Data Protection Law as a Tool Against Watchtower
Over the last decade, a new category of legal pressure has emerged against the Watchtower Bible and Tract Society of Jehovah's Witnesses: data protection law. Unlike traditional religious-freedom or child-welfare litigation, these cases do not ask courts to weigh theology or assess harm. They apply general-purpose privacy statutes — the EU's General Data Protection Regulation (GDPR), Brazil's Lei Geral de Proteção de Dados (LGPD), Mexico's Federal Law on the Protection of Personal Data Held by Private Parties (LFPDPPP), Canada's provincial PIPA, and their equivalents — to the personal and sensitive information Watchtower's discipline and ministry systems depend on. The landmark ruling was the Court of Justice of the European Union's 2018 decision in Tietosuojavaltuutettu v. Jehovan todistajat, which reclassified door-to-door note-taking as regulated data processing. In response, the organization quietly issued a May 2019 global directive ordering publishers across GDPR jurisdictions to stop keeping preaching records. Since then, formal actions and private ARCO/erasure revocations have reached Italy, Spain, Norway, the United Kingdom, Canada, Brazil, and Mexico. This article surveys the legal framework, the documented cases and regulator actions, and the pattern that has emerged.
Why Data Protection Law Reaches Religious Organizations
Modern data protection regimes share a common architecture: any organization that collects, stores, or processes personal data is a "data controller" subject to legal obligations, and the data subject retains enforceable rights — access, rectification, erasure, restriction, and (in most regimes) the right to withdraw consent at any time.[1] Religious beliefs, health data, and information about a person's sexual life are classified as "special categories" (GDPR Art. 9) or "sensitive personal data" and require a stricter legal basis for processing.[2]
Watchtower's own published framework acknowledges that it collects and processes exactly this category of data. The Global Data Protection Policy of Jehovah's Witnesses states that the organization processes "spiritual data, such as your date of baptism, 'anointed' or 'other sheep,' any role or assignment you have in the local congregation or within the Religious Organization, your field ministry activity, your spiritual status and any dates associated with that status."[3] The policy further asserts that "all Jehovah's Witnesses have consented to this by virtue of their free and willing decision to become and identify themselves as Jehovah's Witnesses" — an implied-consent claim that has been directly contested in several of the cases surveyed below.[4]
The legal tension is structural. The discipline and ministry systems — judicial committees, publisher record cards, field-service reports, disfellowshipping announcements — all depend on the unrestricted processing of religious and behavioral data. Data protection law gives individuals a statutory mechanism to withdraw consent and demand erasure of that data. When those rights are exercised, the organization's internal procedures can no longer run on their original assumptions.
Finland — The Foundational Precedent (2013–2023)
The first jurisdiction to apply general data protection law to Watchtower's ministry records was Finland.
The 2013 Finnish Data Protection Board Decision
On 17 September 2013, the Finnish Data Protection Board (Tietosuojalautakunta), acting on an application by the Data Protection Ombudsman, issued a prohibition against the Jehovah's Witnesses religious community (Jehovan todistajat — uskonnollinen yhdyskunta). The ruling barred the organization from collecting or processing personal data in the course of door-to-door preaching unless the requirements of the Finnish Personal Data Act — which transposed EU Directive 95/46/EC — were met, including the unambiguous consent of the data subject. No monetary fine was imposed; the remedy was a prohibitory injunction.[5]
The organization appealed. On 18 December 2014, the Helsinki Administrative Court annulled the Board's decision, holding that the religious community was not a "controller" of the data collected by individual publishers. The Ombudsman in turn appealed to Finland's Supreme Administrative Court, which referred key questions to the Court of Justice of the European Union.[6]
Court of Justice of the European Union, Case C-25/17 (2018)
On 10 July 2018, the Grand Chamber of the Court of Justice of the European Union (CJEU) issued its ruling in Tietosuojavaltuutettu v. Jehovan todistajat — uskonnollinen yhdyskunta (Case C-25/17). The court held:
- Door-to-door preaching by members of a religious community is not a "purely personal or household activity" exempt from the Directive, and is not covered by the exemption for activities outside the scope of EU law;[7]
- The notes publishers take during ministry constitute a "filing system" within the meaning of Article 2(c) of Directive 95/46, even if the data are not structured into formal sheets or lists;[8]
- A religious community is a controller, jointly with its members, of the personal data processed during ministry "organised, coordinated and encouraged" by the community, "without it being necessary that the community has access to those data, or to establish that that community has given its members written guidelines or instructions in relation to the data processing."[9]
Finnish Supreme Administrative Court and ECtHR
Following the CJEU preliminary ruling, Finland's Supreme Administrative Court (Korkein hallinto-oikeus) quashed the 2014 annulment and reinstated the 2013 Board prohibition. The organization challenged the decision before the European Court of Human Rights, which issued judgment in Jehovah's Witnesses v. Finland (Application No. 31172/19) on 9 May 2023, unanimously finding no violation of Article 6 (fair trial) or Article 9 (freedom of religion) of the Convention. The Court held that the consent requirement is "an appropriate and necessary safeguard with a view to preventing any communication or disclosure of personal and sensitive data."[10]
Coping with toxic family dynamics, estrangement, and rebuilding your life. For anyone dealing with the fallout of leaving a high-control group.
