Redaction Toolkit: Editing exempt information from paper and

Redaction Toolkit:

Editing exempt information from paper and

electronic documents prior to release

This information is licensed under the Open Government Licence v3.0. To view this

licence, visit https://www.nationalarchives.gov.uk/doc/open-government-licence/

Any enquiries regarding this publication should be sent to:

GovernmentHelpPoint@nationalarchives.gov.uk

Where we have identified any third-party copyright information, you will need to obtain

permission from the copyright holders concerned.

This publication is available for download at nationalarchives.gov.uk.

Redaction toolkit for paper and electronic documents

Last updated April 2016 Page 2 of 15

1. Purpose of this toolkit

1.1 This toolkit has been produced to provide guidance on editing exempt material from

information held by public bodies. Its purpose is to promote good records management

practice across the public sector and to assist in the implementation of the Freedom of

Information Act. Under the Act, authorities are required to supply information to anyone that

requests it unless an exemption applies, and even then, there is a further requirement, in

most cases, to consider whether the public interest lies in providing the information or

maintaining the exemption.

The guidance also covers the release of records for reasons other than Freedom of

Information, for example under Parliamentary business. In some of these cases redaction

may be necessary.

1.2 The Procedures for Closure on Transfer advises departments to consider the redaction of

public records on transfer if this means parts of records can be released.

While this applies only to public records being transferred to The National Archives, it

nonetheless serves as a general reminder of one of the basic features of the Act, namely

the right of access is to information not records or documents.

1.3 The guidance covers a number of redaction methods for presenting information in hard copy

(see Appendix 1). It examines several processes, but does not recommend any overall, as

it is for each authority to decide which best applies to its organisational demands and the

resources it has available.

1.4 It also provides general advice and guidance on technical issues related to the preservation

and management of electronic records. It provides detailed guidance on methods for

securely redacting electronic records of all types (see Appendix 2).

2. Who is this guidance for?

2.1 This toolkit is aimed at all authorities subject to the Freedom of Information Act (FOIA), Data

Protection (DP) legislation and Environmental Information Regulations (EIRs), from central

Government departments to local, police, health and education authorities.

2.2 If you are unsure whether your organisation is affected by FOI, there is a list in Schedule I

to the Act.

3. What is redaction?

3.1 Redaction is the separation of disclosable from non-disclosable information by blocking out

individual words, sentences or paragraphs or the removal of whole pages or sections prior

to the release of the document. In the paper environment some organisations will know

redaction as extracts when whole pages are removed, or deletions where only a section of

text is affected.

Redaction toolkit for paper and electronic documents

Last updated April 2016 Page 3 of 15

4. Principles of redaction

4.1 Always carry out redaction on a copy of the original record, whether paper or electronic,

never on the record itself. This ensures that while the redacted information is permanently

removed from the copy of the record (which can then be made accessible) the original text

remains in the original record. Redaction should never result in the complete removal of text

or information from a record.

4.2 Redaction is carried out in order to edit exempt details from a document. Use it when one

or two individual words, a sentence or paragraph, a name, address or signature needs to

be removed.

4.3 If so much information has to be withheld that a document becomes nonsensical, the entire

document should be withheld. In the case of paper documents the same principle should

apply to individual pages.

4.4 When undertaking redaction, reviewers should consider whether any other factors are

important for the understanding of the material. For example, if colour makes meaning clear

in a paper document, a redacted colour copy should be released.

4.5 Redaction should be performed or overseen by staff that are knowledgeable about the

records and can determine what material is exempt. If those identifying such material do

not carry out the redaction themselves, their instructions must be specific - so for example:

‘Memo dated …, paragraph no…, line starting… and ending…’ and so on.

4.6 Under FOI, applicants may request information presented in electronic form. For paper

documents, this will usually mean scanning the redacted version of the material. If, however,

the level of resources required to do the scanning would make this unduly onerous, the

FOIA allows the organisation to set aside the applicant’s stated preference on the grounds

of practicability (S 11).

The Act also permits that a summary of the document can be prepared. If a large percentage

of the document needs to be redacted, this option may be worth considering as a more

viable alternative to redaction.

