New TSA tool helps agencies delete confidential data from public documents

A Transportation Security Administration invention that automates what was a 15-step process for redacting sensitive information from public documents is now a popular tool in the intelligence community, the agency's chief information officer says.

This week a cybersecurity professional association honored TSA CIO Emma Garrison-Alexander for spearheading the creation of the computer program, an enhancement of Adobe's redaction toolbar.

"It's extremely important that we do not expose sensitive data intentionally or unintentionally," Garrison-Alexander said in an interview, after receiving a U.S. Government Information Security Leadership Award from (ISC)2 on Tuesday night. "The redaction tool gave us a level of assurance that the information is really redacted . . . Now it's available not just to government, but to anyone anywhere Adobe is used."

In 2009, the agency attracted sneers when it accidentally leaked confidential information in a manual detailing who to pull aside for extra screening at airports. Staff compiling a public version of the procedures failed to properly cut the sensitive security information before releasing the file.

Today, the intelligence community is using the tool on classified information. Garrison-Alexander said the technology could help agents comply with this month's executive order directing departments to tighten controls on classified computer networks without sacrificing interagency collaboration. The policy was prompted by allegations that a military insider was responsible for transferring troves of confidential Defense and State department files to the anti-secrets website WikiLeaks.

The new program, while computerized, requires the careful eye of experts who understand both the public mission of the office releasing the information as well as privacy and security constraints, according to Garrison-Alexander. "The information that needs to be removed or made essentially invisible to the eye is determined by people who have expertise in where the document is coming from," she said.

The technology includes artificial intelligence in the way of keyword searches and the ability to strike a document's meta data, or hidden labels, including the original name of the file when it was saved or people blind-copied on emails.

TSA staff review thousands of documents for possible release in response to Freedom of Information Act requests, procurement inquiries and other industry requests.

Garrison-Alexander could not quantify the cost savings generated by the automation or the number of personnel freed up to handle other tasks. But she said managers either apply the extra resources to handle additional files or finish more work elsewhere.

In addition to designing the software, Garrison-Alexander's team trained the subject matter experts on how to permanently blacken sensitive material so that it will not show up if people cut and paste the text or use other editing software in an attempt to decipher it.