View on Amazon →The May 2019 Global Directive
On 13 May 2019, the Christian Congregation of Jehovah's Witnesses issued a letter to all congregations in GDPR jurisdictions. The operative instruction read:
"Publishers should not collect personal data in connection with the field ministry. This means not maintaining records that include a person's name, address, language, ethnicity, and so forth."[11]The only permitted exception was recording a date and address when a householder specifically requested no further visits. The directive superseded longstanding instructions (most recently consolidated in February 2014) that had required publishers to maintain organised records of return-visit interest.[12]
The letter applied to the approximately 1.3 million publishers then operating in GDPR-covered countries — more than one-sixth of the worldwide membership at the time. A copy was inadvertently sent to Zimbabwe, a non-GDPR jurisdiction, and rescinded within two days, confirming that the scope was driven by legal exposure rather than a broader theological reassessment.[13]
Italy — Garante Admonishment (2021)
On 25 February 2021, Italy's data protection authority — the Garante per la Protezione dei Dati Personali — issued decision No. 9574136 addressing the Congregazione Cristiana dei Testimoni di Geova. The decision was an admonishment (ammonimento) under Article 58(2)(b) GDPR rather than a monetary fine.[14]
The Garante found the organization's underlying processing was lawful under Articles 6(1)(f) (legitimate interest) and 9(2)(d) GDPR (religious association exception), but ordered the organization to improve transparency in responses to data subject rights requests — particularly regarding the distinction between dissociation and disfellowshipping, "fitness" evaluations, and public announcements that disclose sensitive data of removed members. Partial compliance with Article 15 access requests and inadequate handling of rectification and deletion requests from former members were identified as specific deficiencies.[14]
Spain — AEPD Fine Upheld by the Audiencia Nacional (2019–2020)
In February 2019, Spain's data protection authority — the Agencia Española de Protección de Datos (AEPD) — fined the Spanish association of Jehovah's Witnesses (Testigos Cristianos de Jehová) €10,000 for violations relating to two databases (Colaboradores and Consultores) maintained by the organization's Hospital Liaison Committees (Comités de Enlace con los Hospitales). The databases contained personal data of medical professionals — and by extension patients — compiled without the consent required under Spanish and EU data protection law.[15]
The complaint had been filed by a former Hospital Liaison Committee member from Cantabria. The organization appealed to the Audiencia Nacional, which on 13 December 2020 upheld the AEPD's penalty, finding that the organization had not demonstrated "the existence of valid consent" for the processing.[16]
This is, as of the date of this article, the only publicly documented post-GDPR monetary penalty imposed on a Jehovah's Witness corporate entity by a European data protection authority.
Norway — Datatilsynet and the 2025 Appeal
Separate from the wider Norwegian Religious Communities Act litigation, Norway's data protection authority (Datatilsynet) opened its own inquiry into Jehovah's Witnesses' data practices. In February 2021, the authority demanded the organization explain the legal basis for storing personal data collected by judicial committees — including sensitive information about members' sexual relationships. A follow-up information request was issued on 18 August 2022.[17]
On 11 April 2024, Datatilsynet closed the case, finding that Jehovas vitner had a legal basis under GDPR Articles 6(1)(f) and 9(2)(d)/(f) for continued storage and that the complainant had been granted access. The complainant appealed to the Privacy Appeals Board (Personvernnemnda), which on decision PVN-2024-28 partially overturned Datatilsynet, finding that the authority had not adequately investigated the collection and storage of information about the complainant's sexual relations, and remanded the case for further processing.[18]
No monetary fine was issued, but the remand reopened the substantive question of whether judicial-committee records of sexual conduct can lawfully be retained under the GDPR's special-category regime.
