For the London Free Press – July 7, 2008
Read this on Canoe
A recent decision by the Privacy Commissioner of Canada found that taking finger/thumb prints from those writing the Law School Admission Test (LSAT) is a privacy breach and must be stopped.
The LSAT, a standardized test provided by the Law School Admission’s Council (LSAC), must be written by every prospective law student in Canada and the U.S. The test results are one of the criteria law schools use to grant entry to students.
Since 1974, the LSAC has collected the finger/thumb prints of test takers “to assure the authenticity of test scores and to protect the integrity of the testing process.” It’s used as a measure of ensuring the person writing the test is who he/she says they are.
The privacy commissioner found that the loss of privacy outweighed the benefit, and ordered the practice to cease under the provisions of the Personal Information Protection and Electronic Documents Act (PIPEDA).
The Commissioner considered this four-point test:
- Is the measure demonstrably necessary to meet a specific need?
- Is it likely to be effective in meeting that need?
- Is the loss of privacy proportional to the benefit gained?
- Is there a less privacy-invasive way of achieving the same end?
She felt that not only did fingerprinting not effectively meet the stated purpose, they were never actually used for the intended purpose.
LSAC took the position that since it was a Delaware corporation headquartered in the United States, the privacy commissioner had no jurisdiction over its activities.
The privacy commissioner found, however, that there were sufficient Canadian connections to make LSAC subject to the provisions of PIPEDA, at least to the extent it operates in Canada.
Fifteen Canadian law schools are members of the LSAC. One of the 18 voting members of the board of trustees is from a Canadian school, one of the four permanent standing committees is from a Canadian school and the president of the Canadian Law School Admission Officers sits on the board of trustee and participates in LSAC discussions.
LSAC also took the position that since it is non-profit, and PIPEDA only applies to commercial activities, that PIPEDA did not apply.
The commissioner’s report stated that:
LSAC’s status as a non-profit, non-stock, membership-based organization is not determinative. The Act applies to organizations, defined in section 2 as including “an association, a partnership, a person and a trade union.” There is no exemption for non-profit or member-oriented organizations. To the contrary, the definition of “commercial activity,” namely, “any particular transaction, act or conduct or any regular course of conduct that is of a commercial character, including the selling, bartering or leasing of donor, membership or other fundraising lists,” makes clear Parliament’s intention that the Act apply to commercial transactions that non-profit, membership-based organizations might engage in.
This decision is not surprising.
It’s good to see that PIPEDA is being applied to protect the way even a foreign party deals with Canadian individuals.