Law.com Blog Network

About The Bloggers

Blogroll

How to Make Sure That 'Redacted' Document You Uploaded to PACER Is Really Redacted

On the Freedom to Tinker blog, Timothy Lee writes that he has been conducting detailed research on documents uploaded to PACER where the "parties tried to redact sensitive information but the redactions failed for technical reasons."

Lee explains that the problem is rooted in the fact that the "PDF" format of saving a document uses "vector graphics" that represent an image as a series of drawing commands such as lines, rectangles and lines of text. While vector graphics have various advantages, Lee says they have at least one significant disadvantage: they may contain more information than is visible to the naked eye because they can have multiple "layers." As such, while a PDF document may appear to have a black rectangle blocking out text, the text still exists under the box and can often be read by performing a simple cut and paste.

Using a collection of 1.8 million PACER documents, Lee identified approximately 2000 documents with redaction rectangles. Of these redacted documents, Lee found 194 documents with "failed redactions," mainly from commerical litigation in which the parties attempted to redact text concerning trade secrets, medical information, addresses, dates of birth, witness names, jurors, and more. Based on this study, Lee concludes that in PACER's overall library of about 500 million documents,"it's safe to say there are thousands, and probably tens of thousands, of documents in PACER whose authors made unsuccessful attempts to conceal information."

Lee adds that to avoid this problem, litigants should, where possible, follow the model set forth by the National Security Agency for secure redaction:

The approach they recommend—completely deleting sensitive information in the original word processing document, replacing it with innocuous filler (such as strings of XXes) as needed, and then converting it to a PDF document, is the safest approach. The NSA primer also explains how to check for other potentially sensitive information that might be hidden in a document's metadata.

In addition, Lee recommends that litigants should check the final redacted document that is to be submitted to PACER by cutting and pasting that document into another document. If the redaction succeeded, no text should be transferred, he says.

Posted by Bruce Carton on June 3, 2011 at 04:20 PM | Permalink | Comments (1)

Comments

 
 
 
About ALM  |  About Law.com  |  Customer Support  |  Privacy Policy  |  Terms & Conditions