United Kingdom — Charity Commission and Joint Controllership
In the United Kingdom, the Watch Tower Bible and Tract Society of Britain is registered with the Information Commissioner's Office (registration Z4617720, registered 13 March 2000).[19] The organization's UK-specific data notice identifies Watch Tower as the data controller and the Kingdom Hall Trust as joint controller for congregation-level processing.[20]
The principal UK regulatory pressure has come not from the ICO but from the Charity Commission for England and Wales, whose statutory inquiry — opened in May 2014 and concluded on 4 August 2023 after nine years — found that by 2017 Watch Tower had "no role at all in safeguarding." The Commission characterised trustees' communications as "not as straightforward or transparent as they should have been" and "protracted," and opened a follow-on compliance case into the Kingdom Hall Trust, which absorbed more than 1,000 congregations in a March 2022 reorganisation.[21]
Germany — The Article 91 Internal Supervisor
Germany presents a distinctive model. Article 91 GDPR allows religious communities with pre-existing, comprehensive data protection rules to continue applying them under the supervision of an independent internal authority — provided those rules are "brought into line" with the GDPR. In Germany, Jehovah's Witnesses operate their own internal regulator, the Datenschutzaufsicht Jehovas Zeugen (Berlin), which functions as the supervisory authority for data processing by the organization in that country.[22]
No publicly documented enforcement action by the Federal Data Protection Commissioner (BfDI) specifically against Jehovah's Witnesses surfaced in the research for this article; Germany's regulatory architecture effectively internalises that supervision.
Canada — PIPA and the Wall / Westgarde Cases
In British Columbia, two former Jehovah's Witnesses — Gabriel Liberty Wall (Grand Forks congregation) and Gregory Lyle Westgarde (Coldstream congregation) — filed access requests under the provincial Personal Information Protection Act (PIPA). After the congregations refused, the BC Privacy Commissioner ordered the records produced.[23]
In a January 2024 ruling, the Supreme Court of British Columbia (Justice Steven Wilson) upheld the Commissioner's order, finding that while production represented an infringement of the elders' religious-freedom interest under Section 2(a) of the Canadian Charter of Rights and Freedoms, the infringement was justified because it "furthers the interests of society as a whole by ensuring access to their personal information."[24] The British Columbia Court of Appeal dismissed the congregations' appeal, and the Supreme Court of Canada has granted leave to hear the case.[25]
Brazil — LGPD and the Itaú de Minas Retraction Order
Brazil combines one of the world's strongest statutory data protection frameworks with the most dramatic documented court-ordered remedy to date.
The Lei Geral de Proteção de Dados (LGPD, Law 13,709/2018) entered into force on 18 September 2020 and is administered by the Autoridade Nacional de Proteção de Dados (ANPD). On 10 February 2022, Constitutional Amendment 115 added a new Article 5, LXXIX to the Brazilian Constitution, elevating data protection — including in digital media — to the status of a fundamental right.[26]
The Itaú de Minas Case (2024–2025)
In the municipality of Itaú de Minas, Minas Gerais, a couple facing judicial committee proceedings retained attorney Dr. Juliano de Henrique Mello, a former Witness. Before the disfellowshipping announcement was made, the wife had submitted a formal data subject access request to the Brazilian branch office under the LGPD. The branch confirmed it held seven categories of personal data — full name, CPF (national tax ID), date of birth, baptism date, mother's name, pioneer status, and disfellowshipping status. She formally revoked consent; the branch replied that it would continue processing "according to the legitimate religious interests of the organization whenever necessary."[27]
The husband personally delivered a disassociation notification to the elders, invoking the LGPD and prohibiting any public announcement using his name. The elders announced the disassociation and the wife's disfellowshipping at the end of the same meeting, and the announcement was filmed.[28]
The case was heard by Judge Ângelo de Almeida of the Vara Única de Pratápolis, Minas Gerais. During the hearing, the judge called the youngest of the named elders to testify on his own initiative. The elder testified that Witnesses face no punishment for maintaining contact with former members; Dr. Juliano then read from the confidential elders' manual Shepherd the Flock of God, which classifies continued association with a disfellowshipped person as a "grave sin" potentially leading to disfellowshipping. The elder was unable to reconcile the testimony with the manual and ultimately said, "I don't remember the question."[29]
Evidence submitted to the court included security-camera footage from a local bank showing an elder physically avoiding the husband, and supermarket witness testimony regarding congregation members refusing to acknowledge the father while he held his daughter, who has special needs. Non-Witness bystanders agreed to testify.[30]
