Europäisches Datenschutzrecht und die Kirchen [1 ed.] 9783428479368, 9783428079360

Citation preview

Schriften zum Recht des Informationsverkehrs und der Informationstechnik

Band 9

Europäisches Datenschutzrecht und die Kirchen Herausgegeben von

Gerhard Robbers

Duncker & Humblot · Berlin

Europäisches Datenschutzrecht und die Kirchen

Schriften zum Recht des Informationsverkehrs und der Informationstechnik Herausgegeben von Prof. Dr. Horst Ehmann und Prof. Dr. Rainer Pitschas

Band 9

Europäisches Datenschutzrecht und die Kirchen

herausgegeben von

Gerhard Robbers

Duncker & Humblot · Berlin

Die Deutsche Bibliothek - CIP-Einheitsaufnahme

Europäisches Datenschutzrecht und die Kirchen / hrsg. von Gerhard Robbers. - Berlin : Duncker und Humblot, 1994 (Schriften zum Recht des Informationsverkehrs und der Informationstechnik; Bd. 9) ISBN 3-428-07936-1 NE: Robbers, Gerhard [Hrsg.]; GT

Alle Rechte, auch die des auszugsweisen Nachdrucks, der fotomechanischen Wiedergabe und der Übersetzung, für sämtliche Beiträge vorbehalten © 1994 Duncker & Humblot GmbH, Berlin Fotoprint: Werner Hildebrand, Berlin Printed in Germany ISSN 0940-1172 ISBN 3-428-07936-1 Gedruckt auf alterungsbeständigem (säurefreiem) Papier gemäß der ANSI-Norm für Bibliotheken

Vorwort Das Recht der Europäischen Union hat heute intensive Auswirkungen auch auf das Staatskirchenrecht ihrer Mitgliedstaaten. Die Entwürfe einer Datenschutzrichtlinie der Europäischen Gemeinschaft zeigen dies besonders deutlich. Die notwendige Harmonisierung des Datenschutzrechts stößt für manchen unerwartet auf eine Vielfalt staatskirchenrechtlicher Systeme mit ihren historischen Wurzeln und kulturellen Bindungen. Dabei entstehen schwierige Probleme des angemessenen Ausgleichs legitimer rechtlicher Interessen von der Gewährleistung individueller Rechte auf Datenschutz und Glaubensfreiheit bis hin zum Selbstbestimmungsrecht der Religionsgemeinschaften. Sie zu erfassen und Lösungsmöglichkeiten zu suchen war Ziel einer Tagung an der Universität Trier vom 25. - 27. Juni 1993, auf der Vertreter der Europäischen Kommission, Experten des Staatskirchenrechts und des Datenschutzrechts aller Mitgliedstaaten der Europäischen Union, Datenschutzbeauftragte und Kirchenvertreter miteinander diskutierten. Die für dieses Treffen erarbeiteten Berichte sind hier zusammengefaßt. Meinen Mitarbeitern an der Forschungsstelle für Europäisches Verfassungsrecht danke ich für ihre Hilfe, besonders Herrn Ralf Rütter, der die Hauptlast der Redaktionsarbeiten getragen hat.

Trier, im August 1994 Gerhard Robbers

Inhaltsverzeichnis

1. Ferdinand Kopp: Der Entwurf einer Datenschutzrichtlinie der Europäischen Gemeinschaft

9

2. Rik Torfs: Survey on Data Protection and Churches in Belgium

13

3. Jorgen Stenbaek: Personendatenschutz in Dänemark

29

4. Gerhard Robbers: Das Datenschutzrecht und die Kirchen in der Bundesrepublik Deutschland

33

5. Philippos C. Spyropoulos: Datenschutz und die Kirchen in Griechenland

45

6. Agustin Motilla: Data Protection and the Churches in Spain

51

7. a) Anne Carblanc: La protection des données en France et les Églises

73

b) JeanDuffar: La protection des données et les Églises en France

81

8. Anthony Kerr: Data Protection and the Churches in Ireland

85

9. Silvio Ferrari: Data Protection Law and the Churches in Italy

91

10. Alexis Pauly: Rapport luxembourgeois sur la protection des données informatiques et les Églises dans les États membres de la Communauté européenne

99

11. Sophie C. van Bijsterveld: Datenschutzgesetzgebung und die Kirchen in den Niederlanden

107

12. Jorge Bacelar Gouveia: European Data Protection and Churches in Portugal

127

13. Norman Doe: Churches in the United Kingdom and the Law of Data Protection

167

14. Gerhard Robbers: Generalbericht: Datenschutzrecht in der Europäischen Union und die Kirchen

185

Autorenverzeichnis

191

Der Entwurf einer Datenschutzrichtlinie der Europäischen Gemeinschaft Von Ferdinand Kopp, Brüssel Das Thema der Tagung "Datenschutz in der Europäischen Gemeinschaft und die Kirchen" betrifft ein wichtiges Kernproblem, mit dem sich auch die Europäische Kommission bei ihren Arbeiten am EG-Richtliriienentwurf zum Datenschutz eingehend auseinandergesetzt hat. Es geht bei diesem Thema nicht bloß um datenschutzrechtliche Probleme, sondern vielmehr auch um fundamentale verfassungsrechtliche Probleme, die sich in der Frage zum Verhältnis zwischen Staat und Kirche zuspitzen. Diese Probleme machen vor der Europäischen Union nicht halt! Je stärker die europäische Integration voranschreitet, desto dringender werden offensichtlich Lösungen und Entscheidungen von verfassungsrechtlichen Fragen auch auf Unions-Ebene. Ansätze hierzu bietet der Vertrag zur Europäischen Union vom 7. Februar 19921, der in Artikel F ein ausdrückliches Bekenntnis der Union zu den Grund und Menschenrechten beinhaltet, wie sie in der am 4. November 1950 in Rom unterzeichneten Europäischen Konvention zum Schutze der Menschenrechte und Grundfreiheiten gewährleistet sind und wie sie sich aus den gemeinsamen Verfassungsüberlieferungen der Mitgliedstaaten als allgemeine Grundsätze des Gemeinschaftsrechts ergeben. In Hinblick auf die geplante Datenschutzrichtlinie2 erscheint es daher von hohem Interesse, die gemeinsamen Verfassungsüberlieferungen der Mitgliedstaaten zur Stellung der Kirchen im Staat herauszuarbeiten, damit diese gebührende Berücksichtigung bei den weiteren Beratungen finden können. Der Entwurf der Richtlinie, den die Kommission im Oktober 1992 vorgelegt hat, wird nämlich zur Zeit intensiv in der Arbeitsgruppe des Rates von den Delegationen, die von den Regierungen der Mitgliedstaaten entsandt werden, diskutiert. Ein 1

Sog. "Maastrichter Vertrag", abgedruckt in AB1EG Nr. C 224 vom 31. August 1992. Dokument K O M (92) 422 endg. - SYS 287 vom 15. Oktober 1992; ohne Text der Begründung abgedruckt in AB1EG Nr. C 311 vom 27. November 1992, S. 30 ff.; s. hierzu auch Kopp, RDV 1993, S. 1 ff. 2

