Lawyers especially will want to take note of this very useful document identified by Cory Doctorow. It seems the NSA’s Architectures and Applications Division of the Systems and Network Attack Center (SNAC) Information Assurance Directorate, no less, has released a long report on Redacting with Confidence: How to Safely Publish Sanitized Reports Converted From Word to PDF.
It’s released as a pdf!
Thanks for sharing the info. I’ll read with pleasure. Really, you need to protect your personal txt info sometimes.
But is it properly sanitized? 🙂
Really, such a guide makes sense – enough people have tripped up that redaction procedure errors are something of a standard check nowadays by *readers*, when a redacted government document is released.
I read with interest your posting of the NSA procedures for sanitizing documents. What interested me was the time consuming, multistep procedure, clearly prone to errors. What also interested me was the failure to mention a far better solution: simply scan an electronic picture of the document, redacted as you like in the old fashioned manner. If you scan at 300 dpi into Acrobat, you should be able to do a word search of the remaining text (assuming you paper capture the document, if memory serves me). This procedure eliminates any chance of providing information unintentionally. While it does create larger files, one can always burn the documents scanned to CD or DVD for delivery to a third party if space is a concern. This, by the way, was the method I often used when preparing closing sets for corporate transactions. A “picture” of the actual document signed was more certain (it picked up hand written changes and initials, for example) than the electronically converted version (which might be older, newer, etc.). I am very surprised that this scanning idea did not find its way into the NSA memorandum.
The process you mention was the suggested route in a memo issued to the DoD by the OSD last summer. It would be the preferred solution for older documents, but I think most people don’t want to print out and then scan back in their personal documents for release.