Redaction is the disciplined removal of information from a record before it is disclosed, so that the released portions can be shared while the withheld portions remain protected. In the context of the Freedom of Information Act (FOIA) and analogous state public-records laws, redaction is not an act of censorship but the operational expression of statutory exemptions. When an agency withholds a name, a Social Security number, or a deliberative paragraph, it is asserting that a specific exemption authorizes that withholding. Done well, redaction lets an agency honor the public’s right of access while still protecting privacy, security, and legally privileged material. Done poorly, it produces over-redaction that defeats transparency, or under-redaction that irreversibly exposes information the law required it to protect.
The stakes are unforgiving because redaction failures are usually one-way. Once a record is released with hidden text that can be recovered, or with personal data left visible, the disclosure cannot be undone. The discipline below treats redaction as a controlled process with defined exemptions, verifiable techniques, and a quality-assurance step that assumes human error rather than hoping to avoid it.
Ground Every Redaction in a Specific Exemption
A redaction should never be a matter of taste or convenience. Each withheld item should map to a particular FOIA exemption (or a state-law equivalent) and, ideally, be logged with that justification. FOIA’s exemptions cover categories such as properly classified national-security information, internal personnel rules, information specifically exempted by other statutes, trade secrets and confidential commercial information, certain inter- and intra-agency deliberative communications, personal privacy, and specified categories of law-enforcement records. Agencies are generally expected to apply a foreseeable-harm standard, withholding only where disclosure would actually injure a protected interest rather than withholding reflexively.
Personal-privacy redactions deserve special care because they intersect with the Privacy Act of 1974, which governs how federal agencies handle records about individuals. A useful habit is to maintain a redaction code on or alongside each marking that names the exemption being invoked, so the released document is self-documenting and a reviewer can reconstruct the legal basis later.
Honor the Segregability Requirement
A foundational principle is that exempt and non-exempt information must be separated. An agency cannot withhold an entire page, email, or report simply because a portion of it qualifies for an exemption. Reasonably segregable non-exempt material must be released. In practice this means redacting at the smallest defensible unit: a sentence, a phrase, or a single data element, rather than blacking out a whole paragraph to bury one protected name.
Segregability also disciplines the requester relationship. When a release is heavily redacted, the agency should be able to explain why the remaining material could not be separated and disclosed, and many programs provide the requester with the volume of pages withheld in full versus released in part. Treating segregability as a default forces the reviewer to justify each black box rather than each release.
Use Techniques That Truly Destroy the Underlying Data
The most damaging redaction errors are technical, not legal. Drawing a black rectangle over text in many viewers only adds a graphical layer; the original characters remain in the file and can be copied, searched, or revealed by removing the overlay. Changing font color to white, highlighting in black, or placing an opaque image on top of live text all leave the data recoverable. Effective redaction removes or rasterizes the underlying content so that nothing extractable remains beneath the marking.
Beyond the visible text, several hazards recur:
- Metadata and document properties — author names, revision history, comments, and tracked changes can leak protected information even when the page body is clean.
- Hidden layers and objects — speaker notes, off-canvas content, cropped (not deleted) image regions, and embedded files.
- Spreadsheets — hidden rows, columns, sheets, and formulas that reference suppressed values.
- OCR and text layers — a scanned page may carry a searchable text layer that does not match the redacted image.
A reliable workflow flattens the document to an image-based or otherwise sanitized format after redaction, then re-runs extraction tools to confirm that no protected string can be pulled back out.
Build Redaction Into the Records Lifecycle, Not Just the Release
Redaction is far easier and more accurate when the underlying records are well-organized and consistently described. Sound records management practice, as reflected in NARA guidance and in records standards such as the ISO 15489 family, emphasizes capturing reliable metadata and managing records through their lifecycle. Agencies that know what they hold, where sensitive elements live, and how records are classified can locate responsive material faster and redact more precisely.
It is worth noting that modern electronic records management requirements have shifted: NARA revoked its endorsement of the DoD 5015.2 standard in 2022 in favor of the Universal Electronic Records Management Requirements developed through the Federal Electronic Records Modernization Initiative (FERMI). The practical lesson for redaction is that systems should support capabilities such as marking, access control, and reliable export of release versions, rather than chasing a single legacy certification. For a broader view of how access requests fit into records programs, see the FOIA and public records hub.
Apply Quality Assurance That Assumes Human Error
Because redaction failures are irreversible, the strongest programs design for the mistake they expect to make. A second-reviewer check, separate from the person who applied the redactions, catches both legal over-reach and technical leakage. Reviewers should verify the redacted output as the requester will receive it, opening the final file and attempting to select, copy, and search the masked regions to confirm nothing survives.
Practical safeguards that reduce risk include:
- Working from a copy, never the original record, so the source remains intact.
- Maintaining an exemption log that ties each redaction to its legal basis.
- Sanitizing metadata and verifying the absence of hidden content.
- Confirming page counts and consistency between the redaction log and the released set.
- Documenting the release so the agency can defend it during an appeal or before an oversight body.
Be Consistent, Transparent, and Defensible
Consistency is itself a best practice. Similar information should be redacted the same way across a release and across comparable requests, both to treat requesters fairly and to withstand appeal. When portions are withheld, clear markings indicating which exemption applies help requesters understand the decision and pursue administrative remedies if they disagree. Transparency about the process, paired with rigorous technique, is what separates a defensible redaction program from one that merely hopes no one looks too closely. The goal is always the same: release everything the public is entitled to see, protect only what the law actually shields, and ensure that the protection holds.
Sources & further reading
Authoritative government and non-profit references.
- FOIA frequently asked questions — FOIA.gov / U.S. DOJ
- DOJ Office of Information Policy (FOIA guidance) — U.S. Department of Justice
- Privacy Act of 1974 — U.S. Department of Justice
How to cite this page
APA
RM University Editorial Team. (2026). Redaction Best Practices for FOIA Releases. Records Management University. https://www.recordsmgmt.org/articles/redaction-best-practices-for-foia-releases/
MLA
RM University Editorial Team. "Redaction Best Practices for FOIA Releases." Records Management University, 16 June 2026, www.recordsmgmt.org/articles/redaction-best-practices-for-foia-releases/.