PDF Redaction Guide: True Removal vs Black Boxes

Redaction failures appear in the news every year. A government PDF, a corporate filing, a court exhibit — all leaked because someone drew a rectangle instead of removing content. Real redaction is irreversible by design, and it requires more than just covering pixels.

Black Box vs True Redaction

ApproachWhat it doesReversible?Verdict
Drawn rectangle / annotationOverlays a shape on the pageYes — delete the annotationUnsafe
Highlighted with blackAdds an annotation onlyYes — copy text from underneathUnsafe
Hidden layer (OCG)Marks content non-visibleYes — toggle layer visibilityUnsafe
True redactionRemoves content from the streamNoSafe (combine with sanitize)
Rasterize pageReplaces page with a flat imageNo, but text becomes unsearchableHeavy-handed but safe

A Safe Redaction Workflow

  1. OCR first. Run OCR on scanned pages so the redaction tool can see and target the hidden text layer.
  2. Mark redactions. Use a redaction-aware tool to select text, regions, or by pattern (SSN, email, phone).
  3. Apply redactions. This step physically removes the content. Once applied, it cannot be undone.
  4. Sanitize the document. Strip metadata, embedded scripts, hidden layers, comments, form data, and obsolete object versions.
  5. Save As (not Save). Save As writes a fresh PDF; Save can leave previous object generations recoverable.
  6. Verify. Open the saved file, search for known redacted strings, inspect properties, and check that nothing comes back.

Metadata: The Quiet Leak

Even after every visible word is gone, metadata often still leaks. The XMP stream may contain the original title, author, or even a description that summarizes the redacted text. Bookmarks and document outlines may reference the old text. Embedded fonts can include subsetted glyphs spelling out the redacted name. Form fields keep default values. Comments preserve discussion threads. Every serious sanitize pass scrubs these.

When to Rasterize Instead

If the source PDF is messy, has many layers, or you simply don't trust a partial removal, rasterize the page. The page becomes a flat image — text, fonts, and vector paths are replaced with pixels. Sensitive content cannot be selected or recovered. The trade-off is loss of searchability and accessibility. Rasterize as a last-resort safeguard for high-stakes documents.

A Safe Redaction Workflow

For anything legally or commercially sensitive, follow this order — the failures that make the news almost always come from skipping a step:

  1. Never use a black rectangle or highlighter as redaction. The text under a drawn box is still selectable and copyable — this is the single most common leak.
  2. Use a true redaction tool that removes the underlying content from the content stream, not just covers it.
  3. Sanitize metadata afterward — XMP title/author, bookmarks, comments, form defaults, link targets, and OCR text layers can all still spell out what you removed.
  4. Save As a fresh PDF (not an incremental save), so earlier revisions aren't recoverable from the file history.
  5. Verify on the output: try to select and copy where the redaction was, search for a known sensitive word, and check Document Properties. When the stakes are very high, rasterize the affected pages as a belt-and-braces final step.

Mark Documents Before Sharing

Apply a "CONFIDENTIAL" watermark on top of sensitive PDFs entirely in-browser.

Watermark PDF →

Frequently Asked Questions

No — and this is the classic, headline-making mistake. A drawn black box or highlight sits on top of the text; the words underneath remain in the content stream and can be selected, copied, or extracted programmatically. You must use true redaction that deletes the underlying content, then sanitize metadata.
Removes content from the content stream irreversibly, then sanitizes metadata.
Often. XMP, comments, bookmarks, and embedded scripts must all be stripped.
Not when done properly. Save As fresh PDF after applying and sanitizing.
OCR text, alt text, link targets, comments, form defaults, embedded font glyphs.