4.7 Organisations should bear in mind that exemption decisions will be subject to appeal. For

more information, see the Code of Practice under Section 45 of the FOI Act

Redaction toolkit for paper and electronic documents

Last updated April 2016 Page 4 of 15

5. Identifying material for redaction

5.1 All organisations should have staff able to identify information that may be exempt under

the Freedom of Information Act and the Environmental Information Regulations. Ideally they

should have a good knowledge of the records being reviewed for release.

5.2 All staff should be aware of the categories of information that should not be released under

Data Protection legislation.

Guidance on exemptions is available from the Office of the Information Commissioner.

5.3 To comply fully with requests for information, redact exempt material only. A whole sentence

or paragraph should not be removed if only one or two words are nondisclosable, unless

release would place the missing words in context and make their content or meaning clear.

In the case of electronic records close examination of the internal bit stream of the file can

reveal the length of the redacted content. Take great care to ensure that the nondisclosable

material cannot be deduced. This may mean disguising the size and shape of the redacted

content. This is especially the case where the non-disclosable information appears in

several locations within the file, and where there is an increased chance of deciphering such

redacted content using a combination of location pattern, bit length and the associated

unredacted text.

5.4 Reviewers should consider that earlier statements in a document might suggest the content

of removed material. For example, if a paragraph refers to reports from overt sources, and

the following paragraph refers to reports from covert sources, as well as removing the words

‘covert sources’, ‘overt sources’ would also need to be removed or the meaning of the

missing words from the second paragraph could be inferred.

5.5 Reviewers should also check records for other copies of the same documents so that they

carry out redaction consistently. They should check indexes to ensure that they do not

contain details of the redacted material.

6. Keeping records of redaction work

6.1 Once reviewers have identified redactions, agreed with any other interested parties,

decisions need to be recorded. For some organisations, simply keeping a copy of the

released copy of a document may be enough, with a note explaining the reasons for

redaction.

6.2 If multiple requests are made for the same information, this will also show what decisions

have been made in prior requests. If more detailed records of decisions are required, this

can be done on a standard form recording as much of the following information as is

relevant:

An identifying reference, registered file number, case file number or electronic document

reference. This identifier can be anything that suits the organisation concerned, but must

Redaction toolkit for paper and electronic documents

Last updated April 2016 Page 5 of 15

enable easy identification and retrieval of the document. The format chosen should be used

consistently

Precise details of the material removed. This need not describe the content, but should

show which section of the document has been withheld - for example, ‘paragraph 2 of page

4’. However, if only one or two words are being withheld, these details must be exact to

enable precise identification. This might be achieved by keeping a copy of the original

document, with the details to be redacted highlighted, as well as the redacted version

The reason for non-disclosure of the information. If one or more FOI exemptions apply,

these should all be noted, along with the particular reasons that apply in each case

Any comments made by reviewers and other organisations or individuals consulted

There are sample forms for recording decisions at Appendix 3 of this toolkit.

Once this has been done, the document can be redacted.

7. Redaction for transfer to The National Archives

7.1 Public record bodies transferring records to The National Archives or a place of deposit

(another archives office authorised to hold public records), whilst using the same redaction

processes as for any organisation, must nevertheless bear other factors in mind.

7.2 Record decisions in detail - the transferring department needs to be able to track and

retrieve any material withheld from The National Archives under Section 3(4) of the Public

Records Act 1958. The fact that material has been extracted will be shown on The

National Archives online catalogue in the form of items giving the identifying reference (but

not details of the material itself) and in most cases the justification for redaction. This may

increase the likelihood of an FOI request being made against it. It is therefore all the more

essential that such material can be identified and retrieved.

7.3 Once reviewers have identified material for redaction, a record of decisions should be kept

showing:

an identifying reference such as a National Archives reference, registered file number, case

file number or electronic document reference precise details of the material removed (this

need not describe the content, but should clarify which section of the document has been

withheld – for example ‘paragraph 2 of page 4’. However, if only one or two words are being

withheld, these details must be exact to enable precise identification)

 The reason for non-disclosure of the information. If one or more FOI exemptions apply,

they should all be noted, along with the particular reasons they apply in this case

 The reason for withholding the information from The National Archives, if applicable

(retention under S 3(4) of the Public Records Act); in other words, the criterion and the

reason it applies

Redaction toolkit for paper and electronic documents

Last updated April 2016 Page 6 of 15

 Any comments made by reviewers and other organisations or individuals consulted,

bearing in mind that records may be the subject of further requests

7.4 If the reviewer passes the record on for redaction, this form can also serve as a method of

conveying redaction instructions. Retain the record of decisions until the full record is

transferred to The National Archives or released.

