An abstract image of a greyscale gradient shape on top of a greyscale gradient background.

Image by Xiaowei Wang.

Tracing Paper

Mitch Anzuoni

Color printers mark printouts with barely visible codes that are used to track down currency counterfeiters, as well as everyone else.

In 2017, when a National Security Agency (NSA) whistleblower wanted to extract classified government documents from her work computer, she sought refuge in the printed page. Maybe she thought physical paper would be safer from digital surveillance than an email. So she printed the documents at her office and then mailed them to The Intercept, which broke the news with the headline, “Top-Secret NSA Report Details Russian Hacking Effort Days Before 2016 Election” on June 5th, 2017 at 3:44 p.m. eastern time. A few hours later, the US Department of Justice officially announced their arrest of Reality Winner, a former US Air Force officer and NSA contractor. 

What happened? The Intercept contacted the NSA on May 30th asking them to verify the documents. But by sending the scanned images that included each page’s wrinkles and folds, as opposed to retyping the information, the journalists shared more than they intended to: they sent the NSA the pale yellow tracking dots that are embedded in every piece of paper that is printed by a color laser printer. The dots form rectangular grids of rows and columns, with each dot’s position corresponding to the value of a date, time, or printer model. Together, the rows and columns constitute a machine-readable bitmap known as a machine identification code (MIC). MIC grids repeat across the page so that even if only a shred of a page is recovered, the MIC on that shred can still be decoded and traced. While neither the Justice Department’s nor the FBI’s statements about Winner’s arrest mentioned MICs, security experts strongly suggested that they played a role in helping the agencies identify her and, at the very least, corroborated other evidence linking Winner to the leak. 

Winner’s case spurred a renewed interest in laser printer tracking dots and other techniques for embedding hidden messages in plain sight, also known as steganography. The development and deployment of these techniques comes out of a long-running secret relationship between governments and printer manufacturers in multiple countries. It sounds impossibly paranoid: every piece of paper that's printed by a color laser printer anywhere in the world is marked with invisible grids that make it possible for governments to trace when that exact page was printed and by what printer model. But in 2004, a Dutch journalist revealed the existence of the dots. In doing so, he sparked an ongoing arms race between privacy activists on the one hand and printer companies and intelligence agencies on the other.

Printing Money

For as long as commercial printers and copiers have existed, their manufacturers have been enlisted by US intelligence agencies to help track down whistleblowers. In 1971, the grassroots direct action group, Citizens’ Commission to Investigate the FBI, raided a small FBI field office in Media, Pennsylvania and sent copies of the documents they found there—which first exposed the existence of COINTELPRO, the FBI’s notorious program for sabotaging leftist organizing in the US—to news outlets across the country. 

At the FBI’s request, Xerox helped the FBI determine that the Xerox 660 was the specific make and model of the copier used to disseminate the leak. Xerox also provided the FBI with a list of customers who leased the 660, but ultimately “decided at the very highest level” to not cooperate further with the bureau, according to Xerox PR manager Gerald A. Mulligan. Xerox’s noncooperation stonewalled the FBI’s investigation. Even with over 200 agents on the case, the FBI never prosecuted anyone for the raid. Xerox’s stand against intelligence agencies would be the last of its kind.

As personal computers, printers, and copiers became more readily available, intelligence agencies sought deeper inroads with printer technology companies in order to combat what they saw as a growing threat of currency counterfeiting. Japan was the first government to require traceable codes embedded in laser printouts and Fuji-Xerox, the joint Japanese-American printing venture, developed the first iteration of tracking technology—the yellow dots—in the mid-1980s. Other countries, including the US, quickly followed suit. Although there was no law in the US mandating that printer manufacturers incorporate MICs into their machines, industry insiders reported that the US government and intelligence agencies made clear to printer manufacturers that the lack of traceable markings could make it difficult to sell their products in the country. Soon, every major manufacturer implemented their own tracking codes. Not a single one revealed this “feature” to its customers. 

By the 1990s, the desktop publishing revolution was well underway and central banks around the world took notice. In January 1993, central bankers and banknote printers from the G-10 countries convened a steering committee called the Special Study Group 2 (SSG-2) to assess the threat of laser printers to currency integrity. A 1995 SSG-2 memo describes a system for tracing counterfeit banknotes back to a specific copier. The SSG-2’s next steps were to research “whether the technologies developed for copiers could also be used for scanner and computer systems”—with the goal being complete traceability for any given sheet of paper from any commercially available copier, scanner, or printer. A 1998 SSG-2 report remarks on the success of the tracing system and notes that “manufacturers will continue to provide assistance in identifying specific copiers at no additional cost.” 

Still, the details remained secret until 2004, when the Dutch journalist Wilbert de Vries broke the story of the tracking dots. In a brief article originally for the online IT publication Webwereld, de Vries cites anonymous sources with the Dutch Railway Police who confirm that they are using tracking dots to identify members of a counterfeit ticket printing gang. Privacy activists were appalled by the disclosure since the same technology that makes counterfeiting harder also subjects every single person who prints a piece of paper with a color printer—the vast majority of whom are not printing fake money or railway tickets—to non-consensual tracking. In the aftermath of de Vries’s discovery, the Electronic Frontier Foundation (EFF) condemned the practice of using tracking dots and began collecting data on which manufacturers implemented them, including submitting FOIA requests to the US government regarding its involvement. Much of what we know about the history of printer steganography is due to their work. 

