What does FRCP 5.2 require you to redact?

FRCP 5.2 requires that four categories of personal information be partially redacted from all federal court filings: Social Security numbers and taxpayer identification numbers (show only last four digits), dates of birth (show only the year), financial account numbers (show only last four digits), and names of minors (use initials only). This applies to all documents filed electronically or on paper, including pleadings, motions, exhibits, and transcripts.

What happens if you file an unredacted SSN in federal court?

The court may strike the document from the record, require a corrective filing, impose sanctions, or award attorney's fees to the affected party. The unredacted document may also remain accessible on PACER even after a corrective filing, since copies may have already been downloaded. The responsibility for redaction rests entirely with the filing attorney — court clerks are not required to check filings for compliance with FRCP 5.2.

Does CM/ECF check for redaction errors before filing?

No. CM/ECF does not scan documents for unredacted personal information. The system accepts filings as submitted without verifying FRCP 5.2 compliance. The Advisory Committee Notes to Rule 5.2 explicitly state that the clerk is not required to review documents for compliance. The burden falls entirely on the filing party and their counsel.

How do you verify a PDF is properly redacted before filing?

A proper pre-filing check should verify that no full SSNs, EINs, ITINs, or dates of birth remain in the document's text layer. It should also confirm the PDF meets CM/ECF technical requirements — text-searchable, correct page size, not encrypted, and within the court's file size limit. Additionally, check for hidden metadata, embedded comments, and file attachments that could leak privileged information. Tools like FRCP Checker can automate this verification step before you upload to CM/ECF.

FRCP 5.2 Redaction Failures in Federal Court

Filing an unredacted document in federal court isn't a typo you can fix with an errata. Once a PDF hits CM/ECF, it's on PACER, searchable, downloadable, and accessible to anyone with an account. If a full Social Security number or date of birth slips through, the damage is already done.

FRCP 5.2 is clear about what needs to be masked before filing: SSNs and tax IDs reduced to the last four digits, dates of birth reduced to the year only, financial account numbers reduced to the last four digits, and names of minors reduced to initials. The rule is straightforward. The failures happen anyway, more often than most attorneys realise.

Paralegals searching for "FRCP 5.2 checklist," "how to redact SSN in federal court," or "CM/ECF redaction requirements" are usually looking for one thing: confirmation that nothing was missed before filing. This article covers what happens when something is.

22,000 Exposed SSNs Across Federal Courts

In 2024, the Judicial Conference published a study conducted by the Federal Judicial Center that analysed nearly 4.7 million PACER documents filed across 37 randomly selected days in 2022. The findings were sobering: over 4,500 documents contained at least one unredacted Social Security number, exposing an estimated 22,391 SSNs belonging to roughly 8,300 individuals. Approximately 72% of those SSNs appeared to be in direct violation of the privacy rules, not exempt, not waived, just missed.

The study also surfaced a pattern that anyone who has done document review will recognise: the failures are concentrated. A single document filed in one civil case contained 733 unredacted SSNs. In another case, a document with 3,099 SSNs was filed twice. The filer had attempted to redact by covering the numbers with a black box, but the underlying text was still selectable and copyable. The black boxes were cosmetic, not structural.

This is worth pausing on, because it's one of the most common redaction failures in practice. Placing a black rectangle over text in a PDF editor changes what the document looks like on screen, but it doesn't remove the text from the file. Anyone can select, copy, and paste the "redacted" content into a plain text editor.

The Epstein Files: Copy-Paste Redaction on a National Stage

In December 2025, the Department of Justice released thousands of documents related to its investigation of Jeffrey Epstein. Within hours, users on social media discovered that portions of the redacted text could be recovered by simply highlighting the blacked-out areas, copying, and pasting into another document. Others found that adjusting the brightness and contrast on scanned images could reveal text beneath semi-transparent redaction overlays.

The DOJ attributed the failures to "technical or human error." But the consequences were immediate and serious. Lawyers representing nearly 100 Epstein victims filed an emergency request for judicial intervention, reporting that victims' names, email addresses, banking information, and even unredacted nude photographs had been exposed on the public docket. One victim reported receiving death threats after 51 entries containing her private banking information were published. The DOJ ultimately withdrew several thousand documents for re-processing.

The Epstein redaction failure wasn't a FRCP 5.2 issue specifically, it involved a broader range of sensitive material. But it illustrates the same fundamental problem: visual redaction is not the same as structural redaction. If the text still exists in the file's data layer, it's not redacted. It's decorated.