Paper records

7.5 Once redaction is complete, mark the redacted copy placed on the file showing under what

authority the redaction has been effected – for example ‘Retained under S 3(4) of the Public

Records Act’ or ‘Closed under FOI Exemption S 42’.

Departments redacting a significant volume of material may find it beneficial to procure

stamps for this purpose. Alternatively, providing they cannot easily be removed, attach good

quality labels, showing the same information.

7.6 Redacted sheets within a larger document can be more readily identified if photocopied onto

brightly coloured paper (green or blue for instance). Although not mandatory, it will make it

clear to departmental staff using the record for administrative purposes in future that further

redacted information had been withheld at the time of transfer and will be available

elsewhere. It also makes it easier to locate the relevant page at The National Archives when

the full version is released and replaced in the original file.

7.7 The closed extract should be tagged into an acid-free folder with its The National Archives

item reference clearly marked on the front – DEFE 19/143/1 and so on. Store in a secure

cabinet or room.

Electronic records

7.8 The Information Management and Practice department coordinate the transfer of electronic

records to The National Archives, assisted by the Digital Preservation department. For up

to date information and guidance on digital record transfers, see: Digital records transfer -

The National Archives

8. Transfer of closed extracts to The National Archives or places of deposit

(unredacted originals)

8.1 Redactions closed under FOI exemptions should be transferred to The National Archives

once the Advisory Council on National Records and Archives has agreed the exemptions.

In the case of paper records, this should be done ideally at the same time as the transfer of

the parent piece; the extract file should be boxed separately. If this is not possible due to

pending consideration by the Advisory Council, the extract may remain with the department

until the Advisory Council has completed this task.

Redaction toolkit for paper and electronic documents

9. Storage of retained extracts

9.1 Place retained paper extracts in an acid-free folder marked with their catalogue

item reference as required for transfer to The National Archives. It might be

useful to attach a copy of the redacted access version for future reference. This

will particularly aid FOI requests, as it will allow reviewers to see at a glance the

redacted material being applied for.

9.2 Keep these extract folders in an organised system to enable easy recovery in

the event of an FOI request. For example, file records from each National

Archives class together, ordering by year and either The National Archives or

departmental reference within that, or noting a shelf location on an extract

tracking system.

9.3 Keep retained electronic (unredacted) documents in a secure area of the

electronic file plan or local area network. They should be accessible only to

designated staff (for example the Freedom of Information Officer and

Departmental Record Officer).

10. Tracking of retained redactions

10.1 Public record bodies need to know what information they hold, including what

has been retained under S 3(4) of the Public Records Act, and they need to be

able to retrieve it easily to ensure compliance with FOI and EIRs.

10.2 Ideally departments and agencies should have some method of recording their

retained paper and electronic extracts, showing some or all of the following

information:

The National Archives reference of the parent piece from which the extract has

been removed, FO 371/148909 and so on. The extract itself should be given

an item number that corresponds to The National Archives’ catalogue entry for

the extract (such as FO 371/148909/1)

o the former departmental file reference

o the reason for retention

o the date for re-review

Create a brief description of the extract’s subject matter for use in keyword

searches. This will be an effective aid in answering requests for information

efficiently. Records managers should be aware that records of redaction

decisions are likely to be the subject of FOI requests themselves, and as such,

should word these descriptions carefully. However, the essential aspect of this

is that the details must allow the information to be located and retrieved. If a

request for these records is made, exemptions can be applied to them if

necessary.

