Redacting,
but the
right way.
Redacting,
but the
right way.
of
Is it sufficient to place a black bar over sensitive text passages in a PDF? What typical errors mean that information that appears to be blacked out can still be read? What should be considered when using AI tools for automatic redaction?
What is it about?
Anyone who publishes or passes on documents often has to make sensitive information unrecognizable. This applies to authorities that respond to requests under freedom of information law, as well as to companies that disclose data under data protection law or share contracts as part of due diligence processes. The Bavarian State Commissioner for Data Protection has published practical recommendations on how to implement redactions in a technically and organizationally correct manner in its Current Brief Information No. 66 (as of 01.03.2026) . The recommendations are primarily aimed at Bavarian public bodies, but their substance is relevant for any company that regularly shares or publishes documents.
The problem: When redacting is just window dressing
In practice, it often happens that supposedly redacted documents do not actually contain any real redaction. The most common error in PDF files is so-called cosmetic redaction. This involves placing a black bar over the text as a graphic element without technically removing the original text. The result looks redacted, but the text is still present in the document and can be easily read using copy-paste, full text search or another PDF viewer. OCR layers (text recognition layers), comment fields, metadata and embedded files are also often left out and can reveal personal or confidential information.
Other risks lurk with paper documents. Redacted content can show through on thin paper, pens or trademarks that are too weak leave legible traces, and even technical aids such as contrast enhancement or backlighting can make insufficient blackening visible.
The recommendations
The Bavarian State Commissioner for Data Protection has clear recommendations for digital documents. The principle is “remove instead of obscure”: redacted content must be completely removed from the document by technical means. Only programs with an explicit redaction function should be used. Freely accessible online tools where it is unclear where the uploaded documents are processed and stored should be avoided.
In addition, metadata (author, title, keywords) should be checked and cleaned up if they allow conclusions to be drawn about persons or sensitive content. File names should not contain any confidential information. After each redaction, a final check is essential before the document is passed on or published.
For analog documents, the authority recommends completely pasting over or cutting out the relevant parts, followed by making a copy of this version. Only the copy – not the original – is passed on. The original is stored separately in accordance with the applicable retention obligations.
AI-assisted redaction: help or risk?
The State Commissioner also devotes a separate chapter to the use of AI tools. AI systems can assist with redaction by automatically recognizing sensitive text passages and making redaction suggestions. This sounds attractive, especially for large volumes of documents. However, the Commissioner warns against a common misunderstanding: AI-supported redaction only offers real added value if the systems can be proven to work more reliably than careful manual processing. Semi-automated solutions, where a human merely clicks through AI suggestions, can even increase the risk if a false sense of security is created and the actual content check is neglected. Even an error rate of just one percent can lead to many inadequately redacted versions of large volumes of documents.
Practical relevance: What should companies do?
Companies that regularly share documents should review their internal processes. First of all, the introduction of clear internal procedural instructions is recommended. This defines who is responsible for selecting the content to be redacted, who carries out the technical implementation and who performs the final check. Checklists and standard procedures help to avoid typical errors. Employees should be specifically trained in secure redaction. The use of suitable software with a genuine editing function is essential.
Anyone who disregards these principles risks not only a data breach within the meaning of the GDPR with all the associated reporting and liability consequences, but also reputational damage and, in the worst case, fines.
Conclusion
The recommendations of the Bavarian State Commissioner for Data Protection can also be used by private-sector companies outside Bavaria and go beyond the area of data protection. Similar .
A black bar over text does not constitute redaction, but is at best a visual misunderstanding. If you really want to protect data, you have to remove it technically and not just cover it up. This applies to both digital and analog data.
AI can help, but it is no substitute for human responsibility and care.
We are happy to
advise you about
Data protection!
