LSAT Score Confidentiality

LSAC Privacy Policies for Personally Identifiable LSAT Scores and Other Student Data

LSAC has enumerated a set of policies on privacy, data retention, and confidentiality that apply to all personally identifiable test-taker information collected and stored by the organization. All test scores become the property of LSAC and are kept indefinitely, but in most cases those scores are not available to third parties unless the student consents to have them released (to a law school as part of an application, for example). There are some exceptions to this policy. LSAC uses third-party vendors to provide various services, including payment processing, test center administration, and customer service, and these companies sometimes must have access to student data. Another exception is compliance with a legal proceeding. More information on score confidentiality is available on the LSAC website (www.lsac.org) under the headings "Privacy Policy" and "LSAC Data Retention and Confidentiality."

LSAC Uses of Aggregate Data

LSAC policies for uses of aggregate student information (data sets that cannot be associated with specific individuals) are less restrictive. Aggregate data may be disclosed for marketing purposes, to conduct research, or to inform policy choices. Students are allowed to opt out of direct marketing and promotional communications from LSAC. Public disclosure of aggregate data benefits test-takers in a number of ways. Scholars from outside the organization are able to help identify issues associated with test fairness, test validity, and test development, leading to proposed solutions and (hopefully) an improved examination. Law school applicants are able to learn the average scores of their peers, which is of immeasurable value in the setting of LSAT score goals. Educators can use LSAT data to refine their admissions policies and recruiting practices.

LSAC's Candidate Referral Service

The Candidate Referral Service (CRS) offers prospective law students the opportunity to be recruited by individual law schools. As such, the CRS involves voluntary disclosure of LSAT scores, undergraduate GPA, age, country of citizenship, race, and ethnicity. The CRS allows law schools to search for candidates based on specific criteria within these categories. Students who sign up for the CRS agree to share their information with and receive promotional materials from participating institutions and organizations. Law school applicants should carefully consider whether or not they are comfortable with this arrangement and its effects on score confidentiality before signing up for the CRS. Consent may be withdrawn at a later date, but this will probably involve contacting each institution individually and opting out according to their prescribed policies.

LSAT Score Confidentiality and the Law

Federal laws have not been able to keep pace with the rapidly advancing technology used to disseminate information. This is a very complex issue, but at the present time and in certain contexts, it seems to be perfectly legal in much of the United States for organizations to disclose personally identifiable information on individuals (this does not mean that testing organizations such as LSAC are actually doing so). A few states have taken it unto themselves to correct this situation. In California, for example, it is against the law for testing entities to share information with third parties for marketing purposes if the student has opted out (note that the burden is on the test-taker, not LSAC). Prospective law students interested in this issue may wish to view the website of the Center for Democracy & Technology (https://cdt.org/), a non-profit organization that tracks legislative proposals and litigation in this area as well as the related areas of internet security, internet architecture, and free online expression.

Privacy and the LSAC Website

The LSAC website uses cookies to track visitors, for such stated purposes as improving user experiences, assessing the popularity of various features, and preventing security threats. Users have the option of disabling cookies with their web browsers, but this may adversely affect website functionality. The LSAC website also uses Google Analytics, but there is an available link through which users may install the Google opt-out browser add-on.