Many people don’t realize that Microsoft Word encodes information about the authors and editors of each document. It’s called “metadata.” For example, some of this data is contained under the “Properties” section of the “File” pull down menu.
An article in the New York Times describes what can be revealed when metadata is examined:
It hardly ranks in the annals of “gotcha!” but right-wing blogs were buzzing for at least a few days last week when an unsigned Microsoft Word document was circulated by the Democratic National Committee. The memo referred to the “anti-civil rights and anti-immigrant rulings” of Samuel A. Alito Jr., a federal appeals court judge who has been nominated to the Supreme Court by President Bush.
The stern criticisms of Judge Alito rubbed some commentators the wrong way (Chris Matthews of MSNBC called it “disgusting” last Monday). But whatever the memo’s rhetorical pitch, right-leaning bloggers revealed that it contained a much more universal, if unintended, message: It pays to mind your metadata. . . .
According to some technologists, including Dennis M. Kennedy, a lawyer and consultant based in St. Louis, (denniskennedy.com), metadata might include other bits of information like notes and questions rendered as “comments” within a document (“need to be more specific here,” for example, or in the case of my editors, “eh??”), or the deletions and insertions logged by such features as “track changes” in Microsoft Word.
A blogger searched the Alito memo for metadata and could figure out some of the authors of the document. According to the NYT story:
None of these amounted to earth-shattering revelations, of course, but taken together they offered a level of detail into the Alito memo that the D.N.C. had not intended.
Josh Earnest, a spokesman for the Democratic committee, pointed out that the origins of the document were never really a secret, even if it was circulated as background material that was not intended to be sourced.
“Based on the fact that the D.N.C. was known to be circulating the document,” Mr. Earnest said, “I’m not sure that RedState is breaking any news here.”
The article goes on to describe some incidents where more major revelations were made in the metadata. Here’s one example:
At about the same time, California’s attorney general, Bill Lockyer, floated a letter calling peer-to-peer file-sharing software – long the bane of the entertainment industry’s interests – “a dangerous product.” But a peek at the document’s properties revealed that someone dubbed “stevensonv” had a hand in its creation.
Vans Stevenson, a senior vice president with the Motion Picture Association of America, said later that he had offered input on the document but had not written it.
Originally posted at Concurring Opinions
* * * *
This post was authored by Professor Daniel J. Solove, who through TeachPrivacy develops computer-based privacy training, data security training, HIPAA training, and many other forms of awareness training on privacy and security topics. Professor Solove also posts at his blog at LinkedIn. His blog has more than 1 million followers.
Professor Solove is the organizer, along with Paul Schwartz, of the Privacy + Security Forum and International Privacy + Security Forum, annual events designed for seasoned professionals.
If you are interested in privacy and data security issues, there are many great ways Professor Solove can help you stay informed:
* LinkedIn Influencer blog
* Twitter
* Newsletter