Cool to see this here. It’s funny because we do so many huge, complex, multiyear projects at Free Law Project, but this is the most viral any of our work has ever gone!
Anyway, I made X-ray to analyze the millions of documents we have in CourtListener so that we can try to educate people about the issue.
The analysis was fun. We used S3 batch jobs to analyze millions of documents in a matter of minutes, but we haven’t done the hard part of looking at the results and reporting them out. One day.
> Information Leaking from Redaction Marks: Even when content is properly removed, the redaction marks themselves can leak some information if not done carefully. For example, if you have a black box exactly covering a word, the length of that black box gives a clue to the word’s length (and potentially its identity).
Does X-ray employ glyph spacing attacks and try to exploit font metric leaks?
No, we worked with researchers that developed that kind of system, but didn't broadcast our work b/c the research was too sensitive. Seems the cat is out the bag now though.
I think the combination of AI and font-metrics is going to be wild though. You ought to be able to make a system that can figure out likely words based on the unredacted ones and the redaction's size. I haven't seen any redaction system yet that protects against this.
I thought glyph spacing attacks are an old idea; like I recall reading about such ideas 10-20 years ago unless I’m misremembering. Can you clarify why it was considered “too sensitive” if the whole point of this effort is to showcase these attacks?
It’s a fine line. Most redactions are for the good, to protect someone or something. For example even in the Epstein files, where some redactions are being abused, most redactions are protecting victims.
If there’s a way to undo huge amounts of redactions, that’d certainly be a net negative. Sort of like if encryption were suddenly broken, you wouldn’t publish a paper saying so.
Our goal has always been to educate about the problem so that it can be addressed. We didn’t have resources to push on the font metrics approach, so we stayed mostly quiet about it.
> If there’s a way to undo huge amounts of redactions, that’d certainly be a net negative. Sort of like if encryption were suddenly broken, you wouldn’t publish a paper saying so.
I can't state emphatically enough how this is not the right mental playbook.
If you have found a vulnerability, it's likely someone else has too. By sitting on it, you only create more future victims.
Disclosure will lead to fixing this issue, mitigating it's precense, or switching tools/workflows, possibly a combination of. Sitting on it only ensures that folks who think they are protected, actually aren't.
We’re familiar with vulnerability disclosure philosophies, but what if the problem can’t be fixed because there’s no forward secrecy for the hundreds of millions of documents that are already out there?
It’s tricky stuff and we have limited resources, unfortunately.
> I haven't seen any redaction system yet that protects against this.
The linked article suggests widening redacted areas more than needed with some randomization applied to the width. Strikes me that that wouldn't do much except add a few more possible solutions.
Yeah, the more robust protection is to widen to a constant. But in the general case that could require reflowing the pdf. But honestly single word redactions are really probably useless with cheap AI that can highly accurately fill in the gaps
If the redaction is a person's name, and there's nothing else to give the person's identity away, single word redaction probably works reasonably well, AI or no AI.
I'm not sure if you're aware, but peoples names are variable in length. We are talking about a system that can identify single character differences. So that does reduce the search space, especially since names are not all possible letter permutations. Combine that with the fact that it isn't uncommon to see partial first letters show up. You can even see some instances in the Epstein files.
Of course, you can also take this further. Even if you can't recover names you can get meta information about how many parties are involved by recognizing different length redactions correspond to different entities. While same length redaction doesn't guarantee same entity it is a hint.
This is going to be a disaster IMO because AI will just hallucinate what it thinks is the most probable redacted word and people will take that as gospel.
We don’t need a “deterrent” against things being redacted in publicly released documents. We can have transparency without the whole world finding out the names of victims and witnesses, people’s phone numbers and SSNs, etc., every time a document is released.
I suppose it gets a bit more complex again if you enable stuff like microtype, but even then you can probably measure how much inter-letter and inter-word spacing has been adjusted by just scanning other text in the same line.
I think the conclusion is honestly that PDF is an outdated format for keeping records that might have to be redacted in the future, like court documents. Something reflowable like epub could have the text replaced with constant-space black squares instead no hints leaked as someone mentioned in a parallel comment.
I’ve never heard anyone suggest PDF is a good format, and while I don’t know the spec, I imagine based on the acrobat cve list it’s an absolute clusterfuck.
