Welcome to Veritone’s blog series on redaction. This series will dive into what information needs to be redacted, redaction best practices, automated redaction, and redaction for audio and video.
We’ve all seen—or rather, not seen—examples of what redacted information can look like. In the age of physical documents, this could look like stacks of papers with black bars covering text or covering someone’s face in a photograph.
The digital era presents its own unique set of celebrations and challenges. Today, we have a surplus of different data mediums and tools that can help automate or speed up the redaction process, however it’s this exact surplus that can create bottlenecks in different workflows and inspire a need for redaction services and tools that can keep up with demand.
Summary
In this blog, we’ll cover:
- The definition of and purpose of redaction
- Different types of redaction
- Laws and regulations around redaction
Our first chapter is all about the concept of redaction, or sanitizing documents, audio, and video of certain information, usually for personal identifiable information (PII). Let’s get started!
What is redaction?
In its most basic form, redaction is the process of removing sensitive information or personal data from a document or other form of communication.
Depending on the field or industry, redaction can look different. In this series, we’ll be looking at redaction from the perspective of legal teams, law enforcement agencies (LEAs) and federal government agencies, so the discussion will focus on the redaction of different types of evidentiary data, such as text documents, imagery, videos, and audio.
What is the purpose of redaction?
Properly redacted evidence is an important way to protect the PII of those involved in the evidence along with the integrity of the case.
PII is any piece of information that permits an individual’s identity to be inferred either directly or indirectly. Types of PII can include:
- Names
- Biometrics
- Social Security, driver’s license, or Alien Registration numbers
- Medical or financial information
- And more
Redacting sensitive information also helps teams and agencies comply with legal processes and privacy laws while also preventing misuse or unauthorized access to sensitive information. Leaked PII could easily become a privacy incident and lead to disruptions in the case.
What types of redaction are there?
When it comes to the redaction of PII, there are a few different types to consider.
Manual redaction
This requires someone to manually identify and blackout, blur, or remove sensitive information within the data. This method is the most time-consuming and least cost-effective. For example,
Automated redaction
This method utilizes software algorithms to automate the identification and redaction of sensitive or confidential information. Veritone Redact is an example of automated redaction software that uses proprietary AI to minimize cost and maximize efficiency and transparency.
Real-time redaction
This involves the use of technology to redact sensitive information from audio and video in real time, or as it is being recorded. This could look like redacting sensitive information during a live stream.
Partial redaction
Partially redacting sensitive information could look like removing names, personal data, or likenesses while leaving other information intact.
Complete redaction
This method, on the other hand, completely removes all PII or sensitive information from the data and only shows the relevant information.
Redaction laws and regulations
Let’s take a look at different laws and regulations that involve the redaction or handling of PII.
Freedom of Information Act (FOIA)
Enacted in 1967, FOIA offers the public the right to request to view or access records from any federal agency in an effort to keep government agencies transparent with US citizens. Unless the request falls under one of nine exemptions (due to protecting personal privacy, law enforcement, and national security). Because of these requests’ sensitive nature, FOIA requires government agencies to redact confidential information before releasing public records, but according to law, all FOIA requests must receive a response within 20 working days.
Health Insurance Portability and Accountability Act (HIPAA)
HIPPA is a federal law that provides national standards for protecting sensitive patient health information and keeping it from being disclosed or shared without that patient’s knowledge or consent. Because health records are a form of PII and are highly sensitive, healthcare providers must redact the necessary information in order to protect the patient’s right to privacy.
General Data Protection Regulation (GDPR)
The GDPR is a legal framework for companies that are collecting and processing their consumers’ personal information. This regulation requires companies to redact personal data to protect the privacy of individuals and help empower consumers by holding these entities accountable for the way their information is handled. Note: although the GDPR is a European law, these requirements can apply to any website that attracts European visitors, which includes many US-based companies, nonprofits, universities, and organizations.
California Consumer Privacy Act (CCPA)
Similar to the GDPR, the CCPA offers California-based consumers greater control over how businesses collect and use their personal information, requiring companies to redact these consumers’ personal information before sharing it with third parties. The CCPA also presents consumers with the rights to know what personal information is collected and how it is used, to deny the sale of their personal information, to delete personal information (with exceptions), and to non-discrimination for exercising these rights.
And more…
Many other laws and regulations, such as the Fair Credit Reporting Act (FCRA) and the Gramm-Leach-Bliley Act (GLBA), also specify requirements for redacting sensitive information.
Continue learning:
What Needs to Be Redacted From Legal Documents?
In this chapter, we’ll take a closer look at the types of information that need to be redacted from legal text, image, audio, and video files. This mostly involves PII but can include other confidential information.
Redaction Best Practices
After covering what redaction is and what information needs to be protected during the redaction process, we’ll get into the best practices of performing proper redactions. By using redaction best practices, teams and agencies can prevent issues with privacy laws, legal processes, transparency, chain of command, and more.
Automated Redaction
In the digital age, manual redaction is becoming more unfavorable by the day. In this chapter, we’ll discuss how automated redaction can help increase teams’ and agencies’ productivity, accuracy, and transparency while saving time, money, and employees’ peace of mind.
Video Redaction
The world is now overflowing with video content and data, which presents a double-edged sword to government agencies, LEAs, and legal teams: there’s a mountain of evidence to help shine a light on the truth, but the time it takes to properly redact video evidence can present huge workflow issues to these teams. This blog will cover the unique challenges that video redaction presents.
Audio Redaction
Much like the blog on video redaction, this chapter will showcase the challenges and best practices for audio redaction, whether it’s purely an audio file (such as a recording of a conversation) or part of a piece of video evidence.
Conclusion
Thank you for joining us for the introductory chapter of this series on redaction. If you or your team are interested in FedRAMP-approved, AI-powered automated redaction software or redaction services, contact one of our Veritone team members to learn more about how we can help you meet your redaction needs.