How to Properly Redact Sensitive Information for AI Chatbots

Using AI chatbots like ChatGPT to summarize sensitive documents such as bank statements or medical reports carries privacy risks, even when users attempt to redact personal information. While many assume that blacking out text with a PDF highlighter tool is sufficient, this method leaves data vulnerable to recovery. Proper redaction requires destroying the underlying text within the file’s code, a process that most basic PDF viewers do not support. Apple’s Preview app on macOS includes a built-in redaction tool that permanently removes selected text, making it unrecoverable. Users must first duplicate the document, apply redactions to the copy, save it, and then close the file to finalize the deletion. Simply saving is not enough—the redaction only takes effect upon closing the document. Windows users lack a native tool with this capability but can use third-party options like Adobe Acrobat Pro or the free PDFgear software, which offer similar permanent redaction functions. Even with correct redaction, uploading documents while logged into an AI account links the file to that user’s identity, so true anonymity requires logging out or using an anonymous session. Stripping PDF metadata—such as author name or device information—before upload helps prevent accidental exposure of identifying details through hidden file properties.

The Limits of Visual Redaction in PDFs

Many users attempt to redact sensitive information by drawing black bars over text using a PDF reader’s annotation tools, such as a pen or highlighter. While this obscures the content from casual viewing, it does not alter the underlying data. Selecting the blacked-out area and copying it can often reveal the original text, and advanced PDF editors can remove the markings entirely. This approach is comparable to covering text with tape—it may look hidden, but it offers no real protection against data recovery. Relying on such methods before uploading documents to AI chatbots leaves personally identifiable information exposed, despite the user’s intention to safeguard privacy.

How to Properly Redact Text Using Preview on macOS

The correct method involves using a tool that destroys the text at the file level. Apple’s Preview app, the default PDF reader on Mac, includes a redaction function that permanently deletes selected content from the document’s internal structure. To use it, users should first make a copy of the PDF to preserve the original. Opening the copy in Preview, they can access the redaction tool via the Tools menu. After confirming a warning that the action is permanent, they can select text such as names, addresses, phone numbers, or Social Security numbers. As they drag the cursor over the text, black bars with grey X’s appear, marking the content for deletion. The redaction is not finalized until the document is closed—saving alone does not erase the data. Once closed and reopened, the redacted text appears as permanent black lines and is no longer recoverable.

Redaction Options for Windows Users

Windows users do not have a built-in PDF viewer with redaction capabilities, as Microsoft Edge lacks this feature. However, several third-party applications provide reliable alternatives. Adobe Acrobat Pro offers a trusted, subscription-based solution with robust redaction tools designed for security and compliance. For a free option, PDFgear includes a redaction function that operates similarly to Preview’s, allowing users to mark and permanently remove text. These tools ensure that redacted content is not merely hidden but eliminated from the file’s code, meeting the standard needed for safe sharing with AI services.

Additional Steps to Protect Identity When Using AI Chatbots

Even with properly redacted documents, uploading files while logged into an AI account can link the content to the user’s identity. Platforms like ChatGPT associate uploads with the logged-in account, meaning that although the file may not contain exposed personal data, the act of uploading still ties it to the user. To maintain anonymity, individuals should avoid logging in when sharing sensitive files. PDFs often contain metadata—such as the author’s name, organization, or device details—that can survive redaction and reveal identifying information. Using tools to strip this metadata before upload adds another layer of protection. Services like Kaspersky’s metadata removal guide or built-in features in PDF editors can help eliminate these hidden traces.

Taking the time to redact documents correctly—by destroying data rather than masking it—and managing account and metadata risks significantly reduces the chance of exposure when using AI chatbots for document analysis. As AI tools become more integrated into personal and professional workflows, understanding these privacy safeguards is essential for maintaining control over sensitive information.