigned a secure digital certificate by a recognized authority and you would use it to sign the documents. Someone wanting to edit it, must have a corresponding certificate with that specific authorization. Or, you could license the document for use in specific purposes. However, it would need compatible clients-not all clients would understand such a thing. Adobe Reader 7.0 includes this feature, where you can selectively ban certain activities or even limit them to certain counts -for eg, four printouts in a month. And it would be upto the client application to enforce it.
Activation-based protection is similar in that, before using the document, the user will need to activate and decrypt the copy with an authority-activation need perhaps occurs only once, but the decryption would happen each time you authenticate to use the document. Obviously, such activations can be controlled and tracked from the activation server, where you can setup who can activate and how many times. Un-activated copies would be completely encrypted and cannot be read at all. Interestingly, even though not in the realm of documents, the game Half Life 2 uses this mechanism to prevent piracy.
Limited client protection uses the capabilities of the specific client to enforce policies. A prime example is the MS Exchange/Outlook 2003 combination, which allows you to sensitize e-mail you send by marking them confidential and setting up what they can and cannot do with it. You can also recall messages so that accidental distribution can be negated. However, this again does not even pretend to bother with the realm of physical enforcement of such security.
The basic flaw in all these protection mechanisms is the complete absence of physical security of the document. They can only prevent the unauthorized usage and modification of files as long as they are within the system and cannot control what happens once it is printed out or viewed by someone who is authorized-who can themselves be the points of illegal distribution or modification.