Data Protection

Data Protection and Jehovah's Witnesses
Source: jw.org

Are you aware ... ?

The Global Data Protection Policy
of Jehovah's Witnesses
Policy

“Upon becoming a publisher, a person acknowledges that the worldwide religious organization of Jehovah’s Witnesses—including the local congregation of Jehovah’s Witnesses, local branch office, and similar cooperating organizations of Jehovah’s Witnesses—lawfully uses personal data in accordance with its legitimate religious interests. Publishers willingly provide personal data to their congregation as outlined in the book Organized to Do Jehovah’s Will so that they may participate in religious activities in connection with their worship and so that they may receive spiritual support.”

Source: JW.org

Question for Readers

Are you aware that sensitive personal data relating to an expelled person is shared with the branch headquarters and filed electronically in a system known as HuB, under “tracking persons”?

This page contains information for current and former Jehovah’s Witnesses who are concerned about Data Protection.  It will help those who wish to make a formal data access request to their local Kingdom Hall of Jehovah’s Witnesses or to their local Branch Office. This information is based on the rights of citizens within the European Union. However, the information contained herein may be helpful to individuals outside the European Union. This is a guide only. AvoidJW.org recommends, in all cases, to seek legal advice if you are unsure about your statutory rights.

In this guide, we explain your rights in relation to Data Protection. We will disclose to you what sort of personal data your local congregation may hold. This data must be in compliance with Data Protection laws. We will provide you with a template that you may use if you intend to make a formal data access request. And finally, we will describe how your local congregation may respond to your access request.

We would encourage all Jehovah’s Witnesses, current and former members, to make a formal data access request. We would especially encourage individuals who are disfellowshipped or disassociated to make a formal data access request. Why? Because ….

Data Protection and Your Rights

You have a right to data protection when your details are held on a computer; on paper or other manual filing system; and made up of photographs or video recordings of your image or voice. The aim of data protection is to make sure that information stored about you is factually correct; only available to those who should have it; and is only used for stated purposes.

You have a right to find out, free of charge, if a person (an individual or an organization) holds information about you. You also have a right to be given a description of the information and to be told the purpose(s) for holding your information.

When a data controller is obtaining your personal data, they must give you the name of the organization or person collecting the information or for whom they are collecting the information; the reason why they want your details; and any other information that you may need to make sure that they are handling your details fairly.  If an organization or individual gets your personal details from a third party and not directly from you, they must tell you which details they hold and give you the name of the original data controller.

Any data access request must be made in writing. The person responding to your data access request must provide you with this information within 21 days. If they do have personal details about you, they must tell you which details they hold and the reason why they are holding this information.

If you discover that a data controller has details about you that are no factually correct, you can ask them to change or, in some cases, remove these details. If you feel that the organisation or person does not have a valid reason for holding your personal details or that they have taken these details in an unfair way, you can ask them to change or remove these details. You can write to the organization or person, explaining your concerns or outlining which details are incorrect. The organization or person must do as your ask or explain why they will not do so within 40 days.

Personal Data Retained by Congregations of Jehovah's Witnesses

Jehovah’s Witnesses have, since Joseph F Rutherford became president of the Watchtower Society in 1917, been a religious organization with a strong focus on legal systems. This has allowed them to legally exert a solid presence in 240 lands across the world. Consequently, they have had to constantly refine their policies to ensure that the procedures in place are almost identical across the world. The only difference in procedure is where country-specific laws dictate so. However, to ensure that governments do not become too inquisitive of their procedures, they require congregation elders to keep such policies secretive. Therefore, the ordinary rank-and-file members of Jehovah’s Witnesses are unaware of the legal procedures in place. This has helped the religious group to grow while remaining under the radar of most governments.

JW.org, the organization behind Jehovah’s Witnesses, retains a colossal amount of personal information with regard to Jehovah’s Witnesses. In recent times, they have been archiving this personal data in electronic format. Such information includes, but is not limited to, the archival of data relating to:

Congregations of Jehovah’s Witnesses, on the other hand, retain as little information as possible about their members. However, they retain enough information to allow them to function with full authority over all publishers, both current and former.  Information that your local congregation might retain about you may include some or all of the information that is detailed below. They may even have additional personal data that is not listed here. Yet, in some cases, they may not have any personal data relating to you. It should be noted that upon making a data access request, if they discover any personal data about you that does not comply with data protection legislation, they will destroy it rather than give it to you. This is to prevent any possible legal proceedings to be taken against them. After all, one can’t bring reproach upon Jehovah. In other words, the protection of the publishing corporation must come before the rights of any individual.

Requesting Your Personal Data

To request access to your details, send a letter or email to your congregation or branch holding your personal details and ask them for a copy of this information. The details should be easy to understand and you should receive them within 40 days of your request. You may have to pay a small fee to cover costs associated with discovering and/or providing you with these details. There is a limit as to how much you can be charged for this service. In the United Kingdom, the maximum you can be charged is £10. In the Republic of Ireland, it is €6.35.

