top of page

Redaction versus Encryption

To conceal, or to protect? That is the question.

Traditionally, redaction has been used in scenarios requiring the concealment of specific data within a document, making it ideal for legal, medical, or public documents. The intention is to maintain the readability and context of the remaining valuable information. For example, in legal documents where personal identifiers must be hidden for privacy or in government reports where sensitive information is redacted for public release.  However, there are countless instances when redaction has failed, resulting in leaks of sensitive information and trade secrets.

Sony highly confidential information about its PlayStation business has just been revealed by mistake. As part of the FTC v. Microsoft hearing, Sony supplied a document from PlayStation chief Jim Ryan that includes redacted details on the margins Sony shares with publishers, its Call of Duty revenues, and even the cost of developing some of its games.

Advances in cybersecurity have led Confidencial to the development of 'Selective Encryption,' a patented technology that allows organizations and users to control and choose the extent of encryption down to specific words or paragraphs. This method provides enhanced data protection over traditional concealment techniques. The effectiveness of Selective Encryption is further amplified when it is coupled with the capability to automatically identify and selectively encrypt sensitive data, thereby eliminating the need for any end-user actions. Confidencial stands out as the sole provider of this innovative solution. Without Confidencial's unique Selective Encryption technology, secure and efficient redaction, including partial redaction, would not be feasible while maintaining only a single copy of the document.

Encryption secures data from creation to transmission, consumption, and storage. As cyber-attacks rise in volume and cost, and face the fast-approaching threat of quantum computing, the usage of these methods may shift. So understanding the nuances between redaction and encryption is vital when protecting sensitive and often unstructured data, as their approaches and effectiveness vary significantly. 

5 Key differences between redaction and encryption:

1. Method of Data Protection

  • Redaction is an approach that removes or obscures specific information. 

  • Encryption, on the other hand, is a more technical process. It encodes the data, making it inaccessible without the correct decryption key.

2. Security Level

  • Redaction is less secure because it can leave traces of the underlying data intact and recoverable for malicious actor use.

  • Encryption offers a higher level of security by altering the data itself. Even if intercepted, the encrypted data remains secure against cyber-attacks, rendered unreadable and useless.

3. Reactive vs Proactive

  • A document is redacted whenever it must be shared. This addresses privacy concerns after the fact, and therefore, reactive in nature.

  • Encrypting data at the point of creation ensures sensitive information is secured immediately, reducing the risk of unauthorized access from the outset.

4. Automation and Efficiency

  • Redaction can be labor-intensive and prone to human error, especially in large documents where sensitive information can be easily overlooked.

  • Automated encryption solutions, such as those provided by Confidencial, streamline data protection, ensuring consistent and efficient security without manual intervention.

5. Version Control

  • Once a document is redacted, the original version is often inaccessible. This makes tracking changes or reverting to an earlier version difficult. On the flip side, you rhave to retain unredacted versions of the document, then various additional versions for different audiences, and lose track of the latest.

  • Encrypted documents maintain version control, regardless of what content each viewer can access. This means that changes are tracked and previous versions can be accessed securely, allowing for greater flexibility and auditing. 

While traditional redaction still has its place, the evolution to leveraging advanced and post-quantum-ready encryption marks a pivotal shift in data security. This transition is not merely about safeguarding data; it's an essential strategy for maintaining information integrity in a landscape increasingly defined by sophisticated digital challenges, while ensuring secure and seamless ways to collaborate. As technological threats like quantum computing emerge, robust, automated, and future-oriented protection becomes crucial for effectively navigating and securing sensitive data.

Download our whitepaper, 'Protecting Sensitive Data with Policy-Based Selective Encryption,' by Karim Eldefrawy, Ph.D., Co-founder and CTO of Confidencial, to learn more about our Selective Encryption.

112 views0 comments


bottom of page