Every year, law firms, government agencies, and HR departments accidentally expose sensitive information in PDFs they thought were properly redacted. The reason is almost always the same: someone drew a black rectangle over the text and assumed the information was gone. It wasn’t. If you need to redact sensitive information from PDFs, you need to understand why that approach fails and what to do instead.
The Black Box Problem: Why Most PDF Redaction Is Fake
This is the single most important thing to understand about PDF redaction: a black box drawn over text does not remove the text. It just hides it visually. The underlying text data is still embedded in the PDF file and can be extracted in seconds.
Here’s what actually happens when someone “redacts” a PDF by adding a black rectangle or placing a black shape over text before exporting:
- The black shape is added as a visual layer on top of the page.
- The original text remains in the PDF’s content stream.
- Anyone can copy-paste the “redacted” area and see the hidden text.
- A simple “Select All > Copy > Paste into Notepad” reveals everything.
This isn’t a theoretical risk. In 2021, a legal filing by Paul Manafort’s attorneys had their “redacted” sections exposed this way, revealing details about his interactions with Russian intelligence. A TSA report suffered the same fate, exposing sensitive airport screening procedures. These weren’t amateurs — they were professionals who didn’t understand how PDF redaction actually works.
Real redaction permanently removes text data from the PDF file. The characters are deleted from the content stream, not just covered up. Once properly redacted, the information cannot be recovered by anyone, regardless of what tools they use.
What You Need to Check Before Sharing Any PDF
Before we get to the tools, here’s a checklist of sensitive data that people commonly forget to redact. This list is especially relevant for lawyers, HR professionals, healthcare workers, and anyone handling regulated information.
Visible text to look for:
- Social Security numbers, tax IDs, and government identifiers
- Bank account and routing numbers
- Credit card numbers
- Home addresses and personal phone numbers
- Dates of birth
- Medical record numbers and diagnosis codes
- Salary and compensation figures
- Confidential business terms (pricing, margins, deal structures)
Hidden data most people miss entirely:
| Hidden Data | Where It Lives | Why It Matters |
|---|---|---|
| Document metadata | File > Properties | Contains author name, organization, creation date, software used, revision history |
| Comments and annotations | Annotation layer | Previous reviewers’ notes may contain sensitive discussion |
| Hidden layers | Layer panel | Some PDFs have toggleable layers with concealed content |
| Embedded attachments | Attachments panel | Files attached to the PDF that don’t appear on any page |
| Bookmarks | Navigation panel | May reference sections by confidential names |
| Form field data | Interactive forms | Previously entered data that’s invisible but stored |
| JavaScript | Document scripts | Can contain logic, URLs, or data references |
| XMP metadata | Raw file data | Extended metadata including GPS coordinates from scanned photos |
This is why proper redaction is a two-step process: remove the visible sensitive text AND sanitize the hidden document data. Most people only think about the first step.
Tools That Do Real Redaction
Not all PDF editors offer true redaction. Many only offer annotation tools that draw shapes over text — the exact approach that doesn’t work. Here are tools that actually remove data from the file.
Adobe Acrobat Pro
Adobe Acrobat Pro is the industry standard for PDF redaction and the tool most legal and compliance departments trust. Its redaction workflow is explicit and thorough:
- Select the Redact tool from the toolbar.
- Mark text, images, or areas for redaction (they appear highlighted in red).
- Click Apply Redactions to permanently remove the marked content.
- Use Sanitize Document to strip metadata, hidden layers, comments, attachments, and other non-visible data.
The “Apply” step is critical. Marking content for redaction doesn’t remove it — applying does. This two-step design prevents accidental data destruction, but it also means forgetting to click “Apply” leaves everything exposed.
Acrobat Pro costs $22.99/month on an annual plan. For organizations that redact documents regularly, it’s the most battle-tested option.