On the basis of four pillars of Brazilian civil liability — conduct, damage, causal link, and fault — Judge de Almeida ruled against Watchtower and three named elders. He ordered them to read a court-drafted retraction at the first congregation meeting after the sentence becomes final, with a daily fine of R$500 for non-compliance. The operative part of the ordered announcement includes:
"By judicial decision, we inform you that the public announcements of the disassociation violated the Constitution of the Federative Republic of Brazil due to the fundamental principles of the dignity of the human person, freedom of association and religious belief, and the inviolability of privacy, private life, honor, and image of individuals. Therefore, we inform you that every Jehovah's Witness is free to decide whether or not to have social contact with the named individuals, and therefore no one, I repeat, no one will be subjected to any type of punishment or reprisal because of their decision, since the restriction of social contact with a disfellowshipped person is not foreseen in the congregation's bylaws."[31]In his reasoning, the judge characterised the announcement as "purely and simply a summons for the faithful of the church to stop socializing with the disassociated person," and noted that Article 4 of Watch Tower's own Brazilian bylaws provides that membership ceases on receipt of a resignation notice, with no provision for a public announcement.[32]
Watchtower appealed. Oral arguments before the appellate panel (second instance) were scheduled for April 2026. The hearing is closed to the public. If upheld, the ruling becomes a binding second-instance precedent in the state of Minas Gerais, potentially available as persuasive authority for any former Witness in Brazil publicly announced against their will.[33]
Mexico — LFPDPPP, ARCO Rights, and the 2026 Elder Case
Mexico's principal data protection statute for private parties is the Ley Federal de Protección de Datos Personales en Posesión de los Particulares (LFPDPPP), originally enacted in July 2010 and substantially reformed by decree published in the Federal Official Gazette on 20 March 2025 (in force 21 March 2025).[34] The law derives its authority from Article 16 of the Mexican Constitution, which recognises the so-called ARCO rights — Access, Rectification, Cancellation, and Opposition — plus the right to revoke consent at any time. Religious beliefs are classified as sensitive personal data requiring express, written consent.[35]
Mexico's constitutional protection for private communications is distinct from, and reinforces, its data-protection framework. Article 16 guarantees the inviolability of private communications; Article 177 of the Federal Criminal Code punishes unauthorised interception by six to twelve years' imprisonment, and Article 211 Bis extends the same penalty to anyone who reveals, discloses, or improperly uses information obtained through such interception.[36]
The February 2026 Mexico City Case
On 14 February 2026, a serving elder in Mexico City met with two other elders and delivered two documents: a resignation from his appointment as elder, and a ten-page instrument titled "Revocation of Consent for the Processing of Personal and Sensitive Data; Express Opposition to the Use of Information Obtained Through Intervention or Spying on Private Communications." The document revoked all consent — verbal, written, and implied — for data processing by the congregation, the Branch, and any affiliated entity; expressly prohibited use of communications, images, audio, video, or screenshots as evidence in internal proceedings where the material was obtained through unauthorised access; and cited Articles 177 and 211 Bis of the Federal Criminal Code. Annexes quoted the Shepherd the Flock of God manual's own warning to elders that "images or audio or video recordings are not acceptable evidence of wrongdoing. Such material could have inappropriate content and even expose the elders to legal issues."[37]
The elder recorded the meeting. The audio, portions of which were subsequently released with the individual's consent and personal details removed, captures the elders declining to sign an acknowledgment of receipt without instructions "from above," attempting unsuccessfully to redirect the conversation to spiritual topics, and asking at one point whether the meeting was being recorded.[38]
On 17 February 2026, three days later, the Branch's Data Protection Officer for Central America acknowledged receipt and requested identity verification. Identity was verified on 18 February. On 6 March 2026, on official Congregación Cristiana de los Testigos de Jehová letterhead, the Branch confirmed deletion, from both central and local records, of the individual's address, phone number, sex, email, ministry field-service figures, marital status, all current and past appointments, and elder school invitations and records. The Branch retained only his name, date of birth, baptism date, and the fact of his baptised-publisher status, citing "legitimate interest" and 1 Corinthians 5:11–13. The letter made no reference to any disciplinary proceeding, judicial committee, or alleged wrongdoing.[39]
Primary documentation of this case — including the revocation letter, the Branch's response letters, and the meeting audio — was provided to independent researchers by the individual, who has requested anonymity. Reproductions with personal details redacted have been made publicly available.[40]
The Pattern
Across these jurisdictions, a consistent pattern emerges.
