high-value content targeting legal, government, and compliance audiences.
The Challenge
"Redaction washing" — applying visual overlays to PDFs without removing the underlying text — has caused multiple high-profile data breaches. The DOJ Epstein files (December 2025): court documents filed with black rectangles over text; the underlying text was extractable via copy-paste. The Paul Manafort case (January 2019): defense attorneys filed redacted documents where highlighted text was copy-pasteable, revealing sensitive information. The NSA surveillance leaks (various): multiple instances of "redacted" documents with extractable text. Cosmetic redaction tools that don't remove underlying PDF text layers create a false sense of security with active liability.
By the Numbers
- The DOJ Epstein files (December 2025): court documents filed with black rectangles over text
- the underlying text was extractable via copy-paste.
- The Paul Manafort case (January 2019): defense attorneys filed redacted documents where highlighted text was copy-pasteable, revealing sensitive information.
Real-World Scenario
A government agency's legal department was filing court documents with "redacted" PII that opposing counsel could extract via copy-paste — the same technique that exposed the DOJ Epstein documents. After discovering this vulnerability, they switched to anonym.legal for all court filing preparation. Verification protocol: every redacted document is text-extracted before filing to confirm no underlying PII remains. Zero copy-paste PII exposures since adoption.
Technical Approach
PDF redaction removes detected PII from the document's text layer, not just applies a visual overlay. The redacted output PDF contains no underlying text for the anonymized entities — only the visual redaction marks. This provides genuine, court-admissible redaction rather than cosmetic redaction. The difference is verifiable: a text extraction tool applied to an anonym.legal-redacted PDF will return empty strings for redacted regions.
Comments (0)