Ferdinand Kopp

10

Text für den "gemeinsamen Standpunkt" des Rates soll bis spätestens Ende 1994 vorliegen. Die Notwendigkeit einer Richtlinie wird von keinem Mitgliedsland ernsthaft in Zweifel gezogen. Zu sehr schwellen bereits heute die transnationalen Datenflüsse zwischen den Wirtschaftsunternehmen und zwischen den Verwaltungen der Mitgliedstaaten im Zuge der Verwirklichung des Europäischen Binnenmarktes an. Man denke nur an die umfangreichen, von der EG geförderten Datennetze und Datenbanken oder die Datenaustausche bei der Zoll-, Steuer- oder Sozialverwaltung, um nur ein paar markante Beispiele zu nennen. Dasselbe gilt für die zunehmende Zusammenarbeit von Wirtschaftsunternehmen über die Grenzen hinweg mit dem ganzen dazugehörenden Austausch personenbezogener Daten für die Personal-, Kunden- und Lieferanten Verwaltung. Ziel der Richtlinie ist eine Harmonisierung des Datenschutzrechts in sämtlichen Mitgliedstaaten der Europäischen Union. Die Harmonisierung soll ungehinderten, freien Datenverkehr zwischen allen Mitgliedstaaten gewährleisten sowie Rechtssicherheit im Datenverkehr mit Staaten außerhalb der Europäischen Union schaffen. Der freie Datenaustausch ist eine notwendige Voraussetzung zur Verwirklichung der vier im EG-Vertrag garantierten Grundfreiheiten, die da sind: freier Personen-, Dienstleistungs-, Waren- und Kapitalverkehr. Personenbezogene Daten, die zwischen den Mitgliedstaaten ausgetauscht werden, ergeben sich bei der praktischen Realisierung dieser Grundfreiheiten unausweichlich. Die Harmonisierung soll Datenschutz auf hohem Niveau bringen. Datenaustausch und Datenschutz werden als Einheit verstanden - als zwei Seiten ein und derselben Medaille. Ohne entsprechenden Datenschutz kann es keinen ungehinderten, freien Datenverkehr in Europa geben. Mit seinem Bezug zu verfassungsrechtlichen Grundprinzipien wie Menschenwürde und Demokratie muß dem Recht auf informationelle Selbstbestimmung eine besondere Bedeutung zukommen3. Wie die Datenschutzkonvention des Europarates aus dem Jahre 19814 geht der Richtlinienentwurf daher von der Vorstellung eines grundsätzlich gleichartigen Schutzbedarfs in allen Bereichen aus. 3

Dammann, Da5 neue Bundesdatenschutzgesetz und die öffentlich-rechtlichen Religionsgesellschaften, N V w Z 1992, 1149.

Der Entwurf einer Datenschutzrichtlinie der Europäischen Gemeinschaft

11

Aufbauend auf der Europaratskonvention gibt der Richtlinienentwurf Rahmenvorgaben zu drei wesentlichen Aspekten des Datenschutzes: 1. zu den allgemeinen Bedingungen für die Rechtmäßigkeit einer Verarbeitung personenbezogener Daten, 2. zu den Informationsrechten und sonstigen Rechten der betroffenen Personen und 3. zur öffentlichen Transparenz und Kontrolle der Datenverarbeitung. Bei letzterem geht es vor allem um das Meldeverfahren und die Stellung und Befugnisse der Kontrollbehörden. Dieser Ansatz ist zweifellos ein laizistischer, wenn ich so sagen darf. Dies ist jedoch allen "staatlichen" Gesetzen gemein. Der Richtlinienvorschlag will nicht das Verhältnis Kirche-Staat regeln, sondern er will allgemeine Regeln des Datenschutzes in Europa aufstellen. Wie die Europaratskonvention, die die Beitrittsstaaten - hierunter Deutschland - verpflichtet, die aufgestellten Grundsätze durch die erforderlichen Maßnahmen in ihrem innerstaatlichen Recht zu verwirklichen (Art. 4 I), wendet sich die Richtlinie an die EG-Mitgliedstaaten. Für diese ist sie hinsichtlich der Ziele verbindlich. Sie gibt eine ausfüllungsbedürftige Marge vor. Die Mitgliedstaaten müssen dafür sorgen, daß die in der Richtlinie aufgestellten Forderungen in innerstaatliches Recht umgesetzt werden. Die Wahl der Form und der Mittel zur Erreichung der in der Richtlinie vorgegebenen Ziele bleibt grundsätzlich den Mitgliedstaaten überlassen5. Bei der Umsetzung müssen freilich die gemeinsamen Grundwerte bzw. allgemeinen Rechtsgrundsätze, die den Verfassungsüberlieferungen der Mitgliedstaaten gemeinsam sind, also insbesondere die Grund- und Menschenrechte, in jedem Fall beachtet werden6. Einer dieser Grundwerte ist die Religionsfreiheit. Diese umfaßt notwendigerweise auch den institutionellen, organisatorischen

4

Konvention 108 - Übereinkommen zum Schutz des Menschen bei der automatischen Verarbeitung personenbezogener Daten vom 28. Januar 1981, BGBl. II 1985, 538, abgedr. in Dammann/Simitis, Bundesdatenschutzgesetz, 6. Auflage 1993. 5 Vgl. Artikel 189 EG-Vertrag sowie die Presseerklärung der Kommission zum geänderten Entwurf der Datenschutzrichtlinie, Ρ 59 vom 23. Oktober 1992. 6

Als allgemeine Grundsätze des Gemeinschaftsrechts sind die Grundrechte, wie sie in der Europäischen Menschenrechtskonvention vom 4. November 1950 gewährleistet sind und wie sie sich aus den gemeinsamen Verfassungsüberlieferungen der Mitgliedstaaten ergeben, sowohl für das Gemeinschaftshandeln als auch für die Mitgliedstaaten verbindlich, vgl. Geiger, EG-Vertrag, 1993, Art. 164, Rdnr. 15 f., 17 und 32 ff. sowie Artikel F Absatz 2 des Maastrichter Vertrages.

Ferdinand Kopp

12

Zusammenschluß der Gläubigen7. Zwischen den Erfordernissen des Datenschutzes als Ausfluß des in Deutschland aus der Menschenwürde und dem allgemeinen Freiheitsrecht bzw. aus dem allgemeinen Persönlichkeitsrecht hergeleiteten informationellen Selbstbestimmungsrechts8 auf der einen Seite und, auf der anderen Seite, der Religionsfreiheit in seiner institutionell-organisatorischen Ausprägung, was auch das Recht der Religionsgesellschaft umfaßt, ihre Angelegenheiten selbständig innerhalb der Schranken der für alle geltenden Gesetze zu ordnen und zu verwalten - wie Artikel 140 GG i.V.m. Artikel 137 III 1 WRV formuliert - , kann es zu einer Art Grundrechtskollision kommen, die gegebenenfalls der einzelstaatliche Gesetzgeber bei der detaillierten Umsetzung der Richtlinie seiner Verfassungstradition entsprechend so ausgleichen muß, daß die betroffenen Grundrechte jeweils zu optimaler Wirksamkeit gelangen (Prinzip der praktischen Konkordanz)9. Artikel F des Vertrages über die Europäische Union, der von der Achtung der nationalen Identität der Mitgliedstaaten spricht, unterstreicht in diesem Zusammenhang das Recht der Mitgliedstaaten auf nationale Besonderheiten, die geschichtlich entstanden und begründet sind. Nicht zuletzt wegen der nationalen Besonderheiten und der unterschiedlichen Ansätze in den Mitgliedstaaten bei der Lösung des Verhältnisses KircheStaat handelt es sich bei der Problematik "Datenschutz in der EG und die Kirchen" um äußerst schwieriges Terrain, für das es wohl auch keine allgemein gültigen europäischen Patentformeln gibt. Umso gespannter bin ich deshalb auf Ihre Beiträge aus den Mitgliedstaaten und erhoffe, für mich und die weiteren Arbeiten an der EG-Datenschutzrichtlinie wertvolle Anregungen mit nach Brüssel nehmen zu können.

7 Vgl. Frowein, Die Bedeutung des die Gedanken-, Gewissens- und Religionsfreiheit garantierenden Artikels 9 der Europäischen Menschenrechtskonvention, in Essener Gespräche zum Thema Staat und Kirche, Band 27, hg. von Heinemann/Marré , 1993, S. 46, 49, 55, 60, 70; ders., Freedom of Religion in the Practice of the European Commission and Court of Human Rights, ZaöRV 46 (1986), S. 249, 255; s. auch Robbers , in Essener Gespräche, Band 27, S. 120 f.: ..., daß die institutionelle Seite Ausfluß der individualrechtlichen Gehalte der Religionsfreiheit ist, daß aber die institutionelle Ausformung dieses Rechts ein weiteres hinzuträgt zum Umfang von Religionsfreiheit. ... Die institutionelle Ausformung hat Rückwirkungen auch auf die individuelle Religionsfreiheit. 8

Vgl. BVerfGE 65, 1 ff. Zum Prinzip der praktischen Konkordanz siehe Hesse, Grundzüge des Verfassungsrechts der Bundesrepublik Deutschland, 18. Auflage 1991, Rdnr. 72 m.w.N. 9

Survey on Data Protection and Churches in Belgium By Rik Torfs, Leuven 1. Church and State in Belgium: the System Church and State relationships in Belgium are largely governed by the Constitution of 1831, an historic compromise between catholics and liberals. Constitutional rights and liberties also apply to religious matters, as regards for example freedom of education (art. 24) or freedom of press (art. 25). But the Constitution also specifically provides the freedom of religion as such. Four specific articles are dealing with this topic1. Freedom of worship and its free and public practice are guaranteed under article 19 of the Constitution, with the exception of punishment of criminal offences committed in the exercise of these freedoms. The negative counterpart of article 19 is formulated by article 20: no person may be forced to participate in any way in the acts of worship or rites of any religion or to respect its days of rest. Article 21 stresses that the State has no right to interfere with the appointment or induction of the ministers of any cult, or to forbid them to correspond with their church authorities or to publish the latter's acts, exception made for the ordinary rules of liability concerning the use of the press and publications. The article is generally interpreted as an affirmation of the freedom of internal ecclesiastical organisation. It contains at the same time an exception on this principle by providing that the civil marriage must always precede the religious marriage ceremony, with the exception of specific cases established by law. Finally, article 181 says that the salaries and pensions of the ministers of the cult should be taken care of by the State budget.

