If you aren’t aware by now how Microsoft Word saves all revision and review information as a matter of its default behavior, then you need to know any interaction you have with a Word document of your creation — or if you are reviewing someone else’s Word document — does not protect your identity unless you interactively remove your private information.

You can imagine how this Word feature/problem is haunting for those
unaware of its nefarious power. This Word document tracking issue
played a role in the ramp up for the War in Iraq:

Back in February 2003, 10 Downing Street published a
dossier on Iraq’s security and intelligence organizations. This dossier
was cited by Colin Powell in his address to the United Nations the same
month. Dr. Glen Rangwala, a lecturer in politics at Cambridge
University, quickly discovered that much of the material in the dossier
was actually plagiarized from a U.S. researcher on Iraq. Blair’s
government made one additional mistake: they published the dossier as a
Microsoft Word file on their Web site. When I first heard from Dr.
Rangwala about the dossier, I decided to try to learn who had worked on
the document. I downloaded the Word file containing the dossier from
the 10 Downing Street Web site (http://www.number-10.gov.uk/) and found the following revision log in the file…

Here is what Dr. Glen Rangwala claims:

The document claims to draw “upon a number of sources,
including intelligence material” (p.1, first sentence). Now this is a
bit misleading. More precisely, the bulk of the 19-page document
(pp.6-16) is directly copied without acknowledgement from an article in
last September’s Middle East Review of International Affairs entitled
“Iraq’s Security and Intelligence Network: A Guide and Analysis”.
The author of the piece is Ibrahim al-Marashi, a postgraduate student
at the Monterey Institute of International studies. He has confirmed to
me that his permission was not sought; in fact, he didn’t even know
about the British document until I mentioned it to him.

The Word document “public private peer review” problem/feature goes
beyond faked war documents to threaten the privacy of any anonymous
reviewer or editor and so, in February 2004, Microsoft offered a downloadable fix:

Microsoft issued a download for Office 2003/XP to allow
users to “permanently remove hidden data and collaboration data, such
as change tracking and comments, from Microsoft Word, Microsoft Excel,
and Microsoft PowerPoint files.”

An important issue in itself, made
even more relevant when considered alongside this article by Preston
Gralla, published yesterday, about the creation of a purportedly
“high-level [UK] intelligence dossier about Iraq” discovered to be
“little more than a cut-and-paste job” constructed in Word.

However, today, proving once again how history repeats itself —
especially for the uninformed intelligent — and also re-confirming how
time heals all wounds, but not all software anomalies, The Chronicle reported:

The peer-review process at many academic journals is
intended to be blind, meaning that authors do not know who is reviewing
their work. But a little-known setting in Microsoft Word has led to the
unmasking of some peer reviewers, and at least a few journals have
issued guidelines for making sure that electronic documents remain
anonymous.

Keyne A. Cheshire, an assistant professor of classics at Davidson
College, in North Carolina, who describes himself as new to scholarly
publishing, said he recently discovered the issue by accident. After
submitting an article to a journal in his field, he received a reviewer
report by e-mail, forwarded from the journal’s editor (he declined to
name the journal or editor).

The report, which Mr. Cheshire said
included some “hefty criticism” of his article, arrived as a Microsoft
Word file attached to the e-mail message.
When Mr. Cheshire opened the document, he noticed that it seemed to be
created using a British version of Word. Curious, he clicked on the
document’s preferences and was surprised to see a screen labeled
“Summary” that listed the name of the person who had created the
document — someone in his discipline whom he knew.

This unintentional lack of a blind review process is charming. I have
never understood the rationale behind a one-way blind review because
the reviewer knows the author and can cut the author with comments but
the author is not allowed to know the identity of the one wielding the
knife? How can you answer your accusers if they hide behind an
anonymous veil masking their intentions and idiosyncrasies?

Double-blind review is a bit better where neither author nor reviewer
knows the identity of the other — but I have always found greatest
value in reviewers who are public and identified and who will stand by
their criticisms and cures on-the-record. It is easy to snipe from a
distance and harder to do so with your name written on the bullet.

Public peer review allows and encourages open discussion and is an
instant remedy plaguing anonymous academic peer review: Criticism
without offering a solution is only complaining. I find it divine so
many in academe are still unaware of the ability for an author to track
the eyes and hands fingering their work throughout the review process:

S. Douglas Olson, who is editor of Classical Journal and a
professor of classical and Near Eastern studies at the University of
Minnesota-Twin Cities, said he stumbled upon the issue the hard way:
After writing one of his first reviews, he got a note from the author,
who shouldn’t have known his identity, alerting him that he’d left his
name in the document’s summary field.

“Luckily they were very positive referee reports,” says Mr. Olson. He
said he immediately informed the journal’s editor, who was also unaware
of the possibility that reviewers’ names might be hidden in Word
documents. “She was just horrified.” “This is completely new to me,”
said Jana Argersinger, vice president of the Council of Literary
Magazines and Presses. “It may be that none of our submitters have been
savvy enough to know about it.”
“I have never heard of this,” said Rosemary G. Feal, executive director
of the Modern Language Association. “And I myself am a journal editor.”

In the next version of Word in Office 2007, a “Document Inspector” will
help you remove identifying information. Until the next version of Word
is released, here’s how to remove the information right now:

1. Open Word and choose Word | Properties| Security. (Use
“Preferences” instead of “Properties” on a Mac).

2. Under Privacy Options, check Remove personal information from this
file on save. This will strip author name, initials, etc.

