T-Card scanner privacy concerns still open


The Office of the Vice-Provost, Students is looking into creating better safeguards to put in place for student groups who request access the T-Card system, which is one way of verifying students’ registration statuses.

The first method of voter verification is an electronic voter list stored on a password-protected disk. The second method is the T-Card verification system, which comprises two parts: the first is the actual database of student numbers and names, and the second is the optical card reader, a physical piece of equipment.

According to Babatumi Sodade, the former chief electoral officer (the UTMSU employee responsible for overseeing the logistics of the referendum process), he requested both the password-protected disk and the T-Card system. He opted to use the T-Card system, which meant borrowing the T-Card optical scanner from UTSU. The password-protected disk was intended only as a backup option.

“I requested both, but I wasn’t specific enough, so it was a misunderstanding,” said Sodade. “I thought they’d authorized both, but it was my mistake in not making sure.”

The Office of the Vice-Provost, Students sent a password-protected disk containing truncated student numbers to UTM’s Office of Student Life at Sodade’s request. However, according to the university, it was never picked up or used. The office did not update the T-Card system because it was under the impression that UTMSU was going to verify which students were eligible to vote in the referendum through manual registration, that is, using the password-protected disk rather than the T-Card system.

“Instead of using the CD sent by the Office of the Vice-Provost, Students, as arranged, UTMSU used this T-Card optical scanner, which was loaded with data for the UTSU November AGM,” stated the Office of the Vice-Provost, Students, in an emailed response to questions. “The uploaded voter information was therefore out of date and included St. George students. Had UTMSU advised this office in advance, as required, that it wished to use the T-Card reader for voter verification, the correct data for UTM would have been uploaded for the T-Card reader.”

The November AGM list was the most recent list uploaded to the T-Card system database. According to the Office of the Vice-Provost, Students, UTSU requested both the updating of the T-Card System and a manual membership list for the administration of their November AGM. Ultimately, they chose not to use the T-Card system, only the password-protected disk. However, the list for the November AGM was still on the system.

To access the T-Card system, Sodade used the password from last spring’s UTMSU elections, which is when he last used the T-Card system.

“I always assumed that UTMSU has the same password,” said Sodade. “We’ve used the same password since the spring elections. […] I’ve always used that [password]. I thought it was kind of like an email account, like Gmail. I thought it was just an account that UTMSU has with the school that enabled access that you had to request; you had to get the confidentiality agreement signed to actually use it.

“It was just a misunderstanding in updating the list,” he added. “[Updating it] could have been done, but I just wasn’t specific enough, I guess.”

Sodade said the confusion all came down to one word: “electronic”.

“I asked for an ‘electronic’ system. And I wasn’t specific enough. To me, it was the T-Card system,” said Sodade. “So I didn’t specify the electronic system I wanted. There was a misunderstanding.”

The Office of the Vice-Provost, Students said that the T-Card system was designed to verify student statuses for UTSU’s sale of student TTC Metropasses. Therefore, it was designed to have multiple user IDs and passwords for administrative purposes. The university’s T-Card Office generates these user IDs and passwords, which grant access to the system, not to individual lists in the database.

According to that office, in recent years UTSU has been lending the T-Card scanner to other societies for their membership verification and administrative needs. UTSU requested new user IDs and passwords from the T-Card Office for these other groups. The university did not change the user ID or password.

Sodade confirmed that UTSU lent the T-Card scanner to UTMSU for the referendum.

“They do us a favour by loaning [the T-Card scanner] to us every year, because we don’t have a T-Card scanner,” reported Sodade.

“We are looking into putting better safeguards in place for ensuring that errors such as those that occurred in the UTMSU referendum do not happen again when the T-Card reader is used,” said the Office of the Vice-Provost. “We will be talking with the student unions about these safeguards. There needs to be a better password system for the T-Card reader. But most importantly, the T-Card reader should not be lent out by UTSU to other student unions without written confirmation from [our] office that the appropriate data for the student union in question has been uploaded.”

For the Student Centre expansion referendum of January 29–31, UTMSU used a T-Card system that had been loaded with data (student numbers and names) for UTSU’s November AGM, which means that both UTM and St. George students were able to vote. St. George students were intended to be ineligible, as they are not members of UTMSU and the terms of the referendum do not apply to them. As a result, the Board of Directors did not ratify the results of the referendum.