Most color printers have a secret tracking or forensic code added to every page that lets governments and others know when and where the page was printed.
It’s just one result of last week’s NSA leak and later arrest. One piece of evidence against Reality Winner was the secret code on the pages she allegedly leaked. Each page told the FBI when the page was printed and which specific printer was used to make it.
Because Office Watch readers print almost every day, we’ve combed the available knowledge about this secret US government program to find out what’s known and what’s unknown (Rumsfeld style).
What are the tracking dots?
It’s a very faint pattern of yellow dots added to every printed page on most, if not all, color printers. The pattern is repeated across the entire page.
Page from HP Color Laserjet 3700 normal (left) and under blue light (right) Source: Florian Heise, Druckerchannel.de & Wikipedia.
The pattern indicates the printer type (make, model), exact printer used (serial number) plus date and time printed.
Law enforcement or anyone else who knows how to decode the pattern can tell when a page was printed and the exact printer used.
The pattern is faint but even a scan or photo of a printed page was enough for the FBI experts to detect it.
Which printers have the tracking dots?
All the major printer makers have added a secret tracking pattern. If you have a color printer – ink or laser – then your printed pages will have the secret dots added.
The Electronic Frontier Foundation did tests on many printers and found that they all had a tracking pattern.
The printer makers that had tracking patterns on some or all of the tested printers were:
- Brother
- Canon
- Dell
- Epson
- Hewlett-Packard / HP
- IBM
- Konica / Konica-Minolta
- Kyocera
- Lanier
- Lexmark
- NRG
- Panasonic
- Ricoh
- Savin
- Toshiba
- Xerox
The only makers that did not have a positive result in the EFF tests were Oki and Samsung.
Not all printer models were tested but it’s safe to assume that all color printers have secret printer tracking codes. That’s regardless of the EFF test results.
The EFF has recently noted that:
“It appears likely that all recent commercial color laser printers print some kind of forensic tracking codes, not necessarily using yellow dots.”
Can I stop the tracking pattern being added?
No, this isn’t something that Windows, Mac or Microsoft Office controls.
It’s done deep in the printer hardware itself.
The printer tracking patterns don’t officially exist so there’s no switch to turn the tracking pattern off. Aside from a major hack of the printer firmware (definitely NOT recommended).
Are the tracking dots added when I ‘Print to PDF’?
No, the tracking pattern is added by the printer hardware so it doesn’t apply to other ‘Print’ options like ‘Print to PDF’, ‘Print to XPS’ or ‘Print to Fax’.
Making a PDF/XPS by any means will include extra data that’s not visible on the page (so-called ‘meta-data’) which could be used to trace the document source.
But in those cases, it’s possible to examine the file for those traces.
Bypassing the secret printer dots
We’ve not seen any reliable methods of printing without the secret code being added.
It’s possible that printing to non-white paper then photographing the colored page might be enough to obscure the dots.
Does it matter?
Yes. Personal, corporate and organizational privacy is important, even more so in the current political climate.
The original intentions of the secret scheme may have been honorable. As we’ve seen in other cases, the printer tracking patterns can be used in ways well beyond the original purpose.
How are the secret tracking dots added?
The tracking pattern is added by the printer itself, after it receives the printing instructions from the computer or other device. Tiny yellow dots are added in a repeating square pattern.
Most likely the tracking dots are added in the ‘firmware’, that’s the software which controls the printers operation. A smaller chance that the secret code is embedded in one of the custom chips that make up any modern printer.
Either way, there’s no practical way to ‘hack’ a printer to stop the codes.
Are the tracking dots added on black/greyscale pages?
Yes, all pages printed on a color printer will have the tracking pattern added even if you’ve set ‘Black ink’ or ‘Greyscale’.
It also might explain a little printer mystery. Most color printers will refuse to print anything if one of the color supplies has run out. It’s very annoying that you can’t print a black ink only page because the printer has run out of Cyan, Magenta or Yellow.
This seemed like a trick by printer makers to force the sale of more ink/toner and that’s probably still the case. But the secret yellow tracking pattern is another reason why they insist on all colors being available (to make only yellow ink compulsory would be a big clue).
What about printers sold outside the USA?
It’s probable that all printers from the affected makers have the same ‘bonus feature’, regardless of where they are sold.
The same printers are sold all over the world, like computer hardware generally.
Maybe printers sold outside the USA have different chips/firmware without the secret dots ‘bonus feature’. However, that’s unlikely for a variety of production reasons.
While the original arrangement for the secret printer codes was by the US government, it’s likely the decoding secret has been shared with other intelligence agencies. For example, the Five Eyes group (US, Canada, UK, Australia and New Zealand).
Other foreign agencies may have devoted the time/effort into decoding the patterns for themselves or obtained the decoding secret from one of their sources.
Can the secret printer tracking codes be decoded.
How to decode/understand the patterns is still secret but the EFF managed to decode the pattern on one Xerox Docucolor machine.
Source: Electronic Frontier Foundation.
What about black / monochrome printers?
Maybe but probably not.
Obviously, monochrome printers can’t add yellow tracking dots. There are suggestions that a different system is used on black ink printers but there’s no proof of that.
What about color photocopiers and multifunction devices?
We’ve not seen any test results on color photocopiers or combination print/scan/fax devices but it’s likely they also have the same tracking codes.
How can I see if my printer has the tracking dots?
Check out this EFF page which shows how they tested for the tracking pattern on various machines.
You’ll need a microscope or magnifying glass and probably a UV ‘blue light’.
How can the printer serial number be used to find the actual printer?
At the very least, it’s possible to use a serial number to narrow down the location of a printer to a country, state or city. In many cases, the serial number can identify the specific purchaser.
Any competent investigator will be able to track down the purchaser if they know the printer make, model and serial number.
At the very least, the printer maker will have data tracking about which wholesaler and then retailer received a particular device. It’s likely the retailer will add the printer serial number to their sales record.
Why are the printer dots there?
Some of the secret story has been pieced together.
Back in the 1990’s the US government was very concerned about forgery of US currency by the newly arriving color printers. They approached companies in an effort to prevent this. One result was some code added to color photocopiers which prevent high-quality images of currency.
All the major printer companies agreed to add the forensic tracking pattern to all pages.
Of course, the secret tracking dots have a lot more uses than simply tracking forgers. That’s something the US government agencies must have known from the start. Currency forgery may have been the original reason or impetus for the secret printer tracking initiative, but it wasn’t the only motive.
It’s worth noting that the printer tracking pattern does NOT prevent currency forgery. It could be helpful in the pursuit and prosecuting offenders.
Why did the printer companies agree?
The US government can apply considerable pressure if it wishes to. The ‘currency forgery’ stated reason was a plausible reason for adding the tracking pattern.
A small but profitable benefit to printer companies is the extra color ink/toner they sell. Each page (even a black/greyscale page) use a little yellow ink. Even a tiny amount of extra ink adds up over an enormous number of printers and millions/billions of pages. That’s greater ink/toner sales for printer makers.