I haven't gone through more than just 10% of the files released today, but noticed that at least EFTA00037069.pdf for example has a `/Prev` pointer, meaning the previous revision of the file is available inside of the PDF itself. In this case, the difference is minor (stuff moved around), but I'm guessing if it's in one file, it could be more. You can run `qpdf --show-object=trailer EFTA00037069.pdf` on a PDF file to see for yourself if it's there.
I'm almost fully convinced that someone did this bad intentionally, together with the bad redactions, as surely people tasked with redacting a bunch of files receive some instructions on what to do/not to do?
I looked into this specific file, and the history doesn't contain anything too interesting. The root file is already the fully redacted and flattened document, and the edit in question is the addition of a numbered footer to each page.
All the reporting I have read suggests that they are roping anyone and everyone they can into doing redactions. So I suspect many simply lack the experience to do it well.
Ok, so say someone says "We're overloaded, we need more people" so someone else says "Ok, department Q, R and T changes priority to doing redaction" then at least one person somewhere in this chain has to at least consider that every person from Q, R and T must go through at least a 3 slide powerpoint or whatever saying what's happening, this is what to do, this is what to not do, right?
Lol you’re assuming anyone in the management chain believes there’s any nuance or thought to the task beyond the superficial. I can assure you that lots of managers lack the humility to appreciate how little they might actually know.
They should all have been using the same redaction tooling.
If I were to hazard a guess, pure speculation, I would say the unretrievable parts were court / previously redacted and the retrievable parts are the latest round of panicked rushed redactions.
Hmmm.. The more I think about this the more any font kerning is likely a major leak for redaction. Even if the boxes have randomness applied to them, the words around a blacked out area have exact positioning that constrains the text within so that only certain letter/space combinations could fit between them. With a little knowledge of the rendering algorithm and some educated guessing about the text a bruit force search may be able to do a very credible job of discovering the actual text. This isn't my field. Anyone out there that has actually worked on this problem?
> the more any font kerning is likely a major leak for redaction
Now I want a font that randomly adjusts the kerning automagically to be used by people in standard word processors not some graphics app. In this way, every time the same word appears in the document, the kerning is different between each one.
most people cannot detect differences in kerning, and must be extreme adjustments to get people to notice. even then, the words would need to be aligned above/below each other for people to see the differences. however, a computer program analyzing the size of a bounding box would notice single pixel differences. so randomly adjusting the kearning per word by pixels between each letter would go unnoticed by the vast majority of readers, but could play absolute havoc with algos trying to decipher possible word combos based on bounding box size.
There was a recent vulnerability, where researchers were able to extract information from an encrypted chat session from an LLM, by analyzing packet size/timings of the underlying SSL connection. A classic side-channel attack. Seems possible to draw a parallel between the two.
Really depends on the length and predictability of the redaction, but yes. If it's short and contextually it's only likely to be either "yes" or "no", you've got it. If it's longer and could contain an unknown person's name along with some other words, well, that's harder.
I feel like this creates a hash value and the real question is how unique of a value does it represent and how easy it is to narrow it down given throwing a dictionary at it. Similarly, unknown names could likely be teased out like a one-time pad. If they appear in multiple sentences then their randomness quickly repeats and becomes something that potentially could be isolated from the rest of the words around them. This would probably be a fun problem for a cryptography class to work on.
If so, then finding the redacted string would be similar to trying to brute-force a hash (though presumably slower, since text layout algorithms are probably more complex than a single hash invocation).
Unlikely to be possible except for the smallest redactions, like if you have a single name redacted and a list of candidates. But I think kerning wouldn't help you much more than just knowing the rough length anyway.
Iirc WikiLeaks took the position of any information that would directly lead to the bodily harm of an individual (or something to that effect). The rational being, "Yes, group A did something horrible that warrants investigation, but if we publish their GPS coordinates they will be blown to smitherines"
Unless those people impacted were friendly to US interests? if I recall correctly they published the names of collaborators and informants in Iraq. They also published military tactics that would help those trying to kill US soldiers. GPS coordinates by comparison generally go stale very quickly.
No, that was the 2010 "diplomatic cables" release. Basically, they disseminated an encrypted version of the data cache, and gave the decryption key to a few key people, including Guardian journalist David Leigh, with the expectation he'd report on the info without sharing sensitive intel.
David Leigh then published the decryption key in his 2011 book about Wikileaks (for some reason) and the info became publicly available. Everyone pinned the blame on Assange.
Moral of the story: journalists can and will disclose ridiculously sensitive info you give them for a bit of fame and you should be extremely careful about covering your tracks.