EFF researchers were quickly overwhelmed by the sheer scale of the operation. They concluded that all major printer companies were implementing MICs in laser printers in some fashion. With the help of volunteers, they were able to decipher portions of the yellow dot tracking codes in use by a popular laser printer, the Xerox DocuColor. Each row of the grid was given a numerical value of a power of two—so the value of the bottom-most row would be one, the value of the next row up would be two, the next row up would be four, and so on up to sixty-four. Each column of the grid represented part of the printout’s date or time or the printer’s serial number. Specifically, columns 11 through 15 designated the printer’s serial number. So if column 11 had a dot in row 32, plus a dot in row 16, the first digit of the serial would be 32 plus 16, or 48. The dot matrices produced by other printers looked completely different. Canon, for instance, arranges their dots in a spiral. Ultimately, Xerox abandoned their original grid pattern, making the EFF researchers’ decoding tools obsolete. Newer printers presumably use a different system to encode metadata in the dots. 

Following the Dutch revelations, printer manufacturers scrambled to justify their invasive and secretive technology. Xerox, for the first time, publicly admitted to using tracking codes and spun them as a positive, consumer-friendly feature to enhance the security of their printouts. As a result, they found themselves under the scrutiny of the EU Commissioner for Justice, Freedom, and Security, who stated in a 2008 official memo that such tracking "may give rise to the violation of fundamental human rights, namely the right to privacy and private life.”

Disrupting the Dots

I run an independent press based in New York City. After learning of the pale yellow dots, I wanted to know if I could find them in the books, magazines, and chapbooks I had made over the years. When I scanned the pages into the computer and inverted the colors of the scans, I found that nearly all of them had the simple arrangement of dots that bound me up within a global surveillance apparatus. One of our recent publications—Salty Wet, a visual essay on political resistance in Hong Kong—was covered in Xerox tracking codes. I wondered if there was any way to remove them, or if being trackable was simply the cost of printing in color. 

In 2018, a group of researchers at the Technical University of Dresden made a breakthrough to that end when they released DEDA: the Dot Extraction, Decoding, and Anonymization toolkit. Analyzing over a thousand printouts from over a hundred printers, they developed an algorithm to detect and decode the tracking dots of four grid patterns that were used across eighteen manufacturers. Finally, there was a way for regular people to pry the dots out of the hands of corporations and intelligence agencies, and commandeer them for ourselves. The DEDA toolkit allows anyone to anonymize documents by removing the tracking dots at the software level, actively inhibiting the process and giving non-governmental entities the ability to disrupt their printer’s surveillance mechanisms. It also enables users to hijack the MICs for their own purposes by creating user-defined secret patterns. Seemingly innocuous blank sheets of paper could now be used to convey information between any parties—not just central bankers, printer manufacturers, and intelligence agencies—so long as each party had access to the decoding key. 

When I set up the toolkit on my laptop, I found that the anonymization and user-defined pattern tools worked right out of the box. It was thrilling to be able to manipulate the corporate tracking systems I had never consented to and create my own MIC. But when I attempted to decode the yellow dots on a piece of paper printed commercially from a Xerox PrimeLink C9065, DEDA came up empty. I tried another piece of paper from a smaller Xerox DocuColor printer and, again, DEDA found nothing, even after I had manually confirmed with a UV light that the page was marked with tracking codes.  

Perhaps the toolkit is a victim of its own success. At the time, DEDA was a revelation. But security is not a steady state. The fanfare from the cybersecurity press that accompanied the toolkit’s release may have caught the eye of printer companies and intelligence agencies, and maybe they tweaked the encoding schemes they were using. It is also possible that the printers I tested use a MIC that hasn’t yet been catalogued by DEDA. According to the EFF, engineers employed by major manufacturers have hinted at the existence of a new generation of tracking mechanisms. It's been posited by researchers that tiny discrepancies in the spacing between words or even the kerning of letters could be used to encode information. But little is known about these alternative tracking measures aside from vague warnings by industry insiders. 

The rationale behind building surveillance mechanisms into laser printers laid the foundation for more far-reaching forms of surveillance that we encounter in our devices today. The modern internet is full of invisible tracking mechanisms that, like MICs, are marketed as beneficial at best and harmless at worst—as long as you have nothing to hide. Compared with the sprawling digital behemoth of the web, yellow tracking dots may seem trivial. But the efforts by intelligence agencies to keep tabs on printed documents are a grave, if obscure, threat to our privacy. And the history of those efforts reminds us that what might at first sound like a conspiracy theory is actually true: that in the name of preventing crime, government and industry collude in secret to track us all.

Mitch Anzuoni is an editor and writer based in New York City. They help run Inpatient Press, an independent press dedicated to esoteric and experimental works.

This piece appears in Logic(s) issue 10, "Security". To order the issue, head on over to our store. To receive future issues, subscribe.