When making a data access request, you should give any details that will help the person to identify you so they can find your data. Be clear about which details you are looking for, particularly if you are looking for certain information. This will help your congregation or branch to respond more quickly.

Some of the items you can refer to in your data access request can include references to:

  • A-8 Forms (Bethel Applications)
  • A-19 Forms (Temporary Volunteer applications)
  • A-27/DC-50 Forms (Construction Volunteer applications)
  • G-8 Forms (Pioneer School Applications)
  • S-73 Forms (Special Metropolitan Public Witnessing applications)
  • S-82 Forms (Kingdom Hall Volunteer Worker Questionnaires)
  • S-205 Forms (Regular Pioneer Applications)
  • S-205b Forms (Auxiliary Pioneer Applications)
  • S-323 forms (Prospective Circuit Overseer Questionnaires)
  • S-324 Forms (Prospective Substitute Circuit Overseer Questionnaires)
  • S-360 Forms (Language-Teaching Seminar applications)

Requesting Your Personal Data

When making a data access request, you should quote the Data Protection Acts applicable to your country. Below are sample letters for both the UK and Ireland. You can tailor these letters to suit your personal circumstances. For folks in other European Countries, you should determine the Data Protection Acts in your respective jurisdictions and refer to those in your letter.

Please note: When you make a data access request, you do not need to enclose photographic ID or send any money in your initial letter. You only should do this if you want to speed up the retrieval process. If you do not send ID or money, the first letter that your congregation or branch will send to you is a request confirming your identity and a request for money to cover retrieval costs. It means you will have to send a second letter providing such content.

Sample Letter for UK Residents

Dear Data Protection Officer,

Under the Data Protection Act 1998, I wish to make an access request for a copy of any information you keep about me, on computer or in manual form.

I believe you may retain [specifically reference the applicable forms above] that would contain personal details about me.

To assist you in identifying me, I have enclosed photographic ID in the form of a [passport/driver’s license/other ID – choose one].

My date of birth is [DD-MMM-YYYY].

My previous address was

[FORMER ADDRESS / ADDRESS WHEN ATTENDING YOUR KINGDOM HALL]

{choose ONE of the following statements:}

[I have also enclosed a cheque for £10.00 to cover costs that may be associated with you recovering my details.][If you need any more information from me, or a fee, please let me know as soon as possible.]

It may be helpful for you to know that a request for information under the Data Protection Act 1998 should be responded to within 40 days.

If you do not normally deal with these requests, please pass this letter to your Data Protection Officer. If you need advice on dealing with this request, the Information Commissioner’s Office can assist you and can be contacted on 0303 123 1113 or at ico.org.uk

Yours faithfully,

[NAME]

Sample Letter for Irish Residents

Dear Data Protection Officer,

Under Section 4 of the Data Protection Acts 1988 & 2003, I wish to make an access request for a copy of any information you keep about me, on computer or in manual form.

I believe you may retain [list applicable forms above] that would contain personal details about me.

To assist you in identifying me, I have enclosed photographic ID in the form of a photocopied [passport/driver’s license/other ID – choose one].

My date of birth is [DD-MMM-YYYY].

My previous address was

[FORMER ADDRESS / ADDRESS WHEN ATTENDING YOUR KINGDOM HALL]

{choose ONE of the following statements:}

[I have also enclosed a cheque for €6.35 to cover costs that may be associated with you recovering my details.][If you need any more information from me, or a fee, please let me know as soon as possible.]

It may be helpful for you to know that a request for information under the Data Protection Acts 1988 & 2003 should be responded to within 40 days.

If you do not normally deal with these requests, please pass this letter to your Data Protection Officer. If you need advice on dealing with this request, the Data Protection Commissioner’s Office can assist you and can be contacted on 1890 25 22 31 or at dataprotection.ie

Yours faithfully,

[NAME]

Sample Letters from Your Congregation or Branch in Response to your Request

Your congregation or branch must respond to your data access request. If they are simply confirming they have data on you, they will respond within 21 days. If they have data that you have requested access to, they have to respond within 40 days. Usually, they will respond much sooner.

This is an example of how they may respond to your letter:

Dear Sir/Madam,

We are responding to your letter dated [DATE], in which you make a data subject access enquiry under the Data Protection Act [YEAR]. We are pleased to provide the following information.

Enclosed is a photocopy of form(s) titled

[Titles of forms provided].

In addition, the following personal data concerning you is held by [Congregation Name].

The purpose for which the data is processed [Reasons listed].

Possible recipients of the data: [List of recipients]

For the avoidance of doubt, we have no additional records, either written or electronic.

Yours faithfully

[NAME OF DATA CONTROLLER]