There was, to say the least, not a specific law mandating release of the material held by WikiLeaks and specify what was to be, and what was not to be, redacted, so I don't see that as much of a guide here.
The law mandating release requires redaction of victim identities, information relating to investigations that are still active, child sexual absue material, and information related to national security.
It generally prohibits other redactions, and expressly prohibits redactions for embarassment, reputational harm, or political sensitivity.
Of course, there is considerable concern that the actual reactions do not appear to comply with the legal requirements.
FWIW, a lot of of the victims (possibly all) are saying they don't care about redactions if they end up being used to protect perpetrators. They want to make sure everyone is held accountable.
Specifically, a number of Epstein victims have complained that the release was unacceptable because it was incomplete, illegally redacted material other than victim names which was not excepted from release under the law mandating release, and because it failed to redact victim identities required to be protected under the law mandating release.
The weirdest part about that is this administration was clearly willing to just stall and could have done what the CIA and FBI does all the time and just "disappear" all of the documents.
What would be the fallout? The Democrats are complicit, the regime all but controls the judiciary (at least the Supreme Court.) And a lot of these guys are billionaires and untouchable anyway unless someone does a Luigi on them. They have the ability to just brute force past the controversy and yet they've chosen to attempt the most ridiculously inept coverup possible.
On the one the sheer stupidity of this administration and its incompetence at implementing fascism means that as bad as things are they could be much worse. On the other hand I fear that once JD Vance or someone just as evil but without Trump's instability takes power we're going to wish we'd done something more when we had the chance.
The files of a high profile and long running investigation are going to be full of false leads, hoaxes and other bullshit. The reason they don’t just always release the files after closing cases is that there genuinely are going to he innocent people caught in the crossfire who have privacy rights.
This case is so important and such a clusterfuck that the files need to be opened anyway.
Person asking above question explains he doesn’t understand so I guess he also doesn’t understand prosecutors, lawyers, law enforcement, judges make mistakes.
So yes this is best explanation. Revealing everything might bring great harm to innocent people just because they were somehow mentioned in the documents.
Just add all the experience we already have with “internet investigators” that ruin people lives for petty reasons.
The issue is more that the current US government is not
very bright. Nor very open. Kind of rogue-like.
I think governments should not be able to hide information
from citizens in general. I don't trust those who hide
stuff while being fed money from the taxpayers - that is
a modern form of slavery.
As someone who's built an entire business on "anti-screenshots" this is brilliant.
PDF redaction fails are everywhere and it's usually because people don't understand that covering text with a black box doesn't actually remove the underlying data.
I see this constantly in compliance. People think they're protecting sensitive info but the original text is still there in the PDF structure.
Not to mention some PDF editors preserve previous edits in the PDF file itself, which people also seems unaware of. A bit more user friendly description of the feature without having to read the specification itself: https://developers.foxit.com/developer-hub/document/incremen...
This made me think of something I came across recently that’s almost the opposite problem of requiring PDFs to be searchable. A local government would publish PDFs where the text is clearly readable on screen, but the selectable text layer is intentionally scrambled, so copy/paste or search returns garbage. It's a very hostile thing to do, especially with public data!
With the aggressive push of LLMs and Generative AI ..i am expecting a lot of OCR features to become "smarter" by default, namely go beyond mechanical OCR and start inserting hallucinations and sematically/contextually "more correct" information in OCR output
It's not hard to imagine some powerful LLMs being able to undo some light redactions that are deducible based on context
Adobe Pro, when used properly, will redact anything in a PDF permanently.
Whoever did these "bad" redactions doesn't even know how to use a PDF Editor.
We have paralegals and lawyers "mark for redaction", then review the documents, then "apply redactions". It's literally be done by thousands of lawyers/paralegals for decades. This is just someone not following the process and procedure, and making mistakes. It's actually quite amateurish. You should never, ever screw up redactions if you follow the proper process. Good on the X-ray project on trying to find errors.
I just want to add, applying black highlights on top of text is in fact, the "old" way of redaction, as it was common to do this, and then simply print the paper with the black bars, and send the paper as the final product.
Whoever did it is probably old, and may have done it thinking they were going to print it on paper afterwards!! Just guessing as to why someone would do this.
Or they may not understand how PDF works and think that it's the same as paper.
Especially with the "draw a black box over it" method, the text also stops being trivially mouse-selectable (even if CTRL+A might still work).
Another possibility is, of course, that whoever was responsible for this knew exactly what they were doing, but this way they can claim a honest mistake rather than intentionally leaking the data.
