JWTények

GDPR – a JWFACTS.COM-ra (angolul)

2026.02.08.

Revoking Consent and Religious Disciplinary Procedures

Many people fear that when a religious disciplinary action—such as disfellowshipping and its public announcement—occurs, there is no real legal recourse to challenge the decision. In practice, the body of elders will often publicly declare that someone is no longer a Jehovah’s Witness, regardless of whether the individual agrees with the decision or has actually committed any wrongdoing. The legal assessment of such proceedings is difficult, as the reasoning is often neither public nor documented. However, there is an increasingly recognized and applied legal approach based on revoking consent for data processing. When a person withdraws permission for their personal data to be handled, it can limit what information may lawfully be disclosed, transmitted, or announced within a religious organization—particularly in countries where data protection is legally regulated and enforceable.

What Is Data Protection and Consent for Data Processing?

Almost every country now has laws that set out the conditions under which an organization—whether a company, government body, or religious community—can handle an individual’s personal data. This legal framework has grown out of the rapid development of information technology. Personal data can include a wide range of information, such as a person’s name, contact details, place of residence, religious beliefs, relationship status, and even their membership or standing within a particular community. One of the core principles of these regulations is that personal data can only be processed on a specific legal basis, often requiring the explicit or implicit consent of the individual concerned. Importantly, this consent is not necessarily permanent. Most legal systems allow an individual to withdraw their consent at any time, which can significantly limit what the data controller is legally allowed to do with that information—whether using it internally, sharing it, or making it public.

Why Do Religious Organizations Process Personal Data?

Religious organizations typically need to maintain certain personal information to operate. This can include knowing who belongs to the community, where members live, what activities they participate in, and their organizational or religious status within internal records. Such information allows the community to organize events, maintain contact, support educational or pastoral activities, and in some cases, manage internal disciplinary processes. At the same time, data relating to religious beliefs and associated evaluations is considered particularly sensitive personal data under most legal systems. Handling this information is usually not an automatic right; it is subject to special conditions and often depends on the individual’s consent. If that consent is withdrawn, the legal basis for processing the data can be significantly restricted, regardless of the organization’s internal rules or claimed autonomy.

What Happens After Consent for Data Processing Is Withdrawn?

When an individual withdraws consent for their personal data to be processed, a religious organization’s ability to handle that information becomes significantly restricted. This is especially true for data concerning religious affiliation, status within the community, or disciplinary judgments. In many legal systems, the organization must not only review its ongoing record-keeping but also consider whether it can continue to share information about the individual with others. A community announcement affecting a person’s religious status is not merely administrative; it constitutes the disclosure of personal data, which can impact the individual’s social relationships and reputation. If there is no proper legal basis for processing the data, such disclosure may violate data protection laws in most countries, regardless of the religious setting. The existence of religious freedom or organizational autonomy does not automatically exempt a religious group from general data protection obligations.

How Can Consent for Data Processing Be Withdrawn?

Withdrawing consent for the processing of personal data is, in many legal systems, considered a legal right and does not require any justification or explanation. The withdrawal is typically done in writing, clearly and traceably, such as via email or official letter. It is important that the individual clearly specifies which data processing consent they wish to revoke, with particular attention to sensitive information, such as religious affiliation or status within the community. It is advisable to address the withdrawal to both the organization’s official data protection contact and, where relevant, the body of elders. If internal organizational bodies are involved, it can also be useful to submit the request through other formal channels. Documenting the withdrawal helps ensure that authorities or other parties can later verify that the legal right was properly exercised.

______________________

Subject: Withdrawal of Consent for Data Processing

Dear Jehovah’s Witnesses Organization,

I hereby inform you that I withdraw all consent previously given for the processing of my personal data.

This withdrawal applies to all personal data held about me, including—but not limited to—my name, contact details, religious affiliation, membership, or any internal status within the organization.

I request that any further processing of my personal data be conducted in accordance with this withdrawal, and I would appreciate written confirmation that my request has been fully honored.

Please note that the withdrawal of my consent means there is no legal basis for any further processing or disclosure of my personal information. Any such activity is therefore restricted under the applicable data protection laws.

Sincerely,
[Name]
[Date]

______________________

Practical Considerations for Withdrawing Consent for Data Processing

When an individual withdraws consent for the processing of their personal data, it is advisable to submit the request in a formal, traceable manner to the organization’s relevant contacts. Contact details for the branch office can be found on the jw.org website. It is also recommended to inform the body of elders to ensure there is a clear record of the withdrawal. Keeping proof of submission and documenting any responses can be helpful if it later becomes necessary to verify that the request actually reached the organization. The text of the letter can be flexible, but the key point is to clearly record the fact of the withdrawal, without including personal disputes or explanations.

Documentation and Preservation of Evidence

After withdrawing consent for the processing of personal data, the organization often provides an official confirmation acknowledging the withdrawal and noting the restrictions on further data processing. It is advisable to safely preserve this document, as it may later serve as evidence that the withdrawal actually occurred and that the organization was made aware of the request. Regardless of the content of the document, the purpose is to record the fact of the withdrawal, not to disclose personal information.

What Constitutes Unlawful Data Processing?

Any activity by a data-handling organization that records, transmits, or discloses an individual’s personal information without permission is considered unlawful under most legal systems. This can include, among other things:

  • Any report about the individual to the organization’s leadership,

  • Mentioning the person’s name or status in congregational announcements,

  • Recording personal data in writing, electronic messages, emails, or other communication channels,

  • Mentioning your name in an email or WhatsApp conversation.

  • Mentioning your relationship state in an email or WhatsApp conversation.

Because written or electronic traces can persist for a long time in digital systems, any unlawful use of such data may be provable long after the fact. It is therefore important to document any instances of unlawful data processing, for example by keeping official confirmations, notices, or internal reports. This ensures a clear record of how the organization handled the individual’s personal information.

Possible Steps for Someone Previously Disfellowshipped

If a person has previously been disfellowshipped from the congregation, it is worth considering the withdrawal of consent for the processing of their personal data, as this can limit the organization’s ability to continue handling or disclosing that information. If the organization does not respond to the withdrawal or notification, most legal systems allow the individual to file an official complaint, for example with the relevant data protection authority. Such measures are intended to ensure that the person’s rights are enforced in a documented manner and that any further processing of their data complies with applicable laws. Furthermore, the organization risks significant penalties if it disregards these obligations.

Possible Consequences of Unlawful Data Processing

The severity and potential consequences of unlawful data processing depend on the applicable legal system. In some countries, authorities may impose fines on an organization if it is found to have processed or transmitted personal data without permission. In many cases, an individual’s rights can also be enforced through civil legal proceedings, which may result in additional legal consequences for the organization. Regulatory actions are generally conducted in the form prescribed by law, and typically do not require the individual to appear in court or make any financial investment.

Possible Steps if Personal Data Is Disclosed After Consent Withdrawal

If personal information is transmitted or publicly announced after a person has withdrawn consent for data processing, this is considered a data protection violation under most legal systems. In such cases, the individual can officially notify the organization of the issue and document their request for the cessation of data processing. In most legal systems, it is the organization’s responsibility to prove that any data processing was lawful. For this reason, documenting the violation and keeping a clear record of communications is crucial.

The legality of data processing does not depend on any internal judgment or decision made by the community. Any disclosure of personal data without consent is potentially unlawful, regardless of the individual’s internal status or the basis of the announcement. In such cases, it is advisable to file a complaint with the relevant data protection authority.

Recording Evidence in Cases of Unlawful Data Processing and Announcements

If personal information is disclosed about you after you have withdrawn consent for data processing, this is considered a violation of data protection laws. In such cases, it is useful to document the incident, for example through written or electronic communications, or—where legally permitted—via video or audio recordings.

During online meetings, such as Zoom sessions, it is relatively easy to capture video evidence showing that an announcement regarding you occurred at the end of a meeting. Tools like OBS Studio can be particularly useful for this purpose. Documenting these events helps demonstrate that the organization handled your data unlawfully and that the processing did not comply with legal requirements. Such evidence allows the individual to formally record the violation in any official proceedings and can support holding the organization accountable for compliance with data protection obligations.

Sample Letter for Reporting Unlawful Data Processing

To: Relevant Data Protection Authority or Other Official Supervisory Body

Dear Sir or Madam,

I, [Name], hereby submit an official complaint regarding the unauthorized processing of my personal data by a religious organization.

I previously withdrew my consent for the processing of my personal data, including my name, religious affiliation, membership, and any information regarding my status within the community. Despite this withdrawal, a public announcement was made about me within the congregation, making my personal data accessible to more than 50 individuals.

In my view, this constitutes the unauthorized processing and disclosure of personal data, for which there was neither consent nor any other legal basis. I am able to substantiate this violation with evidence, including audio or video recordings and written documentation.

I respectfully request that your office:

  • Investigate the circumstances of this matter,

  • Determine whether unlawful data processing has occurred,

  • Take all necessary measures to ensure compliance with applicable data protection laws.

I would appreciate your confirmation regarding the initiation of the investigation.

Sincerely,
[Name]
[Email Address]

An Important Precedent in Hungary

In Hungary, a similar case occurred where, despite individuals withdrawing consent for data processing, unauthorized congregational announcements were made about them, and negative character reports were submitted to the branch office.

As a result, four branch committee members, five other elders, and a circuit overseer were removed from leadership positions. This suggests that the organization can be highly vulnerable internally when legally verifiable and sensitive issues arise—particularly those that could affect its reputation before authorities or the public.

Szóljon hozzá

Az e-mail címet nem tesszük közzé. A kötelező mezőket * karakterrel jelöltük