NSA offers guidance to feds on redactions

The National Security Agency has issued a report suggesting ways to improve federal officials' use of redaction in documents being released to the public.

The report, titled 'Redacting with Confidence: How to Safely Publish Sanitized Reports Converted From Word to PDF,' was released by the architectures and applications division of the Systems and Network Attack Center at NSA.

The authors identify three common mistakes officials can make in trying to sanitize documents:
  • Setting the background to black behind text 'is a common and effective means of redaction for hard-copy printed materials,' the report stated, but is not effective for documents in electronic form.

  • Similarly, placing a black rectangle over images or making them unreadable by reducing their size also does not work for electronic documents.

  • Finally, officials frequently overlook hidden information such as metadata.

The report contains step-by-step instructions to address redactions and metadata. The primary method NSA recommends to keep sensitive or classified information hidden in a document is to make a copy of the original document and subsequently delete the information from the copy, keeping the original as a backup.

The subject of electronic redaction has been an issue for the government following several high-profile cases where information thought to be invisible could be found with just a few key strokes.

The incidents involved more than one kind of flaw in the application of technology to documents. For instance, in May 2005, the Pentagon posted a report on its Web site regarding the circumstances of U.S. soldiers in Iraq accidentally shooting an Italian secret service agent. The PDF file blacked out some information regarding the incident, but a simple cut-and-paste of the text revealed the hidden words.

In October, a U.N. report on the assassination of the prime minister of Lebanon was released on the Web. Readers were able to find information that had been removed before the report's release because the 'track changes' function in the word processing program had been left on.

In December, a White House document on 'Strategy for Victory in Iraq' contained metadata that showed the author was a Duke University political science professor.


  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/Shutterstock.com)

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected