LSAT Thumbprinting a Privacy Violation
I always felt like I was a criminal when LSAC, the organization that offers the LSAT exam, required mandatory thumbprints on entry.
Weren’t we the ones defending the criminals (or prosecuting them)? Why are we being treated like them?
This commenter says,
When I was a psychology student I used to administer the LSAT. One thing I always found amusing is that you have to leave your thumbprint to take the test. What does that mean? Other professional or graduate tests do not require this.
Then there is the fact that it’s an American company, meaning the American government would have access to my prints if they so chose.
Should Canadian law students be forced to provide prints to a foreign country as a requirement to entry into a Canadian law school?
And I’m not the only one with these concerns.
Canadians Aren’t so Patriotic about the U.S.
In 2006, Daniel Gervais, acting dean of the common-law section at the University of Ottawa expressed to the CBC his apprehension over the U.S. Patriot Act,
The act gives the power to agencies such as the FBI to get access to information that is sent to the U.S.
Michael Geist, also of UofO, elaborates further,
Test takers in B.C. and Alberta have raised objections to the mandatory thumb-printing, expressing concern sensitive personal information could find its way into the hands of U.S. law enforcement. Empowered by provisions in the U.S. Patriot Act, authorities could compel the LSAC to surrender the data.
Patriot Act fears stem from the secretive nature of the law since authorities can compel disclosures with minimal oversight and without opportunity for the affected person to challenge the disclosure.
Critics also point to the statute’s potential misuse. Those fears were exacerbated last week with reports U.S. counter-terrorism databases contain an astonishing 325,000 names.
There has been swift reaction to the thumb-printing story, with the federal, B.C., and Alberta privacy commissioners joining forces in a combined privacy investigation. The Canadian Council of Law Deans, which represents law schools across the country, has expressed concern over the practice, acknowledging that the data could be subject to a Patriot Act request. The Council raised questions about whether the practice might violate federal and provincial privacy statutes.
Phillipa Lawson, Executive Director – Canadian Internet Policy & Public Interest Clinic at UofO added,
In the LSAT case, the stated purpose of collecting thumbprints (to deter fraud) is clearly reasonable. But is the collection of thumbprints necessary to achieve this purpose? Do other, less intrusive but equally effective methods of deterring fraud exist? And is the fraud-deterrent value of thumbprinting proportional to its privacy invasiveness? The privacy commissioners now investigating this matter will have to answer these questions.
Recent developments indicate that round 1 may have just begun.
Non-Profit Status of LSUC Will not Provide Immunity
The Commissioner used a 4-part test:
- Is the measure demonstrably necessary to meet a specific need?
- Is it likely to be effective in meeting that need?
- Is the loss of privacy proportional to the benefit gained?
- Is there a less privacy-invasive way of achieving the same end?
Their conclusion is that thumbprinting were never intended for their expressed purpose, let alone meeting their purpose.
LSAC took the position that since it was a Delaware corporation headquartered in the United States, the privacy commissioner had no jurisdiction over its activities.
The privacy commissioner found, however, that there were sufficient Canadian connections to make LSAC subject to the provisions of PIPEDA, at least to the extent it operates in Canada.
The Commissioner also stated,
LSAC’s status as a non-profit, non-stock, membership-based organization is not determinative. The Act applies to organizations, defined in section 2 as including “an association, a partnership, a person and a trade union.” There is no exemption for non-profit or member-oriented organizations. To the contrary, the definition of “commercial activity,” namely, “any particular transaction, act or conduct or any regular course of conduct that is of a commercial character, including the selling, bartering or leasing of donor, membership or other fundraising lists,” makes clear Parliament’s intention that the Act apply to commercial transactions that non-profit, membership-based organizations might engage in.
Ding, Ding, Ding
So it seems law students, who are in training to defend the rights of others, might finally realize these privacy rights that many have been complaining about for years.
Let the fight begin.