And as part of that lock down, to make it effective, other parts of the operating system would have to interpret the pdf flags so that the document itself could not be copied off the device onto removable storage or over the network to another device where the flags were not respected. Effective lock-down is very hard to do unless the entire system is designed for it.
At best enforcing the flags in the document in a software reader will prevent casual breaches in workplace protocol. They certainly aren't enough by themselves to prevent malicious intent.
My question is, would notification about the flags be just as effective as default enforcement? If there was space in the UI that communicated that the document was flagged no-copy but the software reader itself made no effort to prevent you from copying it by default..would the no-copy notification be just as effective at preventing casual protocol breaches?