3. If you wish to be alerted when a document contains trackable
information such as comments or edits, check the box marked Warn before
printing, saving or sending a file that contains tracked changes or
comments.

4. Click OK to close the Preferences dialog.
Note: The command to remove personal information is not “sticky.” It
must be enabled for each document you want information stripped from.

You can learn how to protect your privacy in Excel and PowerPoint here. Here’s a list of other privacy protections
you may employ while using Word.
Microsoft Word’s ability to track your every editorial intention by
default serves an important looming lesson for us all: What you
privately write might publicly bite you back!

17 Comments

  1. The BTK killer was caught when he sent a disk to police that contained his first name and the name of the church where he had used a computer. The data was contained in the metadata Microsoft Word creates in every document.
    Thanks to Microsoft Word, police were able to crack the decades old case!

    Like

  2. Hi Chris —
    I remember that about the BTK guy! Sometimes “identification by default” works in a good way! Did he wish to be caught, though?
    Do you believe anonymous peer review has value?
    On a greater scale, should people be allowed to hide behind fake names on the internet — especially in blogs and online discussions — or should they be required to use their full name? Their IP address already identifies them so what is the value in hiding behind a pseudonym?

    Like

  3. Hi David,
    Anonymous peer review has value because it frees one to say what he or she really thinks about what is being reviewed.
    Your question about requiring real names to be used on the internet is interesting. You are right that it is almost impossible to remain anonymous because IP numbers can be traced.
    But, there is something nice about the idea of being anonymous when posting to a blog. Maybe it allows people to be more open when discussing controversial topics.

    Like

  4. Chris —
    Why can’t a person say what they really think using their real, public, name? In my experience people only get nastier when they hide behind total anonymity.
    Again, I don’t understand why posting anonymously on a blog allows a person to be more open.

    Like

  5. Chris —
    Those anonymous proxies sort of work for vague surfing on the web, but most blog Spam programs or other defensive measures running on web servers for interaction or shopping or posting messages will not allow those using anonymous proxies to post because not enough verifiable identifying information is being sent to the server.
    Akismet blocks all anonymous proxy posters.

    Like

  6. Hi David,
    You’re probably right about people being nastier when they can remain anonymous and unaccountable. But, for peer review articles, maybe the fear is that someone might retaliate later on for a negative commentary.
    What do you think about anonymous grading? When I was in law school, we were assigned numbers so that the professor wouldn’t know whose blue book was being graded. The idea behind the anonymous grading was that professors couldn’t single out someone for a bad grade for political views, etc. The work done on the exam would speak for itself.
    It’s interesting that it’s very easy to obtain people’s information. Most personal information, such as address and telephone number, is available somewhere on the net for free. The common denominator is having a listed telephone number.
    All of the public information about me points away from my private residence and to my public addresses. When I first started working, my home address was listed publically. It wasn’t fun getting calls at all hours of the day and night that should have gone directly to the office. I quickly made sure that everything work related pointed to my business address.
    If I really wanted to remain private, I could set up a land trust and register all of my property as Trust #1234567890 or whatever so that searching the recorder’s office wouldn’t reveal anything.
    But, all of that wouldn’t stop someone who wanted to get my information by pulling a credit header using any number of search companies on the internet, such as Accurint.
    It’s also scary to know that people can buy your cell phone information, according to news reports. It’s another reason to never give out your cell phone number.

    Like

  7. Hey Chris —
    I think the retaliation in article peer review is often used to keep someone down by someone who is established. New people don’t do peer review and to protect their place, the “establishment power” prefers to anonymously sabotage their young challengers than to do it on-the-record.
    I like anonymous grading if it is double-blind as long as you’re dealing with questions of fact right/wrong and not one of aesthetic.
    “Personal information” is precisely the opposite of that phrase. There is no such thing as a private person any longer, I fear. It’s good you are protecting your privacy and the privacy of your family. In your line of work you never know what kind of wackos are out there looking for a soft place to put their revenge.
    I like the Trust idea! Now that’s fun!
    Places like Accurint turn my stomach. Ugly service. Ugly people.
    I thought the cell phone number purchase was an insider scam? Didn’t they arrest several people who worked at the phone company for selling the numbers to the middle-man broker? I think that problem was pretty limited in abuse but it wasn’t reported that way in the mass media.

    Like

  8. Hi Chris —
    I am so happy legal action is being set in place against those who choose to sell our cell numbers! It’s too bad we have to legislate what should be common sense.
    No. I had no idea Lexis-Nexis owned Accurint. I’m disappointed.

    Like

  9. Interesting information David.
    On the “cut and paste” comments, doesn’t that term harken back to the graphic artist days before computers? When I started as an assistant photographer at an advertising agency they didn’t have computers. All text for layouts was produced on a Photo Mechanical Transfer machine and cut out and pasted onto the board that made up the page they were creating.

    Like

  10. PMT brings back memories when I was photo editor for my local newspaper’s high school page. I wonder if things are as magical today as they were when darkrooms and photo chemicals were involved. Uploading images into the computer never has the same feel as seeing a print develop in the red light of a darkroom.

    Like

Share Your Thoughts:

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s