New to Typophile? Accounts are free, and easy to set up.
While we are waiting for WOFF support broadly, there are some protective measures available for webfonts to prevent them from being installed locally.
There is a technique of obfuscating the
name table, rendering it unusable as a system font, but fully functional as a webfont. Ethan Dunham of Font Squirrel and Fontspring has led much of the research below, based on some prior work from Peter Bilak of Typotheque and Philip Taylor with his Font Optimizer 
Specifically, these are the modifications for a TrueType font:
Create two Mac entries: platformID 1, platEncID 0, LangID 0x0
When the Font Family name is an empty string, it is uninstallable in Windows. Meanwhile, the OpenType spec indicates that two-byte unicode characters (like the smiley) won't work in a font name on Mac at all.  As a result, it's rejected by OS X and not possible to install. Linux isn't able to cope with these modifications either. 
These changes are done not only to the TrueType "naked" font, but can also be applied to the underlying TTF embedded in the EOT and WOFF files as well. It's also worth noting that Chrome's font sanitizing library OTS completely avoids the
name table. 
I believe all non-free fonts should employ these changes as they are distributed for web use, essentially providing them with a similar "garden fence"-level of protection  as WOFF. Fontspring is already employing this technique, and you can test it out with the WebOnly option at the Font Squirrel generator .
If you guys think this is worthwhile, I'd love to help draft this up into something more official so it's a documented standard that all foundries can use when preparing their work for sale as a webfont.
Edit: Clarified the Windows installability reason. Worth noting: when the full name doesn't match Font Family + subfamily, it is uninstallable in Windows, however they match with this above technique, which is why the EOTs with this modification still work. (thx Ethan)