1 A summary of the relationship between Church and State is offered by Van Haegendoren, G. and Alen, A"The Constitutional Relationship between Church and State", in Alert, A. (ed.), Treatise on Belgian Constitutional Law, Deventer/Boston, Kluwer, 1992, 265 - 268.

Rik Torfs

14

A brief analysis of these four articles clearly shows that the Belgian Church and State system is not characterized by a strict separation between both instances. The notion distinction would be more appropriate, as various forms of collaboration or contact are constitutionally settled.

2. Self-Government of Religious Communities Article 21 of the Constitution always has been considered as a solid juridical basis for the self-government of religious communities. The State may not supervise the Church and the latter is free to choose its own internal structure. Does this mean that the State has strictly no possibilities of control concerning churches and their own policy? This viewpoint would go to far. Traditionally, the civil judge can exercise a formal control over the church decision. This formal control implies that the judge has the right to control whether a challenged decision has been taken by the competent ecclesiastical authority2. A decision by the appeal Court of Liège in 1883 sets this line: the civil judge can examine the real character of a dismissal and the competence of the decision making-authority3. One could say that the Tribunal of Brussels went a little bit further by stating in 1891 that the civil judge is not only entitled to evaluate whether a decision has been taken by the competent authority, but also its seriousness and its conformity with the external characteristics of law4. Anyway, this approach seemed to be too far-reaching for the Cour de Cassation or Hof van Cassatie , the Belgian supreme court. In a verdict issued in 1975, this court limited the civil judge's control to the strictly formal field: was the decision taken, or the appointment made by a competent ecclesiastical authority5? Only this question could be asked by the civil judge. By deciding so, the supreme court implicitly confirms the viewpoint as presented by the Tribunal and the Court of Liège in the nineteenth century. Besides, one has to take into account the fact that even this formal control is only allowed if the concerned church function entails private rights or civil prerogatives6. This is altogether an extremely restrictive way of control. It implies that the civil judge has 2

Tribunal of Liège, 29 July 1848, Belgique Judiciaire, 1848, 1078. Court of Liège, 22 March 1883, Pasicrisie, 1883, II, 157. 4 Tribunal of Brussels, 30 May 1891, Belgique Judiciaire, 1891, 772. 5 Cour de Cassation, 25 September 1975, Pasicrisie, 1976,1, 111. 6 See Court of Brussels, 14 March 1883, Pasicrisie, 1883, II, 145 and Cour de Cassation, 25 September, 1975. 3

Survey on Data Protection and Churches in Belgium

15

no right to control whether the competent ecclesiastical authority has followed its own procedural rules. Indeed, the competent authority clearly is the instance that must have issued the decision, but the question whether or not this authority was faithful to its own rules, exceeds the judge's competence7. Not everybody is pleased with this restrictive point of view. The Appeal Court of Liège decided in 1967 that the civil judge can go beyond a strictly formal control, and is entitled to evaluate the conformity of the decision with the internally prescribed procedure as well8. Some authors go into the same direction. R. Verstegen insisted several times on the necessity of controlling not only the competence of the issue of the decision, but also the observance of the procedural requirements9. More recently, P. Lemmens joined this plea with a partly new argumentation. According to Lemmens, a control of the internally prescribed procedure is not only harmless for the autonomy of the concerned religion, it is - by the acceptance of the principle patere legem quam ipse fecisti - a supreme recognition of the autonomy principle itself. The only restriction is that all forms of arbitrary behaviour are excluded by this form of control. But, as Lemmens concludes, one can hardly argue that the prohibition of arbitrary behaviour is an unacceptable limitation of internal autonomy10. Until very recently this more open approach defended by certain courts and by Lemmens and Verstegen was, although highly respectable, a dissenting opinion. The viewpoint expressed by the Cour de Cassation in 1975, limiting the civil judge's control to the establishment of the competent authority, remained the dominating one. It is not excluded that this situation is coming to an end. On 7 January 1993, the Appeal Court of Möns issued a decision going two steps further than the 1975 decision of our supreme court 11. The first step consisted in the acceptance that the observance of the internal procedure be controlled. So far the Court only followed the suggestions as formulated by Verstegen, Lemmens and others. But the decision was at the same time tremendously new by stating that not only the internal rules have to be applied, but also that the application of 7 This thesis is also supported by Giron, Α., Dictionnaire de droit administratif et de droit public, II, Brussels, Bruylant, 1895-1896, 375. 8 Court of Liège, 5 June 1967, Jurisprudence de la Cour d'Appel de Liège, 1967-1968, 138. 9 See e.g. Verstegen , R., Geestelijken naar Belgisch Recht. Oude en nieuwe vragen, BerchemAntwerpen/Amsterdam, Maarten Kluwer, 1977, 95 - 97. 10 Lemmens, Ρ., "De kerkelijke overheid in de greep van de wereldlijke rechter", in Warnink, (ed.), Rechtsbescherming in de Kerk, Louvain, Peeters, 1991, 80.

H.

Rik Torfs

16

due process of law-rules in the Church is necessary. The Church should cope with article 6 par.l of the ECHR. The idea of claiming the observance of the ECHR within religious structures is, in a Belgian context, a complete novelty. After a few moments of surprise and hesitation, Church authorities rightly decided to appeal against this decision by the Appeal Court of Möns. This means that in a near future the Cour de Cassation will have to verify the legal value of the decision issued by the Court. It will be a decision with important consequences for the relationship between Church and State in Belgium and, more specifically, for the real significance of the right of self-government of religious communities.

3. Constitutional Meaning of Religious Communities Freedom of worship as conceived in the Belgian Constitution is particularly relevant for religions and their organisation in the strict sense of the word. Churches desiring to organise activities in other fields, like health care and education, are bound by the civil legislation in that field. In order to participate duly in those areas, church representatives need to constitute a legal person according to Belgian law, most of the time a V.Z.W./A.S.B.L. (Vereniging Zonder Winstoogmerk / Association Sans But Lucratif) 12. This is necessary for two reasons. Firstly the churches themselves, and also dioceses, parishes and other church structures do not possess legal personality according to Belgian law. And secondly, the V.Z.W. structure is needed in various areas for the simple reason of mere survival, as it is quite often required in order to receive financial support from the State. Every policy dealing with church activities in the context of charity has to start from this reality. Civil structures are indispensable. One has to accept them as a starting point, canon law requirements or wishes assumed by the church authorities have to be integrated within this inevitable framework 13.

11

Court of Möns, 7 January 1993, Revue de droit social, 1993, 69 - 78 with an observation from Torfs, R., "De verhouding tussen kerk en staat op ni eu we wegen?". 12 Law of 27 June 1921, Moniteur belge, 1 July 1921. 13 This was also my own starting point in a study on future structures for catholic health care institutions: Torfs, R.t Congregationele gezondheidsinstellingen. Toekomstige structuren naar profaan en kerkelijk recht, Louvain, Peeters, 1992, X X + 336p.

