How to Redact a PDF So the Data Is Actually Gone

Why most PDF "redaction" doesn't work

Most PDF tools - including Adobe Reader, browser-based viewers, and free online editors - offer annotation features that look like redaction. You draw a black rectangle, it covers the text, the document looks redacted. But those annotations sit on top of the text layer. The original data is still embedded in the PDF file structure.

This isn't a theoretical risk. The ICO has investigated cases where overlay redaction in FOI responses exposed personal data that should have been removed. Courts have received disclosure documents where redacted content was trivially recoverable.

Genuine redaction uses a technique called pixel-burn: the tool renders the page area to an image, draws the redaction over it, and replaces the original text data with flat image pixels. The text is gone from the file, not just hidden.

Step-by-step process

The exact steps depend on your tool, but the workflow is the same regardless of whether you're using RedactProof, Adobe Acrobat Pro, or another dedicated redaction application.

1. Open the document in a redaction-capable tool. Not a general PDF viewer - a tool that specifically offers permanent redaction. If you're unsure whether your tool does genuine redaction or overlay, check by running a test document through it and attempting to copy text from behind the marks.
2. Run automated detection (if available). Tools with AI-based PII detection will scan the document and flag personal information - names, addresses, dates of birth, National Insurance numbers, email addresses, and more. Review the results. Automated detection won't catch everything - unusual formats, context-dependent information, and data in embedded images may need manual identification. But it catches the bulk of standard PII types and significantly reduces the chance of missing something.
3. Manually review and mark additional content. Walk through the document page by page. Pay attention to headers and footers (they repeat and are easy to overlook), tables (data in cells is dense and hard to scan quickly), embedded images, and metadata. If the document references people by partial names, initials, or role titles that could identify them, consider whether those need redacting too.
4. Apply the redactions. In most tools, this is a separate "apply" or "burn" step. Until you apply, the redactions are provisional - you can adjust, add, or remove marks. Once applied, the underlying data is permanently destroyed. This is not reversible. Make sure you're working on a copy, not your only version of the document.
5. Strip metadata. Remove author information, revision history, comments, tracked changes, and any embedded file attachments that might contain personal data. Some tools do this automatically when you apply redactions. Others require a separate step.
6. Verify the output. Open the redacted file in a different application. Try to select text behind the redaction marks. Search the file for strings you know should be removed. If anything comes through, your redaction is incomplete.

Browser-based versus desktop tools

Desktop applications like Adobe Acrobat Pro and Foxit require installation, which in some organisations means waiting for IT approval and managing licence keys across machines. They work reliably but are tied to specific devices.

Browser-based tools run in your web browser without installation. RedactProof processes documents locally in the browser - the file doesn't leave your device. This is particularly useful in firms where installing software requires an IT ticket, or where staff work across multiple machines. The processing happens on your hardware, so performance depends on your device, but modern laptops handle typical legal documents without difficulty.

Cloud-based tools upload your document to a remote server for processing. This offers the convenience of browser access without the hardware dependency, but means your confidential documents travel to a third party's infrastructure. For legal work involving privileged material, client data, or regulated information, check whether this aligns with your data handling obligations.

What to do with scanned documents

Scanned PDFs - where pages are images rather than digital text - require an additional step. OCR (optical character recognition) converts the image content into searchable text, which can then be detected and redacted. Without OCR, a PII detection tool can't read what's in the image.

Run OCR before detection, not after. Once you have text-searchable pages, the rest of the process is the same as for digital PDFs. After redaction, the text layer is destroyed by the pixel-burn process, so the final output is secure regardless of whether the original was scanned or digital.