At times I am amazed at the technical incompetency of some people. Recently the AP was able to discover the confidential details of the settlement between Facebook and ConnectU because whoever “redacted” the confidential information did not actually redact the information. Instead of properly redacting information from the document, the person simply put white boxes over the “redacted” information. Because of this, “The Associated Press was able to read the blacked-out portions by copying from an electronic version of the document and pasting the results into another document.”
Additionally, there are multiple other ways in which the information can be read in Adobe Acrobat. In fact, if you choose Document > Examine Document, in Adobe Acrobat, Acrobat will create a report that lists all of the “redacted” information.
To view the document yourself, click here.
The reality is that it is not too much to ask for basic technical competence from people who are publishing allegedly redacted documents. It’s one thing to not have a full understanding of all of your computer’s programs. However, if someone is going to release allegedly redacted documents on the internet, it is not unreasonable to have that person actually ensure that the documents are redacted properly. The thing that makes this worse is that the document could have been redacted in Acrobat easily and, if done with the redaction tool, none of the confidential information would remain in the document.
In a great coincidence I attended an Adobe webinar on redaction just days after the AP story broke. If you would like to learn more about redaction, you can check out information from that webinar here.
Hat tip to PDF for Lawyers for first linking to this story.
Good summary, Bryan. We blogged this as well:
http://blogs.adobe.com/acrobat/2009/02/properly_removing_sensitive_in.html
Dave Stromfeld
Acrobat Product Manager
Adobe Systems
http://twitter.com/acro_dave/status/1227990042