Survey on Data Protection and Churches in Belgium

17

4. Financial System As already mentioned, article 181 of the Constitution clearly affirms that the salaries and pensions of the ministers of the cult are chargeable to the State14. It also states that the sums necessary for this purpose are included in the annual Sate budget. Although Belgian law admits a theoretical equality among all religions, financial support is only granted to religions having obtained official recognition (by or) by virtue of a law. The basis for such a recognition is the social value of the religion as a service to the population. Currently, six denominations enjoy this status: Catholicism, Protestantism, Judaism, Anglicanism (Law of 4 March 1870 on the organisation of the temporal needs of religions), Islam (Law of 19 July 1974 amending the said law of 1870) and finally the Greek and Russian Orthodox Church (Law of 17 April 1985 amending the same law of 1870). On the occasion of the recent revision of the Constitution, article 181 has been extended to the payment of lay counsellors. Of course, such an extension was not necessary15. Indeed, the State budget already provided an annual sum by way of subsidy for the benefit of the organisation which officially represents secularism. And lay counsellors in the army were provided for as well 16 . But nobody can deny that a change of article 181 in favour of lay counsellors grants a certain constitutional recognition to secularism. An interesting detail: on the occasion of this extension of article 181, the possible payment of lay people working in the Church has also been integrated implicitly. Speaking on the first Flemish Kerkdagen, equivalent of the German "Katholikentag", in Antwerp, Belgian prime minister Jean-Luc Dehaene, a Christian democrat himself, revealed that this extension takes place notwithstanding the opposition of certain bishops. Seemingly, their fear of lay people professionally working in the Church prevails over the financial advantages that state payment obviously offers! Apart from the modest salaries for the ministers of religion of a government approved parish or bishopric 17 provided in the State budget, recognition entails also a few other benefits for the religions concerned.

14 For more information: Van Haegendoren, G. and Alen, A., "The Constitutional ...", in Alen, A. (ed.), o.e., 266 - 267. 15 Van Haegendoren, G. and Alen, Α., "The Constitutional...", in Alen, A. (ed.), o.e., 267. 16 Law of 18 February, 1991, Moniteur belge, 7 March, 1991. 17 The law of 26 June, 1992, Moniteur belge, 30 June 1992, raises the salary for a parish priest by 9,71 % from 1 November 1992 onwards. It is now 496.925 francs before tax.

2 Robbers

18

Rik Torfs

Legal personality is attributed to the ecclesiastical administrations responsible for the temporal needs of the church18. As I already mentioned, the Church and church structures themselves do not enjoy any legal personality. A striking point is also the fact that any deficit incurred by ecclesiastical administrations for temporal goods must be paid by the municipalities. This escape possibility does not always encourage the proper responsibility of the administrations19. Another advantage: the church may request State subsidies for the construction or renovation of its buildings20. Pastors and bishops must be given appropriate housing and any expenditure for this purpose is chargeable to the municipalities or provinces. Furthermore, recognised religions get free public radio and television broadcasting time. Recently, this arrangement has been challenged by church broadcasting people themselves. In their opinion, the existence of specific religious broadcasting instances leads to an almost complete absence of religiously coloured subjects in the programmation of public radio and T. V. Finally, religions may appoint army and prison chaplains, whose salaries are taken care of by the State budget. A global evaluation of the financial system shows us that religions are almost exempt from setting their own budget policy: the personnel is almost completely paid by the State, deficits for material administration are taken care of by others, various indirect advantages make life easier. This "automatic" finance system is topped by income out of church owned property. This property sometimes turns out to be considerable for religious congregations. However since the French Revolution, dioceses are no longer land or property-owners of great importance. Finally, there is the phenomenon of fund raising. Unlike the Netherlands for instance, Belgium has almost no tradition in this field. This lack of financial support of the faithful is largely due to the State financing and

18 The legal basis for these "kerkfabrieken" - "fabriques d'eglises" is constituted by the Imperial Decree of 20 December 1809 and by the Law of 4 March 1870, Moniteur belge, 8 March 1870. 19 In Wallonia, the municipalities spend 1,2 % of their average expenses for the cult, cf. Collinet, R., " A propos des fabriques d'églises, des secours communaux et de quelques subsides", in Le Semeur sortit pour semer. Grand Séminaire de Liège 1592 - 1992, Liège-Bressoux, Editions Dricot, 1992, 407. 2 0 Here again, the legal basis is the law of 4 March 1870, Moniteur belge, 9 March 1870. Additional finance possibilities are offered by the Law on Monuments of 7 August 1931, Moniteur belge, 5 September 1931. One may not forget however that Belgium only counts a little more than 9000 protected monuments, landscapes and entities. The city of Amsterdam on its own comes to a global number of 40000.

Survey on Data Protection and Churches in Belgium

19

the idea people have that they are already indirectly contributing to Church financing by paying their taxes. The current Belgian system is fairly well accepted by the population. Nobody can deny that it functions rather well. From time to time however, some criticism is heard. In 1992 the "official" secular movement Humanistisch Verbond published a pamphlet estimating the financial support given especially to the catholic Church as being much too important21. The authors suggest two possible options for the future, the first being a system of complete separation with an entirely neutral state: a nineteenth century dream! The second possibility consists in a continuing State financing of religious and secular movements, but on a basis of strict equality, given the fulfilment of three conditions, namely that (a) the proper will of the concerned organisation is taken into consideration, (b) a minimal number of members is required and (c) the acceptance of a contemporary pluralist democracy by the State financed institute is a conditio sine qua non22. In spite of this and other documents, the current system is functioning well and is not likely to be open for a change in a near future.

5. The Law of 8 December 1992 A recent Belgian law deals with the protection of privacy regarding to the processing of personal data. However it may be useful to first mention the international regulations applicable to situations which could occur in Belgium. Norms of international human rights treaties are directly applicable in the Belgian system according to the ruling of the Cour de Cassation23. Article 17 of the International Covenant on Civil and Political Rights and article 8 of the ECHR can be invoked by natural and legal persons before the Belgian jurisdictions. Not only in case of

21 Calewaert, W. and De Droogh, L., Voor meer gelijkheid in onze démocratie. Een pamflet, Antwerp, Humanistisch Verbond, 1992, 72 p. 2 2 Calewaert, W. and De Droogh, L, o.e., 7 0 - 7 1 . 2 3 Cour de Cassation, 27 May 1971, Journal des Tribunaux, 1971, 460 - 474 with conclusion of Ganshofvan der Meersch. See, Alen, Α., Treatise on Belgian Constitutional Law, Deventer, Kluwer, 1992, p. 182, nr. 356 and p. 188, nr. 372.

2"

20

Rik Torfs

intrusion in one's private life by the authorities, but also when the safeguarding of the privacy is endangered in relations between private persons24. On 7 May 1982 Belgium signed the Convention nr. 108 on the protection of persons in the automatic processing of personal data, which had been concluded in the European Council25. This convention came into force on 1 October 1985. One of the conditions for ratification of this convention was the existence of national legislation in the signing states on the protection of privacy in the processing of personal data. Now that Belgium has fulfilled this requirement, the way to ratification is wide open. Article 6 of the convention stipulates that data relevant to race, political opinion, religious or other conviction, health, sexual life and criminal punishment may not be the object of automatic processing without adequate guarantees by the national law. After ratification the norms of the convention will penetrate in the internal legal system in as far as they are self-executing. Before the law of 8 December 1992 came into force, the right of privacy in Belgium was mainly protected by international treaties. There was no legal text that protected individuals in a global way regarding the automatic processing of personal data. The right of privacy for instance is not mentioned in the constitution although projects in that direction were announced several times at the occasion of recent constitutional revisions. Until 8 December 1992, only five legal dispositions on automatic public processing contained provisions on data protection. In particular those on the instauration of the National register 26, on the data bank regarding the personnel of the public sector27, on the registers of the National Institute for Statistics, on

2 4

Ergec, R., Protection européenne et internationale des droits de l'homme, III, Brussels, Presses Universitaires, 1989 - 1990, 490. 2 5 Convention Governing the Protection of Individuals with Regard to Automatic Processing of Personal Data, 28 January 1981, European Treaty Series, nr. 108, Strasbourg, 1982. 2 6 Law of 8 August 1983 (Wet van 8 augustus 1983 tot regeling van een Rijksregister van de natuurlijke personen), Moniteur beige, 21 April 1984. 2 7 Royal decree of 30 December 1982 (K.B. nr. 141 van 30 december 1982 tot oprichting van een data bank betreffende de personeelsleden van de overheidssector), Moniteur belge, 13 January 1983.