A Missed SSN Is Permanent

Once a document is filed on CM/ECF, it becomes available on PACER. Anyone with an account can download it. Even if the court later orders the document sealed or replaced with a redacted version, copies may already have been downloaded and cached. PACER is not retroactive privacy, it's a publication system. Sealing a document after the fact closes the door, but it doesn't recall the copies that already walked out.

This is why pre-filing verification matters more than post-filing remediation. A corrective filing can limit future exposure, but it cannot undo the window during which the unredacted document was publicly accessible.

The Malpractice Question Nobody Wants to Answer

Courts have been explicit about where the responsibility sits. The Advisory Committee Notes to FRCP 5.2 state that "the clerk is not required to review documents filed with the court for compliance with this rule. The responsibility to redact filings rests with counsel and the party or nonparty making the filing."

This means there is no safety net. CM/ECF will not flag an unredacted SSN. The clerk's office will not catch it. If a full date of birth ends up on PACER, the filing attorney, and by extension, the paralegal who prepared the document, bears the responsibility.

The consequences vary by jurisdiction, but courts have the authority to strike the document, require a corrective filing, impose sanctions, or award attorney's fees. In Wisconsin, the court can sanction redaction violations as contempt. Several legal commentators have noted that clients could potentially bring malpractice claims against attorneys whose failure to redact results in identity theft or other harm, though this theory hasn't been definitively tested in most jurisdictions.

Even without formal sanctions, the practical consequences are significant. A corrective filing means delay. A document struck from the record means scrambling to re-file under deadline pressure. And a judge who notices a redaction failure will remember it, it can affect how the court perceives your attention to procedural compliance.

Why It Keeps Happening

Most FRCP 5.2 failures aren't caused by attorneys who don't know the rule. They're caused by workflows that don't have a verification step.

The typical scenario: a paralegal redacts a 40-page discovery response using Adobe Acrobat or a similar tool. They apply black boxes or use the Mark for Redaction tool. They're working under deadline pressure, often handling multiple documents in the same production set. The attorney reviews the filing for substantive content but doesn't check whether the redaction is structurally sound, whether the underlying text has actually been removed from the PDF's data layer.

The document gets filed. The redaction looks correct on screen. But a full SSN on page 23 was missed, or a date of birth in an exhibit attachment wasn't caught, or the "redacted" content is still copyable because the filer used annotation tools instead of true redaction.

Three patterns account for most of the failures. First, cosmetic redaction, using drawing tools, highlight overlays, or black rectangles that sit on top of the text without removing it. Second, inconsistent coverage, redacting an SSN on page 3 but missing the same number when it reappears in an exhibit on page 31. Third, metadata leakage, the document's author field, tracked changes, or comment annotations containing privileged information that survives the "redaction" process entirely.

Tools that rasterise the PDF output, converting text layers into flat images, eliminate the first and third problems structurally. There's no text layer to copy, no metadata to leak. (This is the approach PromptSafe PDF takes.) But rasterisation alone doesn't catch missed items, which is why a verification step before filing still matters.

What a Pre-Filing Check Looks Like

The gap in most workflows isn't the redaction itself, it's the absence of a verification step between redaction and filing. The paralegal finishes redacting, and the next step is uploading to CM/ECF. There's no systematic check for whether anything was missed.

A proper pre-filing review would verify that no full SSNs, EINs, ITINs, or dates of birth remain in the document's text layer. It would also confirm that the PDF meets CM/ECF technical requirements, text-searchable, correct page size, not encrypted, within the file size limit. And it would flag hidden content that could leak privileged information: author metadata, embedded comments, annotations, and file attachments.

Doing this manually on every document in a production set is time-consuming but essential. The alternative is filing the document and hoping nothing slipped through, which, as the FJC study shows, is a risk that materialises thousands of times across the federal docket.

Workflow Gap

The missing step in most redaction workflows isn't effort - it's verification.

Before uploading to CM/ECF, run a structural check. Confirm that no full SSNs, EINs, ITINs, or dates of birth remain in the document's text layer. Confirm the file isn't encrypted. Confirm it meets the court's technical requirements.

That check takes seconds, and it prevents the kind of exposure documented in the Federal Judicial Center's study.

Run a final FRCP 5.2 verification check before you file.

We built FRCP Checker to serve as that final verification step. It scans your redacted PDF for Rule 5.2 formatting violations and common CM/ECF filing issues before you upload. Everything runs locally in your browser. No uploads. No account required.

Use the FRCP Checker for free →

This article is for informational purposes only and does not constitute legal advice. Court rules vary by district - always verify compliance with your jurisdiction's local rules before filing.