Redaction & Ethics Policy¶
This policy is maintained by Kevin Bass, Ph.D. For the author's background and credentials, see the Press Kit.
Last updated: 2025-11-27
This page explains how this site handles publication, redactions, privacy, and corrections. It is intended to maximize transparency while minimizing avoidable harm.
1) Purpose¶
- Publish documents and summaries so readers can evaluate primary sources themselves.
- Separate factual description from interpretation and clearly label each.
- Provide a predictable process for privacy, redactions, and corrections.
2) What is published¶
- Primary documents (e.g., letters, emails, filings) in PDF where permitted.
- Summaries describing what a document is, when it was created, and why it is relevant.
- Links to external sources (e.g., DocumentCloud) where materials are hosted for durability.
3) Legal basis for redactions¶
Redactions are guided by applicable statutes and privacy doctrines, including:
- Texas Public Information Act (TPIA)
- §552.137: Email addresses of members of the public are confidential
- §552.136: Financial account numbers and access device information
- §552.130: Motor vehicle records and license information
- §552.147: Social Security numbers
- §552.114: Student education records (FERPA cross‑reference)
- Family Educational Rights and Privacy Act (FERPA)
- 34 CFR 99.3, 99.30–99.31: Student education records and personally identifiable information
- Health Insurance Portability and Accountability Act (HIPAA)
- 45 CFR 164.514(b)(2): Protected health information identifiers
- Texas common‑law privacy
- Dates of birth of living persons; personal financial information; home addresses/phones
4) What I redact¶
Removed or masked when not essential to public understanding: - Statutory identifiers: SSN; driver's license/state ID; license plate/VIN; bank/access numbers - Education‑record PII of other students: names, student numbers, schedules, grades, discipline files - Protected health identifiers about other people - Strong personal privacy: dates of birth; home addresses; personal phone numbers; personal emails of private citizens (including my own personal phone and home address) - Third‑party trade secrets (if present in attachments) - Email metadata noise: DKIM/SPF/DMARC authentication headers, internal message routing, X-headers, and similar technical metadata that adds no evidentiary value - Attorney–client confidentiality disclaimers: Standard footer boilerplate (e.g., "This communication originates from an Attorney and may contain confidential information…") is retained for context but does not waive any privilege
5) What I keep¶
- Names/titles of public officials and their official work emails (e.g.,
@ttuhsc.edu,@ttu.edu) when part of agency records - Case dates, docket numbers, request/response letters, final policy documents
- Official government email addresses (e.g.,
@ttuhsc.edu,@ttu.edu,@oag.texas.gov,@ed.gov) - Public records and official communications; official case numbers and procedural information
- Email thread metadata (Message-ID, thread/conversation ID, timestamps) for chain-of-custody and authenticity purposes
- Attachment filenames and sizes (content redacted separately per above rules)
- My public email address (
kbassphiladelphia@gmail.com) as it appears in official correspondence headers
6) Redaction method & tokens¶
Method. Black‑box redaction applied to PDFs and, where necessary, to page text/transcripts. Redactions in text are marked with standardized tokens.
Tokens.
| Token | Meaning |
|---|---|
[REDACTED – SSN] | Social Security number |
[REDACTED – DL] | Driver's license / state ID |
[REDACTED – BANK] | Account/financial access number |
[REDACTED – DOB] | Date of birth |
[REDACTED – EMAIL-PUBLIC] | Personal email address of a private individual |
[REDACTED – FERPA-STUDENT] | Other student's education record information |
[REDACTED – HIPAA-PHI] | Protected health information about someone else |
[REDACTED – HOME-ADDR] | Home address |
[REDACTED – HOME-PHONE] | Personal phone |
[REDACTED – TRADE-SECRET] | Third‑party proprietary detail |
[REDACTED – METADATA] | Technical email headers (DKIM, routing, etc.) |
7) Redaction process¶
High‑level steps: 1. Collect the original email/PDF to a private folder (not published) 2. Scan for sensitive data using automated patterns 3. Redact: replace sensitive text with tokens in HTML; draw black boxes on PDFs and flatten 4. Scrub metadata from PDFs (author/tool/timestamps) 5. Log: generate a redaction log for each exhibit (what was removed and why) 6. Publish only sanitized copies; originals remain private
7.1) Text documents (HTML/Markdown/Email)¶
- Pattern matching using regex against privacy categories
- Email domain filtering (allow official domains, redact personal)
- Token replacement with standardized markers
- SHA‑256 hashing for integrity verification
7.2) PDF documents¶
- Text extraction and pattern matching
- Burn‑in redaction with black rectangles; remove underlying text
- PDF flattening to prevent alteration
- Metadata stripping (author, creation dates, etc.)
7.3) Quality assurance¶
- Automated pre‑publication scans for missed sensitive data
- Manual review for context‑dependent redactions
- Redaction logs documenting every change; SHA‑256 integrity verification
8) Redaction logs¶
Each published document includes a JSON log at /redaction_logs/{doc-id}.json containing: - Original and redacted file hashes - List of all redactions performed - Legal basis citations - Review timestamps
9) Privacy & safety¶
- I avoid publishing direct contact info for private individuals where not essential.
- I do not publish medical info or other high‑sensitivity data beyond what is strictly necessary for context.
10) Corrections & updates¶
To request a correction, please use the Corrections form (preferred) or email kbassphiladelphia@gmail.com with the page URL, the exact text in question, and the proposed correction. Include documentation supporting the request (e.g., copy of the document). I aim to respond within 7 days. Substantiated factual errors will be corrected promptly and annotated on the page with a timestamp.
Versioning: Substantive edits will be noted as “Updated” with date. Prior text may be preserved in a changelog when appropriate.
11) Takedown requests¶
- I consider removals when disclosure causes disproportionate harm or contains sensitive personal information that is not essential for public understanding.
- Requests should identify the specific harm and the exact content to remove. I generally prefer targeted redaction over removal.
12) Authenticity of documents¶
- Unless stated otherwise, documents are reproduced as received. Metadata (dates, senders) are quoted from the document itself where available.
- If authenticity is disputed, I will annotate the page to reflect the dispute and publish additional context when available.
13) Conflicts of interest & funding¶
- The site is independently published. Where third‑party funding or legal assistance pertains to a given document or page, I will disclose it inline or on this page.
14) Contact¶
- Corrections & redactions: kbassphiladelphia@gmail.com
- General inquiries: kbassphiladelphia@gmail.com