Survey on Data Protection and Churches in Belgium

21

the Central Service for Credits to Consumption28 and on the crossroads-bank of social security29. The data bank mentioned secondly regarding the personnel of the public sector, is a creation of the Ministry for Public Service and puts together all the statistics and data concerning persons who are remunerated by the various public administrations. This entails the applicability of this statute to the ministers of the cult, who are dependants of the Ministry of Justice30. Article 24quinquies of the law on public statistics mentions that in no case the investigations and statistic studies of the National Institute may concern private life, for instance the religious opinions. Consequently no such questions may be asked when a census is carried out. On several occasions new proposals for the protection of privacy have been introduced in parliament31. International obligations, such as the Schengen Agreement, also urged a faster tempo. But let us focus on the analysis of the law of 8 December 199232. The new law for the protection of privacy is applicable to the processing of personal data. This means that two elements should be present simultaneously: personal data and processing. The law defines personal data as data "relating to a natural person, who is or can be identified (article 1 § 5)". This definition contains three concepts: data, person and "relating to". The persons to which the data should relate are exclusively natural persons. This means that legal persons and associations of all kind are not protected by the 1992 law. Consequently, the church itself, church institutes and religious associations or organisations are not protected by this new law against the 28 Royal decree of 15 April 1985 (K.B. van 15 aprii 1985 betreffende de registratie van afbetalingscontracten), Moniteur belge, 20 April 1985, and the law of 12 June 1991 (Wet van 12 juni 1991 op het consumentenkrediet), Moniteur belge, 9 July 1991. 2 9 Law of 15 January 1990 (Wet van 15 januari 1990 houdende oprichting en organisatie van een Kruispuntbank van de sociale zekerheid), Moniteur belge, 22 February 1990. 3 0 Glineur, Ρ., Droit et éthique de l'informatique, Brussels, Story-Sci entia, 1991, 51. 31 For an extensive list, see Dumortier, 7., "De ontwikkeling van een Europese en Belgische reglementering over de behandeling van de persoonsgegevens", in Euroforum 29 aprii 1993, Louvain, K.U.Leuven - ICRI, 1993, 27, footnote 24. 3 2 Law of 8 December 1992 (Wet van 8 december 1992 tot bescherming van de persoonlijke levenssfeer ten opzichte van de verwerking van persoonsgegevens), Moniteur belge, 18 March 1993.

22

Rik Torfs

abuse of data. But they find themselves at the other side of the spectrum, as they are submitted to the law in their relations with their faithful and their personnel, the last two categories obviously being natural persons. A commission set up on the occasion of the new law will slowly have to develop a jurisprudential tradition to define the exact significance of the concept "relating to". The concept of "processing" is used in a double sense. According to the law, it means both a totality of activities, as well as its final result (see article 9). According to article 1 § 1 "processing" does not only mean "automatic processing", but also "the keeping of a manual file". The material scope of the Belgian law is in that aspect one of the largest in Europe33. Not every processing of personal data falls under the scope of the law. Article 3 § 2 mentions four exceptions. Not covered are for instance the personal data treated by natural persons and by their very nature intended for private, familial and domestic use. Another category of exceptions is the processing of personal data which have to be made public as a result of a legal statute. The personal data which are revealed to the public by the person itself may be processed assuming the processing respects the aim of the publication. Another important aspect of the law of 8 December 1992 are the obligations of those collecting personal data. If personal data are collected for processing, the person they are relating to has to be informed about the aim and the destination of those data as well as about the individualrights of access and correction that this person enjoys. (See also article 4 § 1.) Most of the obligations have to be fulfilled by "the controller of a file" (houder van het bestand/maître du fichier). This is the natural or legal person or de facto association competent for taking the decision regarding the aim of the processing and concerning the kind of data that it should contain (article 1 § 6). The law also determines the concept of "processor of a file" (bewerker/gestionnaire) (article 1 § 7). This is the natural or legal person or de facto association to whom the organisation and execution of the processing has been entrusted.

3 3

46 - 47.

For a comparison of the Belgian law with other European laws, see Dumortier,

Jo.e.,

Survey on Data Protection and Churches in Belgium

23

The churches, in the Belgian juridical system labelled as de facto associations, and the religious associations that eventually can be organised as legal persons, fall under the scope of the law when they control or process a file. The subject of whom data are collected has a right to be informed (article 9) and a right of access to these data (article 10). The person concerned also has a right to request that false data are corrected (article 12). Before starting an automatic processing of personal data, the controller has to make a declaration in that sense to the Commission for the Protection of Privacy (article 17).

6. No Special Provisions for Religious Communities The Belgian law of 8 December 1992 only protects natural persons. From that point of view the church and the religious communities do not fall under the protection. The law does not make any distinction between the church, her institutions or any religious community or association and any other association or community. Neither does the law distinguish between religious communities with legal personality and others which barely exist as a de facto association in the Belgian legal system. This means that any religious community that operates as a "controller" or "processor" of a file, as defined by the articles 1 § 6 and 1 § 7 of the law, will be bound by the state provisions on personal data protection. They are not partly, nor completely excluded from it.

7. Data Protection of the Religious Communities Themselves No religious communities have established a data protection law themselves. Nevertheless in the roman catholic church, which holds a largely dominating position in Belgium, there are good reasons to work out such a legislation. Canon 535 § 1 of the Code of Canon Law (1983) requires each parish to possess a set of parish books including baptismal, marriage and death registers as well as other registers prescribed by the conference of bishops or the diocesan bishop. The pastor has to see to it that these registers are accurately inscribed and carefully preserved. While canon 535 § 1 thoroughly describes all information that a baptismal register should contain (baptism, confirmation, whatever affects the canonical

24

Rik Torfs

status of a person by reason of marriage, adoption, reception of sacred orders, perpetual profession in a religious institute, change of rite), the same canon remains almost totally silent concerning the protection of privacy. At the end of § 4 one can read that the pastor is to take care that the parish books, episcopal letters and other documents do not come into the hands of outsiders. Protection of the privacy definitely is not the first aim of this stipulation. However, the 1983 Code of Canon Law takes the protection of one's privacy very seriously, as one of the canons pertaining to the obligations and rights of all Christian faithful (canon 208 - 223) explicitly deals with it. Indeed, canon 220 reads as follows: "No one is permitted to damage unlawfully the good reputation which another person enjoys nor to violate the right of another person to protect his or her own privacy." This canon could have direct consequences for canon 535 § 1 and the way parish registers should be kept, especially if, due to their fundamental character, the formal supremacy of the obligations and rights of all the Christian faithful over other norms formulated in the Code would be accepted. This formal supremacy would lead to the necessity of a practice of keeping parish books with due regard to everyone's privacy. However, this formal supremacy has generally not been admitted yet in canon law, as the duties and rights of all the faithful are simply formulated somewhere in the middle of the Code. So they are not collected in a separate document with constitutional value, although this had been planned for several years and worked out in a few drafts. Meanwhile the roman catholic church in Belgium has not issued any particular legislation concerning parish registers yet. In the near future, no changes are to be expected.

8. Specific Provisions for Data Relevant to Religion The personal data protection law of 8 December 1992 contains specific provisions for data relevant to religion. Article 6 § 1 reads as follows: "The processing of personal data relevant to the race, the ethnic origin, the sexual life or the political, philosophical or religious persuasions or activities (met betrekking tot de overtuiging of activiteit op godsdienstig gebied/relatives aux opinions ou activités religieuses), the trade union or sick fund membership is only authorised for the purposes determined by or by virtue of the law." When those pur-

Survey on Data Protection and Churches in Belgium

25

poses are determined by the law, the Commission for the protection of privacy will render a preceding advice. It seems to become clear that any membership of a religious community, or any form of religious belief is protected by the law. It is important to realise that this provision does not contain an interdiction for legal persons and de facto associations to keep a file with data regarding their own members (article 6, section 3). This exception has to be interpreted in a narrow sense. It is only meant for members and not for financial donors or other persons being in close contact with the association34. Article 6 corresponds with article 8 on the processing of special categories of data from the amended proposal for a EC directive. The sensitive data may not be collected in Belgium for processing abroad (article 4 § 2).

