#2 precludes #3, though it would be possible to process the file that gets submitted and add security/DRM so that it's restricted from being opened.
To clarify: could adding the security/DRM be "triggered" by an action performed by the respondent (e.g., after they sign it)? Or would that security require Adboe Acrobat?
You can use certificate encryption for this workflow. The problem here is that the possible recipients of your PDF need to have a Digital ID with a private key in order to encrypt PDF and also have certificates with the public key for all authorized recipients of the encrypted PDF.
And it is not easy to teach average user how to do that. And this is possible only in Acrobat, not in Reader. But if all your customers have Acrobat and know how to use certificate encryption, and have access to the required certificates, then the answer to your question is "Yes".
You can Google "certificate encryption in Acrobat" you will get links ti tutorials that show how to use this feature.
The customers won't have acrobat. Looks like I'll have to continue to investigate alternative solutions.