Redaction toolkit for paper and electronic documents  
8 
 
Databases and spreadsheets are an obvious method for storing, tracking and 
interrogating such information. They also provide easy methods for monitoring 
re-review dates.   
However, remember that when selecting a particular format or software for this 
purpose, they should pay particular consideration to the potentially long time 
span such information may be required.   
Simpler methods of recording, and simpler formats (csv, for instance), are likely 
to have a longer life span than more complex software solutions, and therefore 
may be a more cost effective means of managing this information over time.  
Whichever format or software is chosen to manage this information, it must 
have a facility to show all re-review dates as they become current. This type of 
tracking system can also serve as a reminder for departmental re-review of 
closed material held by The National Archives. When setting re-review dates, 
departments should bear in mind that some exemptions are time limited.   
11. Further information 
   
11.1   More information is available from the Information Management and Practice 
department at The National Archives. The links in this guidance also provide 
further suggestions.   
You may find the following helpful:   
Preparation  of  records  for  transfer  to  The  National  Archives  and  approved 
places of deposit  Preparing records for transfer to The National Archives  
Cataloguing  guidelines  Cataloguing  paper  records:  guidance  for  government 
departments  (nationalarchives.gov.uk)  
Retention  scheduling  -  Complaints  records    Records  Management  retention 
scheduling 7. Complaints records   (nationalarchives.gov.uk)  
Code of Practice on the management of records issued under section 46 of the 
Freedom of Information Act 2000   
Code of Practice on the management of records issued under section 46 of the 
Freedom of Information Act 2000 (publishing.service.gov.uk)  
 
 
 
 

Redaction toolkit for paper and electronic documents

Appendix 1

Redaction of documents in hard copy

Always carry out redaction on a copy, leaving all the information contained in the

original document intact.

There is a range of redaction methods, and any may be used effectively according to

what best suits the organisation concerned. This may depend on issues such as the

structure and content of the document, the degree of confidentiality, and the cost and

time available.

Whichever method is employed, the end result must ensure that the redacted material

cannot be seen or guessed due to incomplete redaction. This means checking to make

certain that words cannot be made out when the document is held up to light or that

the ends, top or bottom of text are not visible.

Methods of redaction

Cover-up tape

The simplest form of redaction is to use a high quality cover-up tape that can be placed

on the original documents over the areas to be redacted, taking care that no parts of

words are showing. By making a photocopy of the redacted text, an access version is

produced ready for presentation.

The tape is white, and acts in much the same way as if using correction fluid, but can

be reused several times. It is available in 1/6 inch for a 10-12 font typewritten line, 1/3

inch for two typewritten lines and 1 inch for general corrections.

Blacking/whiting out

Another simple solution is to photocopy the original document and use a black marker

pen to block out the sensitive material. The redacted version should then be

photocopied again to produce an access version. The further photocopy is necessary

as information redacted using marker pen can be read when held up to light.

The same process can be employed substituting a good quality correction fluid for

marker pen. Ensure that no redacted text is visible before making the second

photocopy, which again is necessary as correction fluid can be easily removed.

Scalpel

This is perhaps the most precise and secure method of redaction as the exempt

material is physically removed, leaving no risk of text being visible in the released

version. Make a photocopy of the original. Then cut the material to be redacted from

this photocopy using an artist’s scalpel or similar tool, leaving a ‘doily’, which is then

photocopied again to provide the redacted document.

Redaction toolkit for paper and electronic documents

Photocopier with redaction facilities

Photocopiers are available which, in addition to normal copying functions, also have

facilities to automatically remove marked out areas on a document. They provide a

secure method of redaction, as there is no possibility of the removed text being visible

after copying. However, they are limited in their effectiveness as the programmes can,

at present, only remove paragraphs and stand-alone areas of text such as addresses

or signatures. They cannot reliably detect small areas of data such as sentences or

individual words.

A photocopier of this nature would probably be cost-effective only for organisations

carrying out a large volume of redaction, where savings on more conventional

materials would outweigh the cost of investing in such a copier.

Appendix 2

Redaction of electronic records

1. This section discusses the technical aspects of redacting electronic records.

Remember that when dealing with electronic records the general principles of

redaction are the same as those described in section 4 Principles of redaction.

Issues in redacting electronic records

The redaction of born-digital records is an area of records management practice

which raises unique issues and potential risks.

The simplest type of electronic record to redact is a plain text file, in which there

is a one to one correspondence between bytes and displayable characters.

Because of this direct correspondence, redacting these formats is simply a

matter of deleting the displayed information - once the file is saved, the deleted

information cannot be recovered.