9. Possible Conflicts between Church Autonomy and Data Protection In which fields do State and Church meet each other with regard to data protection? A few possible areas of confrontation do not seem to be relevant in the Belgian context. For thefinancing of religious communities , no real problem occurs. The financing of the catholic church, the recognition of new parishes with as a result the payment of the minister of the cult, has always implicitly been based on the global number of inhabitants, not on the number of catholics in a given area. The reason for this seemingly generous approach was the underlying idea that the difference between the population as a whole and the catholics would be negligible35. Although the sociological situation today is no longer the same, not all attitudes linked up with the past have already undergone a change. The last edition of the Catholic Yearbook (Katholiek jaarboek voor België.

3 4 Report on behalf of the Commission for Juridical Affairs presented by Vandenberghe, Gedr. St., Senat, 1991 - 92 (B.Z.), nr. 445/2, 85. 35 See Calewaert, W. and De Droogh, L., o.e., 39.

H.,

26

Rik Torfs

Annuaire catholique de Belgique) still mentions for each diocese the number of inhabitants instead of the number of baptized catholics36. The financing of other churches and religions is more depending on their real significance in society, but no strict statistics are used for fixing their numbers. The government only makes an implicit and global estimation without going into details. Another non issue is the admittance to charity establishments. Catholic hospitals for instance accept people of every worship or philosophical background. Sometimes questions are asked concerning religious convictions at the moment of entrance in the hospital, but they are only meant as a help in order to provide for the preferred spiritual aid. The answering of those questions is not compulsory anyway. In a few other fields however, State and Church really meet concerning data protection and the result of the confrontation remains quite uncertain, especially since the issue of the law of 8 December 1992 protecting the privacy. A first area of confrontation could be marriage law in the Church . According to canon 1059 of the roman catholic Code of Canon Law, the marriage of catholics is regulated by divine law and by canon law, with due regard for the competence of civil authority concerning the merely civil effects of such a marriage. Consequently, Church marriages are exclusively dealt with within the framework of the Code of Canon Law, a principle that stands for both its material and the procedural part. People desiring to obtain the annulment of their marriage before a Church tribunal, should follow the adequate procedure as described by the Code. This procedure entails that certain information concerning the religious past of the people involved, will be handed over to the church tribunal by the pastor keeping the parish books. This information includes for instance the official registration of baptism as well as documents certifying when and where the challenged marriage took place. As long as both parties agree with this way of gathering information, their privacy is by no means in danger. Problems rise however in the hypothesis that without a suitable reason the respondent does not appear after having been 3 6 Cf. Katholiek jaarboek voor België. Annuaire catholique de Belgique, Brussels, Licap, 1990, 37, 53, 56, 59, 62, 65, 70, 73. The yearbook is no longer published yearly, the 1990 edition being the last one.

Survey on Data Protection and Churches in Belgium

27

summoned by the tribunal. According to canon 1592, the case can be proceeded then without any further collaboration by the respondent. An indirect result of this principle is that information concerning the respondent's religious situation will be revealed to the tribunal without his implicit consent, eventually even - if he reacts by forbidding any use of information concerning himself - against his will. Questions can be asked concerning the compatibility of this church lawdisposition with modern data protection legislation, especially with the law of 8 December 1992, although article 6 offers several possibilities as described above. Article 15 of the amended proposal for a council directive eventually could increase difficulties by stating that member states shall grant the data subject the right to object at any time on legitimate grounds to the processing of data relating to him. A second topic of great interest is connected with leaving the Church. Church members who, in the roman catholic church, wish to leave the church, find themselves confronted with the self-perception of this institute. Canon 11 of the actual Code of Canon Law indirectly admits that one can enter the catholic church by baptism or by reception into it after having been baptized in another Christian church whose baptism is recognised as valid, but refuses to accept the idea of a possible departure from the church. The reason behind this canon is a theological one: semel baptizatus , semper baptizatus 31. Although the legislator of the Code of Canon Law lacks consistency while admitting the possibility to leave the Church by formal act in three canons in the field of marriage law 38 , the general idea is: leaving the Church cannot be allowed for theological reasons. Of course, the Church has no tools at its disposal to enforce this principle and to exercise pressure on members eager to leave, but for all that the theoretical difficulty remains unsolved. Every time a member wants to leave, the Church denies the idea he can do so. Members of the organisation officially representing secularism in Belgium, have organised several campaigns, urging their sympathizers to write letters to the Church authority announcing their departure from the Church as well as the transcription of a marginal note in the parish books confirming their farewell. Until very recently and even at some places until today, most of the time 37 On this topic one could read Liidicke, K. y "Die Kirchengliedschaft und die plena communio. Eine Anfrage an die dogmatische Theologie aus der Perspektive des Kirchenrechts", in Lüdicke, K., Paarhammer, H. and Binder, Ζλ, Recht im Dienste des Menschen, Graz/Vienna/Cologne, Styria, 1986, 377 - 391; Wamink, H., Kerk en lidmaatschap. Onderzoek van de canonieke normen vanuit hun theologische grondslagen, Louvain, Faculty of Canon Law, 1988, 80 - 153. 38

Canon 1086 § 1; canon 1117; canon 1124 CIC 1983.

28

Rik Torfs

Church authorities did not answer those letters or, if they did, left the demand without any visible result. Unlike the practice in certain neighbour countries, no annotations were made. Can this reserved behaviour by the Church authorities be maintained? It becomes questionable. Article 12 of the law of 8 December 1992 recognises everyone's right to freely obtain every rectification of data with a personal character which contain incorrect information regarding oneself. Will the theological and canon law motives be strong enough to successfully face a possible claim by people attempting desperately to leave the Church? The question remains open, but nobody can deny that answering it in a balanced way is impossible without taking into account both the protection of one's privacy and the inner Church freedom of self-organisation. The notion of self-organisation includes possible differences concerning the ontological meaning of membership, ultimately concerning truth. Weighing both aspects (privacy and self-organisation) can no longer be avoided. Questions are also likely to be raised in other fields, labour law being one of them. At the moment of the appointment of a teacher, a future employer might have the inclination to verify this person's ecclesiastical marriage situation. Could, given the new privacy law, such a way of behaviour be tolerated? In certain rural parts of Belgium, catholic civil authorities in smaller municipalities used to show their registers to local pastors, of course in an unofficial way. The pastors could make use of it for the organisation of their pastoral work. This behaviour cannot be reconciled any longer with the law of 8 December 1992.

10. Influence of the E.C.-Directive The Belgian law of 8 December 1992 already executes the wishes of the E.C.-directive. Given the specific position of churches in the Belgian (constitutional) system, the effects of both law and directive on Church-State relationships will probably remain more limited than elsewhere in the EC. Nevertheless the legislator has given no sign of having taken into account the juridic position of the Church while establishing the new law. And problems in less fundamental fields than financing will sooner or later come to the surface. The result of this confrontation remains unpredictable, as do many questions regarding the balance between fundamental rights.

Personendatenschutz in Dänemark

Von J0rgen Stenbaek, Aarhus In Dänemark wird die primäre öffentliche Personenstandregistrierung von der dänischen evangelisch-lutherischen Volkskirche geführt, die vom Staat unterstützt wird. Die Verfassung dieser Volkskirche, zu der etwa 90 % der Bevölkerung zählen, wird durch staatliches Gesetz geregelt. Die verfassungsrechtlich geschützte Religionsfreiheit wird von folgenden Bestimmungen in der dänischen Verfassung (der dänische "Grundlov") festgelegt: "Die Bürger haben das Recht, sich in Gemeinschaft zu vereinen, um Gott auf jede Weise zu dienen, die ihrer Überzeugung entspricht, wobei jedoch nichts gelehrt oder getan werden darf, was der Sittlichkeit oder der öffentlichen Ordnung widerstreitet" (§ 67). "Niemand ist verpflichtet, persönliche Beiträge zu einer anderen Gottesverehrung zu leisten, als zu der, die seine eigene ist" (§ 68). Die Verhältnisse der von der Volkskirche abweichenden Glaubensgemeinschaften werden des näheren durch Gesetz geregelt" (§ 69). "Niemand kann seines Glaubensbekenntnisses oder seiner Abstammung wegen, vom vollen Genuß der bürgerlichen oder politischen Rechte ausgeschlossen werden oder sich der Erfüllung einer allgemeinen Bürgerpflicht entziehen" (§ 70). "Die persönliche Freiheit ist unantastbar. Keinem dänischen Bürger kann seiner politischen oder religiösen Überzeugung oder seiner Abstammung wegen in irgendwelcher Form die Freiheit entzogen werden" (§ 71 Abs. 1). "Die Bürger haben das Recht, ohne vorherige Genehmigung Vereine zu jedem gesetzlichen Zweck zu bilden" (§ 78 Abs. 1). "Die Bürger haben das Recht, sich ohne vorherige Genehmigung unbewaffnet zu versammeln ..."(§ 79). Im Verfassungsjahr 1849 gab es neben der Volkskirche drei Glaubensgemeinschaften, die sofort anerkannt wurden: die römisch-katholische Kirche, die