First, data protection law bypasses the religious-freedom argument that has historically protected Watchtower's internal discipline and ministry practices in court. Rather than asking whether shunning or disfellowshipping is a protected religious exercise, data protection law asks a narrower, more tractable question: does the organization have a lawful basis to process this particular person's personal data, and has that person exercised a statutory right that modifies the basis? The religious-freedom defence has succeeded in some cases (Italy, the 2024 initial Datatilsynet decision) and failed in others (Finland, Spain, Canada, the first-instance Brazilian ruling).
Second, the consequences observed to date span a spectrum. Behaviour change has been the most consistent outcome: the May 2019 directive removed field-ministry records for roughly 1.3 million publishers across Europe. Monetary penalty has occurred in only one confirmed post-GDPR case (Spain, €10,000 upheld on appeal). Formal admonishments (Italy), mandatory document production (Canada), reopened investigations (Norway), and court-ordered retractions (Brazil, first instance) have each occurred once. Individually negotiated data-deletion settlements — such as the Mexico 2026 case — may be more common than the public record suggests, since they do not require litigation and do not typically produce reported decisions.
Third, the organization's defensive posture has evolved. In Germany, Article 91 GDPR is leveraged to internalise supervision. In Italy and Norway, legitimate-interest and religious-association exceptions (Articles 6(1)(f) and 9(2)(d) GDPR) have been invoked successfully. In Brazil and Mexico, compliance has been partial and quiet: data deleted where demanded, discipline records adjusted, but without public acknowledgment that the organization's systems are in tension with the law.
Finally, for individuals, the practical significance is that data protection law provides a procedural lever that does not require proving spiritual harm, contesting doctrine, or testifying publicly. The lever operates before a disciplinary announcement rather than after it. Whether this changes the shape of Watchtower's discipline system globally — or only in the jurisdictions where it has been tested — is the open question the Brazilian appeal, the Norwegian remand, and the Canadian Supreme Court case will partially answer.
See Also
- The Norway Legal Battle (2021–Present) — Parallel Norwegian litigation under the Religious Communities Act
- Disfellowshipping & Shunning — Complete History — The practice targeted by most data protection actions
- Judicial Committees — Internal Tribunals — The internal process that generates the contested records
- The Shepherd the Flock of God Book — The elders' manual cited in several of the cases above
- Legal Battles & Financial Penalties — Broader legal landscape beyond data protection
References
1. ↩ Regulation (EU) 2016/679 (General Data Protection Regulation), Articles 5–22. [eur-lex.europa.eu]
2. ↩ GDPR, Article 9(1)–(2): special categories of personal data, including "data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs… data concerning health or data concerning a natural person's sex life or sexual orientation." [gdpr-info.eu]
3. ↩ Use of Personal Data — Mexico, JW.org privacy notice: "Spiritual data, such as your date of baptism, 'anointed' or 'other sheep,' any role or assignment you have in the local congregation or within the Religious Organization, your field ministry activity, your spiritual status and any dates associated with that status…" [jw.org]
4. ↩ Global Data Protection Policy of Jehovah's Witnesses, JW.org: "All Jehovah's Witnesses have consented to this by virtue of their free and willing decision to become and identify themselves as Jehovah's Witnesses." [jw.org]
