Despite many well-publicized gaffes in legal, political and business arenas, many folks do not properly electronically redact sensitive information before letting a document loose into the wild. Supposedly blacked-out or whited-out text can remain in a document. A mere overlay can be readily removed, uncovering the text one intended to hide. And secret content can still be text-searchable and thus also copy-able/paste-able.
This overview is meant to help you become — in the terminology of the old children’s show Romper Room — a “do-bee” and not a “don’t-bee”. If your interest gets piqued in redaction or in related “metadata” issues in our era of National Security Administration (NSA)/PRISM and Petraeus/Broadwell, sign up for an upcoming Lorman webinar (October 24, 2013) by the “Guru of Metadata” (yours truly). That presentation — chock full of live streaming demos — will be my 41st external metadata presentation over the past seven years.
Reasons to Redact
The portion(s) of a document’s contents containing highly confidential and/or sensitive information of any sort is not meant to be exposed. Such concerns can arise in the political and diplomatic spheres. They can also be present in the corporate world where no loyal executive or staff member wants to disclose his or her company’s proprietary secrets.
In a lawsuit, depending on the context, there can be one to many substantive and/or procedural legal rules that forbid disclosure (yes; this is a “law” sentence; so I felt compelled to sprinkle in an “and/or) . Examples of categories that can be subject to a protective order include:
an individual’s personally identifiable information, e.g., details of a financial, health, medical or insurance nature;
a child’s or victim’s identity
trade secret information that could lose its value or protected nature if not properly handled;
attorney work-product; and
information covered by various privileges, such as:
the one often invoked in the Nixonian and Clintonian eras — “executive privilege.”
Since its enactment on December 1, 2007, Federal Rule of Civil Procedure 5.2 has, with certain enumerated exceptions, required the redaction of any “filing that contains an individual’s social-security number, taxpayer-identification number, or birth date, the name of an individual known to be a minor, or a financial-account number.”
In the lawsuit context, on many an occasion a litigant’s counsel’s mishandled electronic redaction has exposed information on an adversary, co-defendant or other type of party. Examples include: the Federal Trade Commission that exposed information on Whole Foods; a federal court that exposed some of Facebook’s confidential numbers; the federal prosecutors in the BALCO/Bonds case; ATT’s counsel’s exposure of the NSA’s “secret room” information in a brief filed in a telecom case that ultimately included the NSA as a defendant; Plaintiffs’ counsel in an employment case against GE; and Zynga’s counsel in a lawsuit with Electronic Arts (EA). After a redaction snafu, it can be difficult to settle a case or have a cohesive relationship with the other side — or regain credibility with a judge.
Outside of the lawsuit realm, perhaps the most famous redaction gaffe of all occurred in December 2009, when the Transportation Security Administration (TSA) apparently used outdated software tools that did nothing to actually keep from exposure various Department of Homeland Security (DHS) parameters as to airport security screenings.
Panning out to the other threat of non-scrubbed metadata (such as improperly handled Tracked Changes), many powerful entities and individuals have been laid low. Among others, the metadata cobra has struck the UN Secretary General, the British Prime Minister’s Office (in the “Downing Street Memo”), the Republican Social Security Administration, the Democratic National Committee, the California Attorney General’s Office, the Motion Picture Association of America (MPAA) and SCO Group.
If you are as [sadistic] [curious] [educational] as I, then you will find links to all these tales in this Metadata slide deck (5/2/13) by me and well known eDiscovery attorney and blogger Perry Segal.” Drum roll, please . . . .
Redaction Do’s and Don’ts
In eDiscovery, make sure: you or your trusted tech person knows how to use the appropriate software and that, before you send data to the other side, some Quality Control (QC) has occurred, including as to the stipulated specs as to format(s) of exchange. As to day-to-day ad hoc redactions, consider these guidelines:
Microsoft Word’s borders/shading
Microsoft Word’s highlighter
- Adobe Acrobat’s Rectangle tool
- Adobe Acrobat’s Text Box tool
* UNLESS YOU’RE GOING TO GO “LOW-TECH” BY PRINTING TO PAPER, SCANNING AND OCR’ING]:
Conclusion; To Learn More . . .
As noted throughout this post, you can: sign up for the upcoming Lorman webinar (10/24/13) — full of live s demos and my 41st external Metadata presentation; and check out this Metadata slide deck (5/2/13). That deck also links to a Metadata Bibliography. Let’s “bee” careful out there . . . .
PS (3/3/14) — Check out this great how-to-redact click-capture-video
See this June 2012 Tutorial I found the other day.
It was skillfully done by Joshua Poje (@poje), who is the Director of the ABA’s Legal Technology Resource Center.
Although this tutorial is geared toward Adobe Acrobat Professional X, it also reflects how to redact in Acrobat Pro XI.