30

J0rgen Stenbaek

reformierte Kirche und die jüdische Kultusgemeinde. Die Anerkennung bedeutete, daß diese Glaubensgemeinschaften ihre eigene Personenstandregistrierung mit öffentlicher Gültigkeit unternahm, d.h. mit wechselseitiger Meldepflicht an die betreffende wohnörtliche Volkskirchengemeinde. Eine gleiche Anerkennung haben seither die Methodisten, die russisch-orthodoxe Kirche und die Baptisten erhalten; zu dieser Gruppe von "anerkannten Glaubensgemeinschaften" gehören auch die schwedischen, englischen und norwegischen Gemeinden in Kopenhagen. (Die evangelisch-lutherischen deutschen, städtischen Minderheitsgemeinden im dänischen Teil von Schleswig-Holstein werden als registrierte Teile der betreffenden volkskirchlichen Stadtgemeinde betrachtet und gehören also - mit eigenem Gemeindepastor und eigener Vertretung in der Gemeindeleitung - zur dänischen Volkskirche.) Die Pastore der "anerkannten Glaubensgemeinschaften" können kirchliche Handlungen mit bürgerlich-rechtlicher Gültigkeit vornehmen wie Taufe und Eheschließung; die betreffenden Gemeinden führen ihre eigenen öffentlichrechtlichen Register ("Ministerialbücher") und können Bescheinigungen mit öffentlich-rechtlicher Gültigkeit ausstellen. Seit 1969 wurde dieses Anerkennungsverfahren geändert, so daß jetzt die Geistlichen oder Gemeindevorsteher beliebiger Glaubensgemeinschaften, christliche wie nicht-christliche, Eheschließungen mit öffentlich-rechtlicher Anerkennung vornehmen können wenn sie persönlich von der Gemeinschaft und vom Kirchenminister dazu anerkannt sind, und wenn Anmeldung an die öffentlichen Register sofort (innerhalb 24 Stunden) unternommen werden. Das betrifft zum Beispiel die Heilsarmee, die Zeugen Jehovas und die Mormonen, sowie unter den Nicht-Christen einige islamische Gemeinden, die Baha'ii-Anhänger und eine Sikh-Gemeinde in Kopenhagen u.a. Es gibt also in Dänemark vier Kategorien von religiösen Gemeinschaften: Erstens volkskirchliche staatsunterstützte territoriale Gemeinden (Parochien) mit eigenen Ministerialbüchern, die zugleich die primäre öffentliche Personenstandsregistrierung ausmachen, zweitens anerkannte Glaubensgemeinschaften mit eigenen Ministerialbüchern, die öffentlich-rechtlich anerkannt sind (Taufe und Eheschließungen sind zivilrechtlich anerkannt und werden sowohl an den volkskirchlichen als auch an den kommunalen Behörden gemeldet), drittens gibt es - seit 1969 - Glaubensgemeinschaften, deren Pas tore oder Gemeindeleitungen Eheschließungen mit öffentlich-rechtlicher Anerkennung vornehmen können, aber ohne eigene Ministerialbücher. Endlich gibt es viertens Glaubensgemeinschaften mit privatrechtlicher Vereinsstruktur.

Personendatenschutz in Dänemark

31

In die von der Volkskirche und den anerkannten Glaubensgemeinschaften geführten Minsterialbücher werden registriert: a) Geburt, Eltern, Name und der Wechsel von Namen, Todesfälle; b) Eheschließungen und Ehescheidungen, samt c) Ein- und Austritt in die und aus der dänischen Volkskirche/anerkannten Glaubensgemeinschaft. Die christliche Taufe in anderen christlichen Kirchen und Glaubensgemeinschaften wird in Verbindung mit kirchlichen Mitgliedsverhältnissen registriert. Als öffentliches Personenstandsregister sind die Ministerialbücher der zivilen Registergesetzgebung untergeordnet, z.B. Gesetz 654 von 1991, dessen § 9 Abs. 2 die folgenden empfindlichen Daten ausdrücklich erwähnt: politische Meinung, rassische Herkunft, Hautfarbe, religiöse Überzeugung, Information über Vereinsmitgliedschaft, Gesundheit, soziale Probleme, Drogen- und Alkoholmißbrauch etc. Solche Daten dürfen nur registriert werden, "wenn es für die Aufgaben Wahrnehmung der berührten öffentlichen Register notwendig ist".

Das Datenschutzrecht und die Kirchen in der Bundesrepublik Deutschland Von Gerhard Robbers, Trier

I. 1. Das Verhältnis von Staat und Kirchen in der Bundesrepublik Deutschland ist gekennzeichnet durch die Existenz zweier Großkirchen: der katholischen Kirche einerseits und der Evangelischen Landeskirchen, die in der EKD (Evangelische Kirche in Deutschland) eine Gemeinschaft bilden, andererseits. Es beruht auf einem System grundsätzlicher Trennung von Staat und Kirchen bei gleichzeitiger Betonung zahlreicher Kooperations- und Verknüpfungsbereiche. Es besteht keine Staatskirche (Art. 137 Abs. 1 WRV i.V.m. Art. 140 GG). Die Religionsfreiheit wird durch Art. 4 GG gewährleistet. Im Sinne der korporativen Religionsfreiheit können sich auch die Kirchen als solche auf sie berufen. Zusätzlich bestehen institutionelle Garantien in den Artikeln 136 - 139, 141 WRV i.V.m. Art. 140 GG. Die großen Kirchen sind Körperschaften des öffentlichen Rechts; dadurch werden sie jedoch nicht in das Staatsgefüge eingegliedert. Einzelne Befugnisse hängen von diesem Rechtsstatus ab. 2. Von zentraler Bedeutung ist das Selbstbestimmungsrecht der Kirchen, der sonstigen Religionsgemeinschaften und der Weltanschauungsgemeinschaften gemäß Art. 137 Abs. 3 WRV i.V.m. Art. 140 GG. Jede Religionsgesellschaft ordnet und verwaltet ihre Angelegenheiten selbständig innerhalb der Schranken des für alle geltenden Gesetzes. Nach der ständigen Rechtsprechung des Bundesverfassungsgerichts kommt dem Selbstverständnis der Kirchen über den Bereich ihrer Angelegenheiten, in dem ihr Selbstbestimmungsrecht besteht, besondere Bedeutung zu. Letztentscheidend bleibt allerdings das staatliche Recht. Auf zahlreichen Gebieten kooperieren Kirchen und Staat und verwalten gemeinsame Angelegenheiten. Das ist etwa die Militärseelsorge, die Seelsorge in öffentlichen Krankenhäusern, das Friedhofswesen, der Kirchensteuereinzug, das kirchliche Meldewesen oder der Religionsunterricht an öffentlichen Schu3 Robhers