5. ↩ Finnish Data Protection Board (Tietosuojalautakunta), decision of 17 September 2013, summarised in the background to CJEU Case C-25/17. [gdprhub.eu] See also Tietosuojavaltuutettu (Finnish Data Protection Ombudsman) case summary. [tietosuoja.fi]
6. ↩ Helsinki Administrative Court annulment, 18 December 2014; procedural history summarised in CJEU C-25/17 judgment paragraphs 11–22. [eur-lex.europa.eu]
7. ↩ CJEU, Tietosuojavaltuutettu v. Jehovan todistajat, Case C-25/17, judgment of 10 July 2018 (Grand Chamber), paragraph 51 and operative part point 1. [eur-lex.europa.eu]
8. ↩ CJEU C-25/17, paragraph 62 and operative part point 2. [eur-lex.europa.eu (PDF)]
9. ↩ CJEU C-25/17, paragraph 75 and operative part point 3. [bailii.org]
10. ↩ Jehovah's Witnesses v. Finland, European Court of Human Rights, Application No. 31172/19, judgment of 9 May 2023 (Second Section), paragraph 95. [hudoc.echr.coe.int] See also analysis at Law & Religion UK. [lawandreligionuk.com]
11. ↩ Christian Congregation of Jehovah's Witnesses, letter to all congregations (GDPR jurisdictions), 13 May 2019. Full text available in leaked-document archive. [avoidjw.org]
12. ↩ "Jehovah's Witnesses Overhaul Proselytizing Procedures in Response to EU Regulation," Truth and Transparency Foundation, 16 May 2019: comparison with February 2014 field-ministry record-keeping guidance. [truthandtransparency.org]
13. ↩ AvoidJW.org archive and Truth and Transparency Foundation reporting: directive inadvertently sent to Zimbabwe and rescinded after two days; scope limited to GDPR countries covering approximately 1.3 million of ~8.4 million publishers worldwide at the time. [avoidjw.org]
14. ↩ Garante per la Protezione dei Dati Personali, Provvedimento n. 9574136, 25 February 2021: ammonimento under GDPR Article 58(2)(b) to the Congregazione Cristiana dei Testimoni di Geova. [garanteprivacy.it]
15. ↩ "Multa de 5.000 euros a los Testigos de Jehová por tratamiento indebido de datos personales," Ayuda Ley Protección de Datos, February 2019 (initial AEPD decision reporting). [ayudaleyprotecciondatos.es] See also "Multan de 10.000 € a Testigos de Jehová por usar datos médicos sin permiso," Redacción Médica. [redaccionmedica.com]
16. ↩ Audiencia Nacional, Sala de lo Contencioso-Administrativo, ruling of 13 December 2020 upholding the AEPD penalty; reported in "Confirman la multa a Testigos de Jehová por uso de datos médicos sin permiso," elDiario.es / Cantabria. [eldiario.es]
17. ↩ "Krever redegjørelse fra Jehovas vitner," Datatilsynet press release, February 2021. [datatilsynet.no] Follow-up request: "Datatilsynet krever svar fra Jehovas vitner," Dagsavisen, 7 October 2022. [dagsavisen.no]
18. ↩ Datatilsynet case closure, 11 April 2024; Personvernnemnda decision PVN-2024-28 remanding the case for further investigation of sexual-conduct data processing. [personvernnemnda.no (PDF)]
19. ↩ UK Information Commissioner's Office registration: Watch Tower Bible and Tract Society of Britain, registration number Z4617720, registered 13 March 2000 (Tier 1). [ico.org.uk]
20. ↩ Use of Personal Data — United Kingdom, JW.org privacy notice, identifying Watch Tower Bible and Tract Society of Britain (Chelmsford) as data controller and Kingdom Hall Trust as joint controller. [jw.org]
21. ↩ "Watchdog reports on investigation into Watch Tower Bible and Tract Society of Britain," UK Government Charity Commission, 4 August 2023. [gov.uk] See also "Regulator concludes inquiry into Watch Tower Bible after nine years," Civil Society. [civilsociety.co.uk]
22. ↩ GDPR Article 91: "existing data protection rules of churches and religious associations." Datenschutzaufsicht Jehovas Zeugen, Berlin — internal supervisory authority for data processing by Jehovah's Witnesses in Germany. [datenschutz-jehovaszeugen.de] See also country addendum at [jw.org].