Super PDF Editor
Super PDF Editor offers a redaction feature built into its Google Workspace add-on. If your team works in Google Drive, this is a practical option because you can redact a PDF without downloading it first — right-click the file in Drive, open it in Super PDF Editor, apply redactions, and save back to Drive.
This matters for workflow reasons. When dealing with sensitive documents, every download to a local machine is a potential data leak point. Keeping the file in Drive’s controlled environment and redacting it there reduces the surface area for mistakes.
PDF-XChange Editor
A Windows-only desktop editor that includes proper redaction tools at a lower price point than Adobe ($56 one-time for the Plus version). It handles marking and applying redactions correctly and includes document sanitization. It’s a solid choice for Windows users who need redaction capabilities without an Adobe subscription.
Preview (macOS) — Use With Extreme Caution
Apple’s Preview app is a trap for redaction. It lets you draw black rectangles over text, which looks like redaction but absolutely is not. The underlying text remains in the file. Do not use Preview for redacting sensitive PDFs. It is an annotation tool, not a redaction tool. Every few years, a news story breaks about sensitive data exposed because someone used Preview’s black rectangles. Don’t be that story.
Step-by-Step: How to Properly Redact a PDF
Regardless of which tool you use, follow this process:
1. Work on a copy, not the original
Before touching anything, duplicate the file. Name it clearly — something like Document_REDACTED_2026-04-07.pdf. This preserves the unredacted original in case you need to re-redact differently later (with appropriate access controls on the original, of course).
2. Identify all sensitive content
Read the entire document. Don’t skim. Sensitive information appears in places you don’t expect — headers, footers, page numbers that reference case names, watermarks, and table cells that are easy to overlook.
3. Mark content for redaction
Use your tool’s dedicated redaction feature — not the highlighter, not the rectangle tool, not the text strikethrough. The redaction tool specifically. Most redaction tools also let you search for patterns like Social Security numbers (XXX-XX-XXXX) or email addresses. Use this feature. It catches instances your eyes will miss, especially in long documents.
4. Apply the redactions
This permanently removes the marked content from the PDF. In Adobe Acrobat, this is the “Apply Redactions” button. In other tools, it may be called “Burn In” or “Flatten.” After this step, the data is gone. You cannot undo it (which is why you’re working on a copy).
5. Sanitize the document metadata
This step is the one people skip, and it’s the one that causes data breaches. After applying visible redactions, strip all metadata, comments, annotations, hidden layers, embedded attachments, form field data, and JavaScript. In Adobe Acrobat, the Sanitize Document feature handles most of this in one click. In other tools, you may need to check each category manually.
6. Verify the redaction
Open the redacted file in a different PDF viewer. Try to select text in the redacted areas — you shouldn’t be able to. Copy all text from the document and paste it into a text editor to confirm no hidden text comes through. Check document properties for remaining metadata.
7. Control the distribution
Even a properly redacted document should be shared thoughtfully. Use share links with expiration dates where possible. If using Google Drive, set specific viewer permissions rather than sharing with “anyone with the link.”
Common Redaction Mistakes to Avoid
Using white text on a white background. This is the same problem as black boxes — the text is still there, just invisible against the background. Copy and paste reveals it instantly.
Redacting the PDF but not the source file. If you redact a PDF but the original Word document is still accessible in the same shared folder, you haven’t accomplished anything. Secure or delete the source file.
Forgetting about previous versions. Google Drive and other cloud storage platforms keep version history. If you edited a PDF in place (rather than creating a redacted copy), previous unredacted versions may still be accessible. Always work on a new copy and check that the sharing settings on the original are restricted.
For day-to-day business use — removing a client’s phone number before sharing a proposal, stripping salary data from an HR template, cleaning up a contract before sending it to a new vendor — the process above is solid. Use a tool with real redaction capabilities, sanitize the metadata, verify the output, and share carefully.
The difference between cosmetic redaction and real redaction is the difference between privacy and the illusion of privacy. Now you know which one you’re doing.