A while back I did a little work with a company that were meant to help us improve our security posture. I terminated the contract after they sent me documents in which they’d redacted their own AWS keys using this method.
Any attorney or law enforcement that works for the US Federal Government receives very, very comprehensive instructions on how to redact information on basically the first day of training. There is absolutely zero doubt among any of my DOGE'd friends that this was 100 percent on purpose malicious compliance.
Agreed. I worked on the Canadian side of the legal side and there is a very comprehensive process for redaction. Nobody does redaction unless they follow the process. Never seen anyone 15+ years do something silly like this in the office.
As a test, select with your mouse the entire first line of paragraph number 90, and then paste it into a text editor or a shell. The unredacted text appears!
It’s either redacted or not. There is no "bad". The text is either there or it isn’t, sorry but this is a binary option and not on a spectrum from bad to good.
Maybe “attempted” would be more accurate? I personally don’t mind the “bad”, I get what is meant by it.
But since we’re talking about accuracy: I don’t agree on redactions being binary. You can redact with a pen that under certain lighting still reveals the text; you can redact parts that are easy to reconstruct when you have additional information; you can redact with a pen color that over time loses its function; etc. The “perfect” redaction would perhaps leave no clues as to even how much text was redacted? It seems to depend on the goal and context of the redaction, whether it achieves its purpose or not.
I wasn't sure of this, even though sometimes you'd see remains of the original characters near rectangles edges.. does this mean the leaked documents have been de-redacted ?
Why would that be the case? The government isn't redacting "yes we contacted aliens" they're redacting information about military capabilities that might be of use to adversaries.
Is there a good free tool to properly redact PDFs? My workflow is to place black annotation rectangles on top and then print as PDF with "force rasterization" on. The resulting PDF files then just consist of pages with one image each. But this tends to be really suboptimal, because it's usually a grayscale or color rasterization, so file sizes are very large vs. monochrome PDFs with CCITT G3/G4 compression (which is absolutely what you want for text content, excellent compression and lossless). Post-processing PDFs to convert them to CCITT is rather annoying and I only know of CLI ways.
Tech people would be shocked and surprised to know how tech-illiterate non-tech people are. Reminds me of old days when the IT guy is AIO in some non-tech facility and is treated like god!!
Given that no U.S. or Israeli citizen apart from Epstein and Maxwell has experienced severe repercussions and Andrew Windsor is the perfect fall guy, there is the possibility that nothing will be revealed from these uncovered redactions.
The releases haven't yielded anything so far. For all we know, Epstein used other methods of communications for the really sensitive stuff. This would not be a surprise, since the whole Maxwell family was deep into tech (Magellan, Chiliad) and Ehud Barak was the head of Israeli military intelligence in the 1980s.
The story is going to be closed in a bipartisan manner except that it might be used to remove some unwanted politicians. The New York Times has already released an article that "explains" Epstein's wealth which names all figures that appear in "conspiracy theories" in an innocent way. Basically, they claim that Epstein could just steal from billionaires like Wexner and the billionaires would roll over and do nothing.
That is the official confirmation that all intelligence angles will be squashed in a bipartisan manner. For all we know, the "incompetence" in the redactions may be a way of saying: "See, we have nothing to hide."
Hilarious that DOJ didn’t flatten the layers so you can unredact stuff. What a clown show of incompetent idiots. Or… a skillful one over on the powers that be internally from someone who knew better but knew that they wouldn’t know … and did this to help us all
text=about them to damage their credibility when they tried to go public with their stories of being
text=Epstein also threatened harm to victims and helped release damaging stories
=attorneys' fees and case costs in litigation related to this conduct.
=Defendants also attempted to conceal their criminal sex trafficking and abuse
text=$327,497.48 and $6,487.04 in New York City
text=trafficking and abuse conduct.
text=destroy evidence relevant to ongoing court proceedings involving Defendants' criminal sex
text=Epstein also instructed one or more Epstein Enterprise participant-witnesses to
text=trafficked and sexually abused.
text=conduct by paying large sums of money to participant-witnesses, including by paying for their
Given recent high profile redaction events, I think one simple use of AI would be to have it redact documents according to an objective standard.
That should in theory prevent overly redacted documents for political purposes.
An approach that could be rolled out today would be redacting with human review, but showing what % of redactions the AI would have done, and also showing the prompt given to the AI to perform redactions.
