Something that GDPR is clear about is:
- Prior to a person's consenting to share information, the organization must be clear about what they will do with their private data. I don't think any JW is informed on the day of his baptism that such a thing takes place. As per new regulations, ideally the JW baptizer will have to get a "yes" to a question like "Are you willing to have your information recorded including hours spent, magazines distributed etc? Further, do you consent to have this information and associated comments shared between congregations when necessary?"
The current Policy saying that "....all Jehovah’s Witnesses have consented by virtue of their free and willing decision to become and identify themselves as Jehovah’s Witnesses." should not stand
- GDPR is also clear that any legacy private information stored by the Organization will now need clear (potentially written) consent. I am hoping this means that if they fail to obtain such consent, they will need to destroy data from those of us who are trying to disappear.