Back to Blog

Redaction Run Down: A Deeper Look at Redaction in eDiscovery

February 23, 2023
Redaction in eDiscovery

As an eDiscovery professional or investigator, you already know the basics of redaction – obscuring or masking sensitive information from a document before it is shared with parties outside the discovery process. But what if you could take your understanding of redaction to the next level and become an expert in this critical aspect of eDiscovery?

In this article, we’ll explore the challenges, common mistakes, solutions, and best redaction practices to help you take your skills to the next level.

Challenges of Redaction in eDiscovery

Identification of the sensitive data:

It is one of the biggest challenges of redaction in eDiscovery. Whether it’s a social security number, a confidential business proposal, or personal health information, it’s essential that all Non-Responsive, Privileged, and sensitive information is appropriately identified and redacted before the document is shared outside of the discovery process. However, this can be time-consuming and complex, especially when dealing with large volumes of data.

Ensuring document integrity:

It’s essential that the original document remains intact and that the redaction process does not compromise its authenticity. This is particularly important in legal proceedings, where the authenticity of a document can be critical to the outcome of a case.

Common Redaction Mistakes in eDiscovery

Redacting a document during the eDiscovery review can seem straightforward, but simply drawing a black box over sensitive text is not enough. Proper redaction requires careful consideration to prevent the accidental release of confidential or privileged information. To ensure successful redaction, it is important to be aware of common redaction failures. Here are some of the most frequent mistakes and how to avoid them. Despite the appearance of ease, the process of redaction requires a closer look, and even experienced eDiscovery professionals can make mistakes.

Failure to “burn” the redaction into the image:

Redaction can be easily removed if not correctly “burned” into the image. The most common mistake is to redact by obscuring the text with a black box, which can be removed with a simple “cut and paste.” Review applications should ensure “burned-in” redactions for anything exported or printed.

Failing to update corresponding text files:

Even with proper image redaction, redacted text can still be disclosed if the corresponding text file isn’t updated to remove the redacted text. This can occur when the text file is extracted from the native file or generated through Optical Character Recognition (OCR). Failing to update the corresponding text files risks the production of confidential information.

Producing un-redacted native files:

When producing native files, parties should discuss how to handle native files that require redaction. Converting the native files to an image format and redacting the image is the typical approach, but parties may agree to “redact” the native files themselves. If so, the text should be deleted or replaced with meaningless content to preserve text flow and pagination and remove residual document composition information.

Failing to redact metadata:

Sensitive data can still be disclosed if the produced metadata is not checked for redacted content. It is important to check and remove any sensitive data in the metadata to ensure proper redaction.

Quality Control (QC) Check before producing:

A checklist should be used to ensure proper redaction of image files, native files, corresponding text files, and metadata. Failing to properly check and redact these files risks the production of privileged or confidential information.

Solutions to Overcome Redaction Challenges

So, how do we overcome these challenges and make redaction a more efficient and effective process in eDiscovery?

The answer lies in technology. By leveraging the AI-enabled review platforms, eDiscovery professionals can not only automate the redaction process but also reduces the time taken to perform the redaction and achieve more accurate results.

For example, AI-powered redaction tools can analyze vast amounts of data and identify sensitive information, such as social security numbers, credit card numbers, bank account numbers, Non Responsive terms, and Privileged terms with near-perfect accuracy. This not only saves time but also helps to ensure that all sensitive information is identified and redacted, reducing the risk of data breaches and other security incidents.

AI-powered redaction tools also can help copy the redactions from their master documents to their exact duplicates, which further reduces hundreds of man-hours.

Once the technology is done with its magic, it becomes easy for reviewers to take a quick glance and perform advanced searches to ensure that all the sensitive or privileged information is appropriately redacted under proper conditioning, mitigating the risk of retrieval of redacted data.

Best Practices for Effective Redaction

While technology is a critical component of effective redaction, it’s also important to follow best practices to ensure the process runs smoothly.

Here are a few best practices to keep in mind:

Define your redaction criteria:

Before you begin the redaction process, it’s essential to define your criteria for what information should be redacted and why. This will ensure that you are consistent in your approach and that all sensitive information is adequately identified and redacted.

Use automated redaction software:

Automated redaction software offers a cost-effective and efficient solution for obscuring sensitive information in large volumes of data. With the increasing success of legal technology, it’s important to choose a comprehensive solution that optimizes professionals’ time and effort in the right way. By choosing an industry-leading brand like ours that offers a complete package, including redaction tools integrated with a review platform, you can be confident that you are using the best technology available to secure your sensitive information.

Double-check the redaction:

With our 20+ years of experience, we have learned that you can never be too careful. It is important to double-check the redaction to ensure that all sensitive information has been properly obscured. This includes reviewing a sample of the redacted documents and using tools like OCR to verify that the information is not readable.

Store redacted documents securely:

Another best practice that can save you during rainy days. Redacted documents must be stored securely to ensure that sensitive information is not compromised at any instance. This includes using encryption and access controls to protect the data.

Keep a record of the redaction (Never skip this one, you will thank us later for pointing this out):

Keeping a record of the redaction process is essential to ensure that the redaction can be audited and verified if necessary. This includes maintaining a log of the redacted information and the reason for the redaction. Choose review platforms that track records and maintain a log of all the tasks and actions performed on documents during the review.

Train staff on redaction procedures:

We have witnessed many cases where unskilled staff has caused damage beyond repairs. Hence, ensure the staff members responsible for redaction must be trained on the process and best practices to perform the redaction effectively and consistently.

Summing Up

Redaction is a critical aspect of eDiscovery, and by understanding the challenges, solutions, and best practices, you can become an expert in this field and help your organization achieve more efficient and effective results. We have been one of the leading eDiscovery solution providers since 2002. We have witnessed many cases where the entire case falls apart due to inefficient redaction. Thankfully, today things are not that difficult. Legal technology has evolved tremendously, and by leveraging the power of technology and following best practices, you can help ensure that all sensitive information is adequately identified and redacted, protecting your organization and your clients from potential data breaches and other security incidents.

Author

Ravi Thakor
Ravi is a senior project manager at Knovos, handling clients' portfolios in eDiscovery and ADR space. He holds BSL.LLB degree from the prestigious Pune University. Later, he went to the UK to pursue a Business & Commercial Law postgraduate from Liverpool John Moores University, London. He has experience working as a Paralegal with a UK-based Law Firm and Litigation Associate with an LPO.