The European Union’s top court has ruled that the Jehovah’s Witnesses — and any religious group — must abide by the General Data Protection Regulation (GDPR) when gathering personal data in the course of door-to-door preaching.
The court upheld a ruling by the Finnish Data Protection Supervisor stating that the religious group must stop collecting data in these circumstances unless it follows national data law.
Such data are collected as a memory aid and for use in future visits without the knowledge or consent of the subjects, the court observes. They are then structured and filed so they can be easily retrieved for subsequent use, making them a “filing system” in the GDPR definition.
EU law thus “supports a finding that a religious community is a controller, jointly with its members who engage in preaching, of the processor of personal data carried out by the latter in the context of door-to-door preaching," making it subject to GDPR.
Door-to-door preaching is protected as a right of freedom of conscience and religion in the Fundamental Rights of the European Union, the court continues. However, that activity “is not covered by the exceptions laid down by EU law on the protection of personal data,” it adds.