However, the majority of electronic records created using office systems, such

as Microsoft Office, are stored in proprietary, binary-encoded formats. Binary

formats do not have this simple and direct correlation, and may contain

significant information which is not displayed to the user, and the presence of

which may therefore not be apparent. They may incorporate change histories,

audit trails, or embedded metadata, by means of which deleted information can

be recovered or simple redaction processes otherwise circumvented.

These formats are also usually the property of the software house which

develops them, and these companies have typically regarded providing public

documentation of these formats as against their commercial interests. As such,

the mechanisms by which information is stored within these formats are often

poorly understood. In addition, cryptographic and semantic analysis techniques

can potentially be used to identify redacted information.

Redaction toolkit for paper and electronic documents

It is therefore essential that any redaction technique is secured to eliminate

the possibility of redacted information being recovered.

Approaches to redaction

1. The redaction of electronic records should always be carried out in accordance

with the following principles:

2. Never redact the original or master version of an electronic record - redaction must

always be carried out on a new copy of the record, either in paper or electronic

format.

3. Redaction must irreversibly remove the required information from the redacted

copy of the record. The information must be completely removed from the bit

stream, not simply from the displayable record.

4. The National Archives is unaware of any other methods or tools for the redaction

of electronic records which have undergone open and transparent testing, beyond

those described in this document. As a result, The National Archives can only

recommend the methods of redaction as described below.

5. Carry out electronic redaction in a controlled and secure environment that provides

access only to those trained and authorised to carry out redaction.

6. Delete all intermediary stages of the redaction process. Only the original record

and the appropriately redacted copy should be retained.

A number of different approaches to electronic redaction are possible:

7. Traditional redaction

7.1 For electronic records, which can be printed as a hardcopy, traditional redaction

techniques, as described in Appendix 1, can be applied. Either the record may

be printed and redaction carried out on the printed copy, or the information may

be redacted from an electronic copy, which is then printed. If the redacted copy

is required in electronic format, this can be created by scanning the redacted

paper copy into an appropriate format, such as Adobe Portable Document

Format.

This approach is currently recommended by The National Archives, if it meets

the business requirements of the organisation.

Conversion

7.2 An electronic record may be redacted through a combination of information

deletion and conversion to a different format. Certain formats, such as plain

ASCII text files, contain displayable information only. Conversion to this format

will therefore eliminate any information that may be hidden in non-displayable

portions of a bit stream.

Roundtrip redaction

7.3 The redacted record may be required to be made available in its original format,

for example, to preserve complex formatting. In such cases, an extension of the

conversion approach may be applicable. Roundtripping entails the conversion

Redaction toolkit for paper and electronic documents

of the record to another format, followed by conversion back to the original

format, such that the conversion process removes all evidence of the redacted

information. Information deletion may be carried out either prior to conversion,

or in the intermediary format.

This approach requires a thorough understanding of the formats and

conversion processes involved, and the mechanisms by which information is

transferred during conversion.

This is approach is currently recommended by The National Archives.

8. Current best practice

8.1 This section describes the redaction methods, which have been tested by The

National

Archives and are currently recommended for use with specific types of

electronic record.

9. Electronically redacting documents

9.1 When redacting electronically, take great care over the choice of target format.

It is crucial that no evidence of redacted information is retained in a redacted

copy. Some binary formats may allow changes to be rolled back; consequently

these formats should not be used for creating redacted copies.

The National Archives recommends using PDF as a format for redacted copies,

but PDF files should be roundtripped via a simple image format to ensure

removal of all evidence of previously redacted information. The recommended

image format, Windows Bitmap (BMP), has been chosen because it contains

no provision for storing metadata. There is therefore no means by which hidden

information could be inserted into the image file. This format has been preferred

over other image formats such as TIFF for this reason, since the TIFF format

contains metadata not visible on screen.

NOTE: The National Archives does not recommend BMP as a long-term

preservation format.

Redacting PDF documents

9.2 Redact documents already in PDF format using the following steps:

Make an electronic copy and open it in Adobe Acrobat (the full version, not

Adobe Acrobat Reader). For PDF documents where the text is stored as text,

use the Text Touch-UP tool in Adobe Acrobat to replace the redacted text with

a redaction marker (such as [redacted]). However, for PDF documents where

the text is stored as an image, the Text Touch-Up tool can’t be used. In these

cases, and for graphics and images, use The Square

Tool to redact this PDF by drawing black rectangles over text and images

Redaction toolkit for paper and electronic documents

Roundtrip the resulting PDF file via the BMP image format as described below.

If the redacted document is no more than a single page, users may prefer to

leave the document as a bitmap image

Roundtripping

9.3 Take the following steps:

Convert the PDF file into a set of bitmap images (BMP files), one for each page

of the document. Widely available graphics software (Adobe

Photoshop Elements, or similar) can be used to perform this step:

Convert each of these image files back into a PDF file. Widely available

graphics software (for example Adobe Photoshop Elements) can be used to

perform this step

Recombine the individual page PDF files to form a PDF containing all of the

pages of the original document. Specialised software may be required to

concatenate the individual PDF files – for example, Ghostscript, a

PDFmanipulation tool that is free to download

Redacting word-processed documents

9.4 This guidance applies to word-processed documents, including documents

created using all versions of Microsoft Word, WordPerfect and OpenOffice

Writer.

Electronically redact Office documents using the following steps:

Make an electronic copy and delete all restricted information, replacing it with

the text string [redacted], so that redaction is apparent but the space cannot be

used to identify the missing information

The redacted document is then ‘printed to PDF’ using PDF creation software

such as Adobe Acrobat

Roundtrip the resulting PDF file via the BMP image format as described above.

If the redacted document is no more than a single page, users may prefer to

leave the document as a bitmap image

Redacting spreadsheets

9.5 This guidance applies to electronic spreadsheets, including documents created

using all versions of Microsoft Excel, Lotus 1-2-3, and OpenOffice Calc.

Make an electronic copy and delete all restricted information, replacing it with

the text string [redacted], so that redaction is apparent but the space cannot be

used to identify the missing information. The most appropriate method of

making an electronic copy of a spreadsheet file is to export the data to csv

format. The redacted csv version can then be reimported into a new

spreadsheet file, which satisfies the roundtripping procedure outlined above

Redaction toolkit for paper and electronic documents

For spreadsheets containing multiple sheets, export each individual sheet as a

separate csv file and then redact it. Once the required data has been redacted,

recombine the individual csv files into a single spreadsheet if required

It is important to note that if the spreadsheet to be redacted contains macros,

equations, graphs or other similar added content, such items are not supported

in csv files. In this event, the manual redaction method described below may

be more suitable

Conventional redaction methods

10. In some circumstances, it may be preferable to redact an electronic office

document by traditional methods, rather than electronically.

This guidance applies to word-processed documents and spreadsheet files as

described above.

Redact documents using the following steps:

Either:

 print the document to paper

 redact the paper copy (using conventional methods for redacting paper

records)

 if an electronic version of the redacted document is required, create this by

scanning the redacted paper copy into an appropriate format, such as Adobe

Portable Document Format

 make an electronic copy, redact it by deleting all restricted information and

replacing it with the text string [redacted], so that redaction is apparent but the

space cannot be used to identify the missing information

 print the redacted document to paper

 if an electronic version of the redacted document is required, create this by

scanning the redacted paper copy into an appropriate format, such as Adobe

Portable Document Format

When redacting electronic formats, keep a record of decisions in the same way

as with paper formats. See section 6 Keeping records of redaction work.

Save the redacted version of the record into an electronic records management

system (ERMS) at the time of creation. This will automatically record the identity

of the individual saving the document as well as the time and date. Recording

the reason for redaction needs to be input manually.

Some ERMS solutions offer additional functionality whereby it is possible to

create a rendition, which is a related instance of the original document. The

rendition can be redacted and saved within the ERMS and its relationship to

the original document will be recorded by the ERMS.

Redaction toolkit for paper and electronic documents

Appendix 3

Sample of simple form for recording redaction decisions

Date of

redaction

Document

reference

Details of

exempt

material

Exemption

applied

Justification for

exemption

Reviewer’s

comments

Any other

comment

Example of form to record decisions and pass on information to document editors

carrying out redaction

Editing requirements: Series______ Piece______

Folio

Paragraph

Line

From

(inclusive)