LSAT Score Confidentiality
LSAC Privacy Policies for Personally Identifiable LSAT Scores and Other Student Data
LSAC Uses of Aggregate Data
LSAC policies for uses of aggregate student information (data sets that cannot be associated with specific individuals) are less restrictive. Aggregate data may be disclosed for marketing purposes, to conduct research, or to inform policy choices. Students are allowed to opt out of direct marketing and promotional communications from LSAC. Public disclosure of aggregate data benefits test-takers in a number of ways. Scholars from outside the organization are able to help identify issues associated with test fairness, test validity, and test development, leading to proposed solutions and (hopefully) an improved examination. Law school applicants are able to learn the average scores of their peers, which is of immeasurable value in the setting of LSAT score goals. Educators can use LSAT data to refine their admissions policies and recruiting practices.
LSAC's Candidate Referral Service
The Candidate Referral Service (CRS) offers prospective law students the opportunity to be recruited by individual law schools. As such, the CRS involves voluntary disclosure of LSAT scores, undergraduate GPA, age, country of citizenship, race, and ethnicity. The CRS allows law schools to search for candidates based on specific criteria within these categories. Students who sign up for the CRS agree to share their information with and receive promotional materials from participating institutions and organizations. Law school applicants should carefully consider whether or not they are comfortable with this arrangement and its effects on score confidentiality before signing up for the CRS. Consent may be withdrawn at a later date, but this will probably involve contacting each institution individually and opting out according to their prescribed policies.
LSAT Score Confidentiality and the Law
Federal laws have not been able to keep pace with the rapidly advancing technology used to disseminate information. This is a very complex issue, but at the present time and in certain contexts, it seems to be perfectly legal in much of the United States for organizations to disclose personally identifiable information on individuals (this does not mean that testing organizations such as LSAC are actually doing so). A few states have taken it unto themselves to correct this situation. In California, for example, it is against the law for testing entities to share information with third parties for marketing purposes if the student has opted out (note that the burden is on the test-taker, not LSAC). Prospective law students interested in this issue may wish to view the website of the Center for Democracy & Technology (https://cdt.org/), a non-profit organization that tracks legislative proposals and litigation in this area as well as the related areas of internet security, internet architecture, and free online expression.
Privacy and the LSAC Website