I don't think the commentor above is saying that an AI should necessarily apply the redaction. Rather, an AI can serve as an objective-ish way of determining what should be redacted. This seems somewhat analogous to how (non-AI) models can we used to evaluate how gerrymandered a map is
Anyway, I made X-ray to analyze the millions of documents we have in CourtListener so that we can try to educate people about the issue.
The analysis was fun. We used S3 batch jobs to analyze millions of documents in a matter of minutes, but we haven’t done the hard part of looking at the results and reporting them out. One day.
> Information Leaking from Redaction Marks: Even when content is properly removed, the redaction marks themselves can leak some information if not done carefully. For example, if you have a black box exactly covering a word, the length of that black box gives a clue to the word’s length (and potentially its identity).
Does X-ray employ glyph spacing attacks and try to exploit font metric leaks?
I think the combination of AI and font-metrics is going to be wild though. You ought to be able to make a system that can figure out likely words based on the unredacted ones and the redaction's size. I haven't seen any redaction system yet that protects against this.
If there’s a way to undo huge amounts of redactions, that’d certainly be a net negative. Sort of like if encryption were suddenly broken, you wouldn’t publish a paper saying so.
Our goal has always been to educate about the problem so that it can be addressed. We didn’t have resources to push on the font metrics approach, so we stayed mostly quiet about it.
I can't state emphatically enough how this is not the right mental playbook.
If you have found a vulnerability, it's likely someone else has too. By sitting on it, you only create more future victims.
Disclosure will lead to fixing this issue, mitigating it's precense, or switching tools/workflows, possibly a combination of. Sitting on it only ensures that folks who think they are protected, actually aren't.
It’s tricky stuff and we have limited resources, unfortunately.
The linked article suggests widening redacted areas more than needed with some randomization applied to the width. Strikes me that that wouldn't do much except add a few more possible solutions.
If the redaction is a person's name, and there's nothing else to give the person's identity away, single word redaction probably works reasonably well, AI or no AI.
Of course, you can also take this further. Even if you can't recover names you can get meta information about how many parties are involved by recognizing different length redactions correspond to different entities. While same length redaction doesn't guarantee same entity it is a hint.
If you have a number such locations with alternatives then you can make a number of identifiable versions by combining alternates.
The strings oioioi and oooiii will have different widths in some fonts because character organisation matters a lot.
I think the conclusion is honestly that PDF is an outdated format for keeping records that might have to be redacted in the future, like court documents. Something reflowable like epub could have the text replaced with constant-space black squares instead no hints leaked as someone mentioned in a parallel comment.
I'm almost fully convinced that someone did this bad intentionally, together with the bad redactions, as surely people tasked with redacting a bunch of files receive some instructions on what to do/not to do?
You've phrased this as a question; I gather that you know better than to assume a modicum of competence from these people.
If I were to hazard a guess, pure speculation, I would say the unretrievable parts were court / previously redacted and the retrievable parts are the latest round of panicked rushed redactions.
Now I want a font that randomly adjusts the kerning automagically to be used by people in standard word processors not some graphics app. In this way, every time the same word appears in the document, the kerning is different between each one.
most people cannot detect differences in kerning, and must be extreme adjustments to get people to notice. even then, the words would need to be aligned above/below each other for people to see the differences. however, a computer program analyzing the size of a bounding box would notice single pixel differences. so randomly adjusting the kearning per word by pixels between each letter would go unnoticed by the vast majority of readers, but could play absolute havoc with algos trying to decipher possible word combos based on bounding box size.
Why should anyone involved retain any anonymity?
I’m asking in good faith because naively it seems like this should not even exist. All of it should be exposed.
EDIT: I did not think about the innocent folks that might be caught in the crossfire. That checks out. Thanks everyone!
David Leigh then published the decryption key in his 2011 book about Wikileaks (for some reason) and the info became publicly available. Everyone pinned the blame on Assange.
Moral of the story: journalists can and will disclose ridiculously sensitive info you give them for a bit of fame and you should be extremely careful about covering your tracks.
It generally prohibits other redactions, and expressly prohibits redactions for embarassment, reputational harm, or political sensitivity.
Of course, there is considerable concern that the actual reactions do not appear to comply with the legal requirements.
Specifically, a number of Epstein victims have complained that the release was unacceptable because it was incomplete, illegally redacted material other than victim names which was not excepted from release under the law mandating release, and because it failed to redact victim identities required to be protected under the law mandating release.
