When Redaction Goes Wrong: PDF Follies Lead to Unintended Disclosures

In a motion filed on June 21, 2006, the U.S. Attorney's Office accidentally released information that it had sought to keep confidential through redaction. The mistakes that the U.S. Attorneys made - and the ways to avoid them - are important lessons for anyone who ever works with files in the popular Portable Document Format (PDFs.)

What Went Wrong?

The public version of the motion - part of the U.S. government's attempt to force two San Francisco Chronicle reporters into revealing their source for grand jury transcripts in the BALCO steroids investigation - contained several areas which seemed unreadable at first. In a style familiar to all attorneys and government workers, the passages were covered with thick black bars to prevent readers from viewing the information below. What the U.S. Attorneys did not realize, apparently, was that the text was still available to anyone who wanted to read it. Readers could use the text selection tool in any PDF viewer to copy the text beneath the bars. The readers could then paste the text into any word processor and read what the government had wanted to keep secret.

This sort of thing has happened many times before. Just a few weeks ago, AT&T unintentionally released sensitive information in a filing for the lawsuit over the company's alleged complicity with the National Security Agency's (NSA) warrantless wiretapping program. Again, the problem was that a superficially redacted PDF still contained text underneath the black redactions that readers could gain access to by selecting the text and copying it to a word processor.

For an attorney, the ethical and strategic difficulties that this kind of mistake engenders are obvious. An inadvertent release of this kind could violate an attorney's ethical duty to keep a client's information confidential, or pollute the pool of potential jurors by exposing them to embarrassing or unsympathetic information about a client. Thus, it is crucial to realize that this kind of mishap can occur and to take every precaution to ensure that it doesn't happen in your practice.

How to Properly Redact PDF Files

Ironically enough, the NSA itself has released a document describing how to properly redact PDF files when creating them from Microsoft Word. Not surprisingly, the document states that the only sure way to remove data from a document completely is to actually delete it before conversion to a PDF file. The paper outlines several ways to achieve this, including replacing blocks of text with Xs or other nonsense characters.

Another way of securing PDF files is to create them as image files - files that will have no accessible text. Many PDF editors also allow for security settings that will prohibit readers from copying text from a document. In these instances, the black bars over the text will work as they're supposed to. A lot of valuable functionality is lost using these methods, however, and it may be preferable to keep the text in the PDF file and simply follow the NSA's recommendation and delete whatever text you want to keep away from the public eye.

In the end, each attorney or law firm will have to determine what balance of security and functionality they wish to maintain when using PDF files. It is vitally important, however, that they realize the potential for unintended releases of information, put policies in place to prevent such releases, and then train employees on the methods available to fully secure PDF documents.