23. ↩ Office of the Information and Privacy Commissioner for British Columbia, Order F23-75 (and related orders), requiring Jehovah's Witness congregations to produce personal information to requesters under the provincial Personal Information Protection Act. [oipc.bc.ca]
24. ↩ Supreme Court of British Columbia, judgment of Justice Steven Wilson (January 2024), upholding the Commissioner's production order against religious-freedom challenge under Charter Section 2(a). Quotation from Wilson J. as reported in "B.C. court decides Jehovah's Witnesses must turn over church records to privacy commissioner," ARPA Canada. [arpacanada.ca] See also CBC News coverage. [cbc.ca]
25. ↩ British Columbia Court of Appeal dismissal of the congregations' appeal; Supreme Court of Canada grant of leave. [bchumanist.ca] See also "Jehovah's Witnesses privacy case heading to Supreme Court of Canada," CBC News. [cbc.ca]
26. ↩ LGPD (Law 13,709/2018), in force 18 September 2020; Constitutional Amendment 115/2022 of 10 February 2022 adding Article 5, LXXIX. See "Brazil Amends Constitution to List Privacy as a Fundamental Right," Mobile Ecosystem Forum. [mobileecosystemforum.com] Also Agência Brasil. [agenciabrasil.ebc.com.br]
27. ↩ Dr. Juliano de Henrique Mello, live stream interview with Edson Reis, 1 March 2025, describing the LGPD access request, the seven categories of data held by the Brazilian branch, and the branch's "legitimate religious interests" response. [youtube.com]
28. ↩ Dr. Juliano de Henrique Mello, blog post, 3 March 2025, and 1 March 2025 live stream: delivery of disassociation notification at the Kingdom Hall, the elders' announcement despite the notification, and Dr. Juliano's video recording. [julianohmello.com.br]
29. ↩ 1 March 2025 live stream: judge's decision on own initiative to call the youngest elder to testify; elder's collapse under questioning with reference to Shepherd the Flock of God, Chapter 12. Quotation ("I don't remember the question") per attorney's firsthand account. [youtube.com]
30. ↩ Attorney's description of evidence submitted to the court, 1 March 2025 live stream: bank security-camera footage of an elder's physical avoidance; supermarket incident involving the daughter with special needs; non-Witness bystanders agreeing to testify. [youtube.com]
31. ↩ Operative part of the sentence of Judge Ângelo de Almeida, Vara Única de Pratápolis, MG, as read aloud on 1 March 2025 live stream, including the court-ordered retraction and daily fine of R$500 for non-compliance. [youtube.com]
32. ↩ Judicial reasoning, read aloud on 1 March 2025 live stream: characterisation of the announcement as a "summons… to stop socializing" and Article 4 of the Watch Tower Bible and Tract Society's Brazilian bylaws. [youtube.com]
33. ↩ Dr. Juliano de Henrique Mello, interview with Brazilian ex-JW channel, 29 March 2026: confirmation of April 2026 oral arguments before the appellate panel, closed hearing, and potential for the ruling to become binding second-instance precedent if upheld. [youtube.com]
34. ↩ Federal Official Gazette of Mexico, Decree published 20 March 2025 reforming the LFPDPPP, entering into force 21 March 2025. Analysis: "Mexico Enacts New Data Protection Regime," White & Case. [whitecase.com] See also "Mexico: From 2010 to 2025 — Evolution of the New LFPDPPP," Baker McKenzie. [bakermckenzie.com]
35. ↩ Political Constitution of the United Mexican States, Article 16: "Every person has the right to the protection of their personal data, access, rectification and cancellation thereof, as well as to express their opposition." [constituteproject.org] Classification of religious beliefs as sensitive data confirmed in JW.org's own Mexico privacy notice. [jw.org]
36. ↩ Código Penal Federal, Article 177 (Justia México): interception of private communications without judicial warrant punishable by six to twelve years' imprisonment. [mexico.justia.com] Article 211 Bis: same penalty for revealing, disclosing, or improperly using information obtained through such interception. [mexico.justia.com]
37. ↩ Anonymous source (serving elder in Mexico City); revocation letter dated 14 February 2026, with Technical Annexes quoting Shepherd the Flock of God, Chapter 6, paragraph 4: "Generally, images or audio or video recordings are not acceptable evidence of wrongdoing. Such material could have inappropriate content and even expose the elders to legal issues." Reproduction provided by the source to independent researchers with personal details removed.
38. ↩ Audio recording of the 14 February 2026 meeting, Spanish, provided by the anonymous source to independent researchers; portions released with personal details redacted.
39. ↩ Reproductions of Branch correspondence dated 17 February 2026, 18 February 2026, and 6 March 2026, on official Congregación Cristiana de los Testigos de Jehová letterhead. 6 March 2026 letter cites 1 Corinthians 5:11–13 as the basis for retaining minimal identifying data and contains no reference to any disciplinary proceeding.
40. ↩ Case documentation — revocation letter, Branch responses, and meeting audio — provided by the individual, who has requested anonymity. Reproductions with personal details redacted are publicly available through independent ex-JW researchers; the underlying originals remain with the source.
