Jul 15, 2018

Jehovah's Witnesses must ask permission before collecting personal data on the doorstep

Jehovah's Witnesses
Olivia Rudgard, religious affairs correspondent
July 15, 2018

Religious groups must comply with data protection laws, the European Court has warned, as it rules that Jehovah's Witnesses must ask permission before collecting personal data on the doorstep.

In a ruling made following an appeal by the Finnish arm of the religious group, the Court of Justice of the European Union said that they must gain consent from householders before collecting their data.

It comes after the Church of England told members not to distribute people's personal data in written prayer requests following the introduction of GDPR, the EU's new data privacy law, earlier this year.

The case was brought amid confusion over whether the Jehovah's Witnesses information gathering was exempt from privacy lawsbecause the data was not filed centrally and was used by a religious group in the act of door-to-door preaching.

The judgment said that the group keeps a list of people who have asked not to be contacted, known as a "refusal register", as well as "the name and addresses of persons contacted, together with information concerning their religious beliefs and their family circumstances".

The information is "collected as a memory aid and in order to be retrieved for any subsequent visit without the knowledge or consent of the persons concerned".

Religious groups can be exempt from data protection requirements when communicating with believers within their own community.

However, the court ruled that door-to-door proselytising is "directed outwards from the private setting of the members who engage in preaching" and therefore is not exempt.

It added that even though the information is not held centrally in a conventional "filing system", such as a set of databases, it is still covered by the law.

Andrew Charlesworth, of the University of Bristol law school, said the judgment showed that religious groups were "not exempt in total" from GDPR.

He said the law gave religious groups leeway to process data without having to conform to the regulations but this was limited to "current members, former members and people with regular contact."

"What the Jehovah's Witnesses are doing of course is going out and talking to random people, so that really doesn't fall within that," he added.

"When they process personal data, and particularly special categories of personal data, they are required to comply with exactly the same legal requirements as everyone else."

He added that the ruling showed that keeping records on paper instead of in structured databases on computer systems did not exempt organisations from complying with the law.

"The Court of Justice of the European Union has been increasingly inclined to tighten what a filing system is," he said.

A spokesman for the British arm of the Jehovah's Witnesses said: "The European Court of Justice has issued a judgment on what is a complex area of law.

"Jehovah’s Witnesses will analyse the decision carefully and look at how governments within the European Union interpret that judgment."

A spokeswoman for the Information Commissioner's Office said the ruling applied under the previous law as well as under GDPR.

"Religious organisations and political parties must ensure that they comply with the GDPR when collecting personal data," she said.

Earlier this year there was confusion among Church of England clergy as the church issued guidance warning them that permission would be needed from someone who was to be prayed for "if the information were to be published on a website, leaflet or social media".

In response the ICO said: "If, as an organisation, you have an existing relationship with someone, for instance that person is part of your church congregation or volunteers for your sports team, you would not need their consent to use basic personal information."


No comments: