Affiliation:
1. Monash University, Melbourne, Australia
Abstract
Document redaction has become increasingly important for individuals and organizations. This article investigates public-sector information redaction practices in order to determine if they adequately protect personal information from accidental disclosure due to redaction errors. Despite the importance of this in respect of data protection, 66.4% of those Public Authorities that responded did not hold formal policies or procedures
at all
. To assess those policies that did exist, we produced a 17-item check list of minimum best practice. Even those with policies and procedures had substantial defects to some degree (with the median performance being 29.4% on our checklist), with policies frequently recommending the use of high-risk redaction methods and overlooking essential practices. This means that these existing practices amount to widespread breaches of data protection law on the ground. To remedy this, we articulate a new set of document redaction standards, which overcome the existing inadequacies in current guidance, as well as make proposals for regulatory reform in this space.
Publisher
Association for Computing Machinery (ACM)
Reference64 articles.
1. UK Government. 2022. “Departments agencies and public bodies - GOV.UK - GOV.UK ” 2022. Retrieved April 06 2022 from https://www.gov.uk/government/organisations
2. UNESCO. 2019. “UNESCO launches SDG survey on access to information at the UN. UNESCO Jul. 18 2019. Retrieved September 28 2022 from https://en.unesco.org/news/unesco-launches-sdg-survey-access-information
3. Information Commissioner's Office. 2018. How to disclose information safely. 2018. Retrieved January 27 2023 from https://ico.org.uk/media/2013958/how-to-disclose-information-safely.pdf
4. C-sanitized: A privacy model for document redaction and sanitization
5. Redacting Sensitive Information from the Data