I see how that's supposed to work, but I don't think that's how it happens in practice, and hence doesn't explain much about the motivation behind actually bothering to deploy DRM. Proto-DRM (copy protection, lockout chips, dongles) was in play decades before anticircumvention laws, and as far as I've seen those laws have little practical value in stopping circumvention anyway. They seem to be primarily used for extra charges against vendors of "fully loaded" hardware (e.g. consoles and media players preloaded with illegally copied content). When governments are leveraged to go after pure circumvention tools, the Streisand effect usually kicks in and ensures that the necessary code and keys are spread far and wide. The main place where DRM actually has teeth is in applications where connectivity and an account are required, such as streaming media services (i.e. the primary application of EME) and online gaming. In that case, the vendor can frequently update anticircumvention measures in the client and deactivate accounts (or, in the case of vendor-managed platforms like game consoles, ban the actual device) that fail enough checks.