Philterd

Talk to an Expert

Tell us about your stack and the privacy problems you're trying to solve. We typically respond within one business day.

Prefer to skip the form? Pick a time on our calendar →
or send a message

← All industries

Legal & E-Discovery

PII Redaction for Legal and E-Discovery

Self-hosted redaction for law firms, in-house legal teams, and e-discovery platforms. Automate the rules-of-court redactions (FRBP 9037, FRCP 5.2), handle PDFs properly, and put structured exemption codes into your audit trail.

Or deploy Philter yourself →

The legal redaction problem

Legal redaction is the area where “we’ll just draw black boxes over the text” has caused more public PII leaks than any other single bad pattern. Court filings keep going out with redactable PDFs where the original text is recoverable by copy-paste. E-discovery teams spend associate hours manually finding SSNs in 50,000-page document productions. Privilege review keeps producing inconsistent outcomes because each reviewer makes slightly different calls.

The Philterd toolkit handles the structural redaction step properly — real text removal, not visible-rectangle theater — and pairs it with a human review surface for the calls that genuinely need a lawyer’s judgment.

How Philterd handles legal

FRBP 9037 / FRCP 5.2 automation

Last 4 of SSN/TIN, year-only DOB, last 4 of account numbers, initials for minors. Ready-made policy. Per-document audit log of what was detected and how it was treated.

True PDF redaction

Removes text from every PDF layer (text stream, OCR layers, form fields, JavaScript visibility, metadata, attachments) — not the rectangle-on-top trick that famously leaks. Validates that no recoverable text remains.

Human-in-the-loop review

Arbiter gives reviewers a structured interface to accept, override, or annotate every automated detection with exemption codes. Audit trail attaches the reviewer’s name to every decision.

Per-document audit trail

Every detection, every modification, every reviewer action logged with timestamp and identity. The audit log is the artifact the court (or the bar) accepts.

Integrates with e-discovery platforms

Drop into pipelines that produce documents for Relativity, Logikcull, Everlaw, DISCO, or any other e-discovery platform. Pre-process before reviewer queue; reduce associate review time on mechanical redactions.

Open source, auditable

Apache 2.0. Your security team and your IT director can audit every detection path. No black box vendor in the data flow.

Ready-to-use policies

Apache 2.0 policies from the open source policy library — download and load into your Philter instance.

Browse the full policy library →

Recent writing on legal

The Hidden Difficulties of Redacting PDF Documents

PDFs leak redacted text in ways most people don't anticipate — invisible text layers, embedded files, attached portfolios, metadata, the works. A deep dive into why PDF redaction is harder than it looks, with famous failures and Philter's approach.

All blog posts →

Where legal teams start

  1. Pick the highest-volume manual redaction task. Usually bankruptcy schedules (FRBP 9037), divorce filings, immigration documents, or e-discovery productions. The one your paralegals spend the most hours on.
  2. Deploy Philter into your firm’s infrastructure (or via the AWS Marketplace if you don’t have an existing deployment platform).
  3. Apply the relevant rules-of-court policy from the library. Tune patterns for case-management-system identifiers (case numbers, party IDs, file references).
  4. Run a representative production through it and have an associate or senior paralegal validate the output. This becomes your calibration set.
  5. Wire into the production workflow — pre-review redaction queue, attorney spot-check, then to filing. Add Arbiter when the workflow needs explicit per-reviewer attestation.

Common deployments

1. Bankruptcy practice. A firm doing volume bankruptcy work spends 10-15 hours per case on FRBP 9037 redaction across schedules, statement of financial affairs, and proof-of-claim filings. Automation cuts that to under 30 minutes of attorney review per case, with a per-document audit trail.

2. E-discovery productions. Pre-process documents through Philter before they hit the reviewer queue. The mechanical redactions (SSN, account numbers, personally identifiable financial data) are handled automatically; reviewers focus on the privilege and relevance calls that need human judgment. Architecture write-up here.

3. Court-filing preparation for in-house legal teams. Corporate legal departments preparing documents for filing or subpoena response. Run through Philter; lawyer reviews; file. Eliminates the “did the paralegal catch all the SSNs?” anxiety on every batch.

What teams need to be careful about

  • PDF redaction is genuinely harder than it looks. Every few months a major organization leaks PII via “redacted” PDFs because the underlying text is still in the file. The PDF redaction post walks through the failure modes; the short version is: rectangles over text don’t remove text.
  • Court rules vary by jurisdiction. FRBP 9037 covers federal bankruptcy. FRCP 5.2 covers federal civil. State courts have their own (often similar but not identical) rules. The library policies are federal-baseline; verify against your specific court’s requirements.
  • Attorney responsibility doesn’t transfer to the tool. Automated redaction reduces manual work but doesn’t eliminate the lawyer’s duty to verify accuracy of filings. The audit trail helps; it isn’t a substitute for review.

Build PII redaction into your legal pipeline

Manual redaction is one of the highest-cost line items in legal operations and one of the highest-risk failure modes when it goes wrong. Talk to the engineers about whether your highest-volume workflow can be automated.

Or deploy Philter yourself →