Legal professionals redact documents every day — for discovery production, court filings, client-facing correspondence, and materials shared with opposing counsel. The volume is relentless, and the stakes are high. Expose a client's Social Security number in a public filing, or inadvertently reveal privileged communication in a discovery batch, and the consequences range from court sanctions to malpractice claims.
For law firms running on Mac, the challenge is finding redaction tools that are both powerful enough to handle real legal workflows and practical enough for daily use. This guide covers what you must redact, why the wrong approach can be catastrophic, and how to build a reliable redaction workflow on macOS.
Redaction obligations arise across nearly every area of legal practice. Understanding which rules apply helps determine how carefully you need to work.
Court filings under FRCP Rule 5.2. The Federal Rules of Civil Procedure require that documents filed in federal court have certain personal identifiers truncated. This is not optional and not discretionary — it applies automatically to every electronic filing. Failing to comply can result in the court ordering the document removed from the public record, or worse, sanctions.
Discovery production. When producing documents to opposing counsel, attorneys must identify and redact privileged content, work product, and confidential third-party information not relevant to the litigation. Redaction logs are often required alongside the production to document what was withheld and why.
FOIA responses. Government lawyers and agencies responding to Freedom of Information Act requests must redact exempt categories — including personal privacy, law enforcement sensitive information, and deliberative process materials — before releasing documents.
Client-facing documents. Sending a client a document that contains another client's confidential information is a serious ethics violation. Contracts, settlement agreements, and litigation files regularly contain sensitive identifiers from multiple parties that must be cleaned before sharing.
Settlement agreements and transactional documents. Financial terms, account numbers, and personal identifiers in settlement agreements may need to be redacted before the document is filed with a court or shared more broadly.
Federal rules and common legal practice establish specific standards for what gets redacted and how much must be removed. Partial redaction — leaving identifiable fragments — is often just as bad as no redaction at all.
Beyond these mandatory categories, attorneys must also redact attorney-client privileged communications, work product, and information subject to protective orders — which requires judgment and document review, not just pattern matching.
The most consequential mistake in legal redaction is treating it as a visual exercise. When an attorney draws a black rectangle over text in a PDF using a standard annotation tool, the text underneath is not deleted — it is merely hidden. The underlying data remains fully intact in the file structure and can be extracted trivially.
This is not a theoretical vulnerability. It has happened in high-profile legal cases with serious consequences.
In the Paul Manafort case, court filings where counsel applied visual black boxes over sensitive text were immediately compromised when reporters and researchers copied the "redacted" text directly from the PDF. The information that was supposed to be protected — details about cooperation with prosecutors — became publicly available within hours of filing.
The pattern repeated in the Jeffrey Epstein documents, where supposedly redacted names and addresses in court records were revealed by simply removing the annotation layer. Hundreds of individuals who expected their identities to be protected were exposed. You can read a detailed breakdown of how these failures happened in our analysis of real-world redaction failures.
True redaction requires permanently deleting the text from the PDF's content stream — not covering it with an opaque shape. Any tool that does not modify the underlying file structure is not performing redaction. It is performing concealment, and concealment fails.
After applying any redaction, verify the result: open the redacted PDF, attempt to select text in the redacted areas with your cursor, and search for known terms using Cmd+F. If the search returns results, or if you can select and copy the supposedly hidden text, the redaction did not work.
Two tools dominate the conversation for serious legal redaction on macOS: Adobe Acrobat Pro and BlurData. They represent very different approaches to the same problem.
Adobe Acrobat Pro ($240/year) has been the industry standard for PDF work for decades, and its redaction feature is mature and court-tested. Acrobat's Redact tool permanently removes content from the PDF structure when applied correctly, and the software supports searching for text patterns to mark multiple instances at once. The drawbacks are cost and complexity. At $240 per year per seat, a firm with ten attorneys is paying $2,400 annually just for PDF software. The interface is also dense — finding and using the correct redaction workflow (not the annotation tools that look similar but do not actually redact) requires training. Acrobat also requires a cloud connection for licensing, which raises questions for firms handling highly sensitive materials.
BlurData ($29 one-time) is a macOS-native app purpose-built for redaction. Rather than being a full PDF editor with redaction bolted on, BlurData is focused entirely on identifying and removing sensitive information. It uses on-device machine learning to automatically detect common PII categories — names, addresses, Social Security numbers, financial account numbers, dates of birth, email addresses, phone numbers, and more — without sending documents to any server. For legal professionals, the key advantages are the automatic detection (which reduces the risk of missing sensitive data during manual review), the batch processing capability for discovery production, and the one-time $29 price that makes per-seat deployment practical for any size firm. See our separate guide on redacting PDFs on Mac without Adobe for a broader comparison of available tools.
| Tool | Price | Auto-Detect PII | True Redaction | Batch Processing | Fully Offline |
|---|---|---|---|---|---|
| Adobe Acrobat Pro | $240/year | Limited | Yes | Yes | No (cloud licensing) |
| BlurData | $29 one-time | Yes | Yes | Yes | Yes |
| macOS Preview | Free | No | Yes (Sonoma+) | No | Yes |
BlurData is designed for exactly the kind of high-volume, accuracy-sensitive redaction work that legal practice demands. Here is the complete workflow.
For large discovery productions, batch PDF redaction on Mac is covered in detail in our dedicated guide, including how to organize outputs and maintain privilege logs alongside your redacted production.
Individual redaction proficiency is not enough. Law firms need repeatable, auditable processes that work consistently across matters and personnel. The following checklist provides a framework for a defensible redaction workflow.
Assign responsibility for each step explicitly. Redaction errors almost always occur when the process is ambiguous about who is responsible for the verification step. The attorney reviewing the final document before filing should personally confirm the verification test was completed, not assume it was done upstream.
The legal profession has paid a high price for cosmetic redaction failures — in sanctions, in exposed client data, and in reputational damage that is difficult to recover from. The technical solution is straightforward: use a tool that permanently removes content from the document, and verify the result before every filing or production.
For Mac-based law firms, BlurData provides automatic PII detection, true permanent redaction, and batch processing at $29 one-time — a fraction of the annual cost of Adobe Acrobat Pro. Because it runs entirely on your Mac with no cloud processing, there are no BAA requirements to negotiate, no NDA issues with uploading client documents to a vendor's servers, and no concern about document confidentiality in transit. Your files never leave your machine.
For a firm handling sensitive client data, that is not just a convenience — it is a compliance advantage.