What would be the fallout? The Democrats are complicit, the regime all but controls the judiciary (at least the Supreme Court.) And a lot of these guys are billionaires and untouchable anyway unless someone does a Luigi on them. They have the ability to just brute force past the controversy and yet they've chosen to attempt the most ridiculously inept coverup possible.
On the one the sheer stupidity of this administration and its incompetence at implementing fascism means that as bad as things are they could be much worse. On the other hand I fear that once JD Vance or someone just as evil but without Trump's instability takes power we're going to wish we'd done something more when we had the chance.
This case is so important and such a clusterfuck that the files need to be opened anyway.
So yes this is best explanation. Revealing everything might bring great harm to innocent people just because they were somehow mentioned in the documents.
Just add all the experience we already have with “internet investigators” that ruin people lives for petty reasons.
I think governments should not be able to hide information from citizens in general. I don't trust those who hide stuff while being fed money from the taxpayers - that is a modern form of slavery.
PDF redaction fails are everywhere and it's usually because people don't understand that covering text with a black box doesn't actually remove the underlying data.
I see this constantly in compliance. People think they're protecting sensitive info but the original text is still there in the PDF structure.
It's not hard to imagine some powerful LLMs being able to undo some light redactions that are deducible based on context
Whoever did these "bad" redactions doesn't even know how to use a PDF Editor.
We have paralegals and lawyers "mark for redaction", then review the documents, then "apply redactions". It's literally be done by thousands of lawyers/paralegals for decades. This is just someone not following the process and procedure, and making mistakes. It's actually quite amateurish. You should never, ever screw up redactions if you follow the proper process. Good on the X-ray project on trying to find errors.
I just want to add, applying black highlights on top of text is in fact, the "old" way of redaction, as it was common to do this, and then simply print the paper with the black bars, and send the paper as the final product.
Whoever did it is probably old, and may have done it thinking they were going to print it on paper afterwards!! Just guessing as to why someone would do this.
Especially with the "draw a black box over it" method, the text also stops being trivially mouse-selectable (even if CTRL+A might still work).
Another possibility is, of course, that whoever was responsible for this knew exactly what they were doing, but this way they can claim a honest mistake rather than intentionally leaking the data.
Yes; that's presumably included in being "amateurish" and "not following proper process".
https://www.justice.gov/multimedia/Court%20Records/Matter%20...
As a test, select with your mouse the entire first line of paragraph number 90, and then paste it into a text editor or a shell. The unredacted text appears!
It´s clear that the DOJ was paying overtime, based on the number of redactions, so the agents and lawyers just roamed free...
But since we’re talking about accuracy: I don’t agree on redactions being binary. You can redact with a pen that under certain lighting still reveals the text; you can redact parts that are easy to reconstruct when you have additional information; you can redact with a pen color that over time loses its function; etc. The “perfect” redaction would perhaps leave no clues as to even how much text was redacted? It seems to depend on the goal and context of the redaction, whether it achieves its purpose or not.
hopefully this is straw that breaks the camel's back
The releases haven't yielded anything so far. For all we know, Epstein used other methods of communications for the really sensitive stuff. This would not be a surprise, since the whole Maxwell family was deep into tech (Magellan, Chiliad) and Ehud Barak was the head of Israeli military intelligence in the 1980s.
The story is going to be closed in a bipartisan manner except that it might be used to remove some unwanted politicians. The New York Times has already released an article that "explains" Epstein's wealth which names all figures that appear in "conspiracy theories" in an innocent way. Basically, they claim that Epstein could just steal from billionaires like Wexner and the billionaires would roll over and do nothing.
That is the official confirmation that all intelligence angles will be squashed in a bipartisan manner. For all we know, the "incompetence" in the redactions may be a way of saying: "See, we have nothing to hide."
text=about them to damage their credibility when they tried to go public with their stories of being text=Epstein also threatened harm to victims and helped release damaging stories =attorneys' fees and case costs in litigation related to this conduct.
=Defendants also attempted to conceal their criminal sex trafficking and abuse
text=$327,497.48 and $6,487.04 in New York City text=trafficking and abuse conduct. text=destroy evidence relevant to ongoing court proceedings involving Defendants' criminal sex text=Epstein also instructed one or more Epstein Enterprise participant-witnesses to text=trafficked and sexually abused. text=conduct by paying large sums of money to participant-witnesses, including by paying for their
That should in theory prevent overly redacted documents for political purposes.
An approach that could be rolled out today would be redacting with human review, but showing what % of redactions the AI would have done, and also showing the prompt given to the AI to perform redactions.