CJE: JEHOVAH WITNESSES MUST ALSO COMPLY WITH DATA PROTECTION LEGISLATION
With the decision of July 10, in case C-25/17, the Court of Justice has expressed itself on the protection of personal data in the context of door-to-door preaching by the Jehovah’s Witnesses Community.
On September 17, 2013, the Finnish Data Protection Commission (tietosuojalautakunta) prohibited the religious community of Jehovah’s Witnesses to collect or process personal data, as part of door-to-door preaching, unless the requirements of the relevant Finnish legislation are met to the processing of such data.
In the context of the proceedings initiated by the Finnish Data Protection Supervisor (tietosuojavaltuutettu) following the abovementioned refusal, the Finnish Supreme Administrative Court (Korkein hallinto-oikeus) referred a question to the Court for a preliminary ruling on whether the religious community is obliged to comply with Community legislation on the protection of personal data in the exercise of door-to-door preaching.
In its recent ruling, the Court of Justice held, first, that the activity of door-to-door preaching of members of the Jehovah’s Witness Community does not constitute an exclusively personal or domestic activity and, therefore, does not fall within the exceptions provided for by EU law on the protection of personal data.
The Court also clarified that the rules on the protection of personal data apply to the manual processing of data only where they are stored in a file. In this respect, the Court concluded that ‘the notion of ‘file’ includes any set of personal data collected during a door-to-door preaching activity and containing names, addresses and other information relating to the persons contacted door-to-door, since such data are structured according to specific criteria which allow, in practice, for easy retrieval for subsequent use’.
Furthermore, the Court also clarified that the rules on personal data protection apply to the manual processing of data only if they are stored in an archive. In this regard, the Court concluded that “the notion of «filing system» covers a set of personal data collected in the course of door-to-door preaching activity, consisting of the names and addresses and other information concerning the persons contacted, if such data is structured according to specific criteria which, in practice, enable it to be easily retrieved for subsequent use“.
Finally, the Court addressed the question of who can, in the specific case in question, be considered as a controller of personal data. The CJU, having recalled that the notion of ‘controller’ may cover several actors involved in the processing, each of whom must therefore be subject to the rules of Union law on the personal data protection, therefore concluded that Union law on the protection of personal data “allows a religious community to be considered, together with his preacher members, as controller for the processing of personal data carried out by them in the course of a door-to-door preaching activity organized, coordinated and encouraged by that community, without it being necessary for that community to have access to that data or for it to be demonstrated that it has given its members written instructions or directions in relation to those processing operations”.
For the full text of the judgment: