The Gap
Online PDF redaction is broken in two distinct, well-documented ways:
1. Privacy Violation via Server Uploads
Every major free tool (Smallpdf, ILovePDF, Sejda, PDFescape) requires uploading sensitive documents to their cloud servers. For the legal, medical, and financial professionals who most need redaction, this is a hard blocker — uploading a contract, patient record, or financial statement to a random SaaS server violates GDPR, HIPAA, and basic data hygiene.
2. Fake Redaction (The Bigger Problem)
Most free tools simply draw a black rectangle on top of the PDF as a visual layer. The underlying text data remains in the file structure. This is trivially reversible: select-all → copy → paste exposes everything "hidden." This is a documented security failure responsible for real legal and compliance incidents.
The result: A clean, free, truly local tool does not exist. Adobe Acrobat Pro ($23/mo) is the only trustworthy option; every free alternative is either a privacy risk or a security theatre tool.
| Tool |
Price |
Uploads to Server |
True Redaction |
| Adobe Acrobat Pro |
$23/mo |
No (desktop) |
✅ Yes |
| Smallpdf Redact |
$12/mo |
✅ Yes |
⚠️ Partial |
| PDFescape |
Free/Paid |
✅ Yes |
❌ No (visual only) |
| Sejda |
$7.50/mo |
✅ Yes |
⚠️ Partial |
| This Tool |
Free |
❌ No |
✅ Yes |
The Tech
This tool uses a Canvas-based rendering pipeline to achieve true, irreversible redaction — entirely in the browser:
PDF.js (Mozilla CDN) — Renders each PDF page to an HTML5 (canvas) element. No server, no upload.Canvas API (native) — User draws redaction rectangles over sensitive regions. The Canvas shows a live preview with filled black boxes.pdf-lib (CDN) — Exports a brand-new PDF built entirely from the flattened canvas images.
Why this achieves true redaction: The output PDF contains zero text data structures — only pixel data rendered from the Canvas. The underlying text is irreversibly gone, not hidden behind a layer. There is no text stream to recover, no metadata to strip, no hidden layers.
All Web APIs, no backend required:
File API — reads the user's local PDF fileCanvas API — rendering and annotation surfaceURL.createObjectURL + (a download) — triggers local file downloadWeb Workers (optional) — offloads PDF.js rendering to keep UI responsive
Complexity
7 / 10
The core loop (render page → draw boxes → export) is well-understood. The moderate complexity comes from:
- Managing multi-page PDFs with per-page canvas state
- Ensuring redaction rectangles are tracked correctly across zoom levels
- Producing a properly-structured PDF output via pdf-lib
All dependencies are well-maintained open-source libraries available via CDN. No build step required — ships as a single index.html + main.js.
Generated by Market Research Discovery · ◷
The Gap
Online PDF redaction is broken in two distinct, well-documented ways:
1. Privacy Violation via Server Uploads
Every major free tool (Smallpdf, ILovePDF, Sejda, PDFescape) requires uploading sensitive documents to their cloud servers. For the legal, medical, and financial professionals who most need redaction, this is a hard blocker — uploading a contract, patient record, or financial statement to a random SaaS server violates GDPR, HIPAA, and basic data hygiene.
2. Fake Redaction (The Bigger Problem)
Most free tools simply draw a black rectangle on top of the PDF as a visual layer. The underlying text data remains in the file structure. This is trivially reversible: select-all → copy → paste exposes everything "hidden." This is a documented security failure responsible for real legal and compliance incidents.
The result: A clean, free, truly local tool does not exist. Adobe Acrobat Pro ($23/mo) is the only trustworthy option; every free alternative is either a privacy risk or a security theatre tool.
The Tech
This tool uses a Canvas-based rendering pipeline to achieve true, irreversible redaction — entirely in the browser:
PDF.js(Mozilla CDN) — Renders each PDF page to an HTML5(canvas)element. No server, no upload.Canvas API(native) — User draws redaction rectangles over sensitive regions. The Canvas shows a live preview with filled black boxes.pdf-lib(CDN) — Exports a brand-new PDF built entirely from the flattened canvas images.Why this achieves true redaction: The output PDF contains zero text data structures — only pixel data rendered from the Canvas. The underlying text is irreversibly gone, not hidden behind a layer. There is no text stream to recover, no metadata to strip, no hidden layers.
All Web APIs, no backend required:
File API— reads the user's local PDF fileCanvas API— rendering and annotation surfaceURL.createObjectURL+(a download)— triggers local file downloadWeb Workers(optional) — offloads PDF.js rendering to keep UI responsiveComplexity
7 / 10
The core loop (render page → draw boxes → export) is well-understood. The moderate complexity comes from:
All dependencies are well-maintained open-source libraries available via CDN. No build step required — ships as a single
index.html+main.js.