34

Gerhard Robbers

len. Hier muß regelmäßig ein Ausgleich der Interessen und Auffassungen gefunden werden. Das kirchliche Selbstbestimmungsrecht besteht nur innerhalb der Schranken des für alle geltenden Gesetzes. Hierzu hat das Bundesverfassungsgericht die Formel entwickelt, daß ein Gesetz dann keine Schranke bilden kann, wenn es die Kirche nicht wie den Jedermann trifft, sondern in ihrer Besonderheit als Kirche härter, ihr Selbstverständnis, insbesondere ihren geistlich-religiösen Auftrag beschränkend, also anders als die normalen Adressaten1. Es muß eine Güterabwägung zwischen Kirchenfreiheit und Schrankenklausel stattfinden 2, wobei dem Eigenverständnis der Kirchen ein besonderes Gewicht beizumessen ist. Diese Rechtsprechung hat weitreichende Konsequenzen; hierzu einige Beispiele aus der Rechtsprechung des Bundesverfassungsgerichts: (1)Die Kirchen als öffentlich-rechtliche Körperschaften sind nicht konkursfähig. Es würde sie in ihrem Selbstbestimmungsrecht unzulässigerweise verletzen, wenn im Falle der Zahlungsunfähigkeit ein staatlich bestellter Konkursverwalter über innerkirchliche Angelegenheiten entscheiden könnte3. (2) Die Kirchen sind aus dem staatlichen Mitbestimmungsrecht ausgenommen. Das Verhältnis von Arbeitnehmern und Arbeitgebern beruht im allgemeinen auf dem Modell der Konfrontation und des Interessengegensatzes. Die Kirchen verstehen sich demgegenüber als Dienstgemeinschaft unter einem einheitlichen obersten Auftrag. Ihnen ist daher aus Gründen der Religionsfreiheit und des Selbstbestimmungsrechts der Kirchen freigestellt, eigene Strukturen der Mitwirkung von Arbeitnehmern zu entwickeln. Davon haben sie in weitem Maße Gebrauch gemacht4; ihr Mitbestimmungsrecht geht im einzelnen oft über das in der allgemeinen Rechtsordnung vorgesehene Recht der Arbeitnehmer noch hinaus und räumt ihnen weitergehende Befugnisse ein. (3) Die Kirchen sind zwar grundsätzlich an das staatliche Arbeitsrecht gebunden. Sie sind in Deutschland nach der öffentlichen Hand der zweitgrößte Arbeitgeber mit fast 1.000.000 Arbeitnehmern. In zentralen Fragen des Individualarbeitsrechts bestehen wegen des kirchlichen Selbstbestimmungsrechts aber besondere Grundsätze. So können die Kirchen in erheblichem 1

BVerfGE BVerfGE 3 BVerfGE 4 BVerfGE 2

42, 312. 53,366/401. 66, I f f . 53, 366 ff., vgl. auch BVerfGE 72, 278 ff.

Das Datenschutzrecht und die Kirchen in der Bundesrepublik Deutschland

35

Maße den Inhalt der allgemein bestehenden Loyalitätspflichten der Arbeitnehmer gegenüber dem Arbeitgeber bestimmen. Das Bundesverfassungsgericht hat der Entlassung eines Arztes an einem katholischen Krankenhaus zugestimmt, der öffentlich Auffassungen zum Schwangerschaftsabbruch vertreten hatte, die mit der Lehre der Kirche in Widerspruch gestanden hatten (BVerfGE 70, 138 ff.). 3. Der verfassungsrechtliche Begriff der Religionsgemeinschaft erfaßt nicht nur die engere verfaßte Kirche als Amtskirche oder Kultgemeinschaft in einem engeren Sinne. Vielmehr meint Religionsgemeinschaft und Kirche den Gesamtbereich kirchlicher religiös geprägter Aktivitäten. Nach Art. 137 Abs. 3 WRV i.V.m. Art. 140 GG sind nicht nur die organisierte Kirche und deren rechtlich selbständigen Teile, sondern alle der Kirche in bestimmter Weise zugeordneten Einrichtungen ohne Rücksicht auf ihre Rechtsform Objekte, bei deren Ordnung und Verwaltung die Kirche grundsätzlich frei ist, wenn die Einrichtungen nach kirchlichem Selbstverständnis ihrem Zweck oder ihrer Aufgabe entsprechend berufen sind, ein Stück des Auftrags der Kirche wahrzunehmen und zu erfüllen 5. Deshalb gehören zur Kirche und in den Bereich ihres Selbstbestimmungsrechtes auch die von ihr nur mittelbar betriebenen Einrichtungen wie Krankenhäuser, kirchlich getragene Schulen, Kindergärten, Altenheime unabhängig von ihrer Rechtsform als öffentlich-rechtliche Körperschaft oder als privatrechtlich betriebene Einrichtung. Dieser diakonisch-caritative Bereich besitzt erhebliche soziale Relevanz. 4. Die Finanzierung der Kirchen erfolgt nur zu einem geringen Teil aus Eigenvermögen. In nicht ganz unerheblichem Maße bestehen zumeist historisch begründete unmittelbare Staatsleistungen aus dem allgemeinen Haushalt des Staates. Zahlreiche Aktivitäten sind in allgemeine soziale Finanzierungssysteme eingebunden wie die Krankenhausfinanzierung. Vielfach bestehen staatliche Zuschüsse, die kirchliche Aktivitäten in nicht anderer Weise unterstützen wie die Tätigkeit gesellschaftlicher Verbände. Die Haupteinnahmequelle der Kirchen ist jedoch die Kirchensteuer. Sie ist in Art. 137 Abs. 6 WRV i.V.m. Art. 140 GG verfassungsrechtlich garantiert. Die Religionsgesellschaften, welche Körperschaften des öffentlichen Rechtes sind, sind berechtigt, aufgrund der bürgerlichen Steuerlisten nach Maßgabe der landesrechtlichen Bestimmungen Steuern zu erheben. Die Kirchensteuern werden ausschließlich von Mitgliedern der Kirchen gezahlt. Sie bestehen praktisch 5

3*

BVerfGE 53, 366/391.

Gerhard Robbers

36

in einem Zuschlag zur Lohn- und Einkommensteuer, der nach Landesrecht unterschiedlich 8 - 9 % der Lohn- bzw. Einkommensteuerschuld beträgt. Die Kirchensteuer wird in aller Regel vom Staat bei der allgemeinen Steuereinziehung erhoben und an die Kirchen abgeführt. Der Staat erhält dafür eine Entschädigung in Höhe von 4 - 6 % des Kirchensteueraufkommens. Die Lohnsteuer wird vom Arbeitgeber direkt an den Staat abgeführt. Dies gilt auch für die Kirchensteuer. Er erfährt daher notwendigerweise von der Zugehörigkeit seines Arbeitnehmers zu einer bestimmten Kirche, soweit diese kirchensteuerberechtigt ist. Dasselbe gilt für die staatliche Steuerverwaltung. Von der Kirchensteuerpflicht kann der Betroffene freikommen, wenn er nach staatlichem Recht aus der Kirche austritt.

II. 5. Das deutsche Datenschutzrecht findet seine verfassungsrechtliche Grundlage in Art. 2 Abs. 1 i.V.m. Art. 1 Abs. 1 GG. Aus dem hierdurch geschützten allgemeinen Persönlichkeitsrecht hat das Bundesverfassungsgericht das Recht auf informationelle Selbstbestimmung entwickelt6. Bundesweit besteht das Bundesdatenschutzgesetz von 1990. Die Bundesländer haben dazu eigene Landesdatenschutzgesetze in Kraft gesetzt. 6. Die Bedeutung des staatlichen Datenschutzrechts für die Kirchen ist umstritten. Nach der herrschenden Meinung werden die öffentlich-rechtlich verfaßten Religionsgemeinschaften vom Anwendungsbereich des Bundesdatenschutzgesetzes nicht erfaßt. Dies folgt aus dem verfassungsrechtlich gesicherten Selbstbestimmungsrecht der Religionsgemeinschaften. Als Schranke des für alle geltenden Gesetzes gilt danach allenfalls das verfassungsrechtliche Prinzip des Datenschutzes, nicht aber dessen konkrete Ausformungen in den staatlichen Datenschutzgesetzen. Richtiger Auffassung nach würde die generelle Anwendbarkeit der staatlichen Datenschutzgesetze auf die Kirchen deren verfassungsrechtlich garantiertes Recht auf Ordnung und Verwaltung ihrer eigenen Angelegenheiten unzulässig beschränken. Dies war bereits unter dem Bundesdatenschutzgesetz von 1977 herrschende Meinung. Für das Bundesdatenschutzgesetz von 1990 gilt nichts anderes. Zwar enthält das Gesetz keine ausdrückliche Exemtionsklausel, wie das etwa für §§ 112 S. 1 BPersVG, 118 Abs. 2 BetrVerfG, 2 Abs. 1, 1 Abs. 6

Vgl. BVerfGE 65, 1 ff.

Das Datenschutzrecht und die Kirchen in der Bundesrepublik Deutschland

37

1 und 2 VwVfG - vgl. aber auch § 84a BBiG - der Fall ist. Im Gesetzgebungsverfahren war auf eine entsprechende ursprünglich vorgesehene Norm verzichtet worden. Auch die weitestgehende Vorstellung einer Einbeziehung der Kirchen, die von der Fraktion der Partei "Die Grünen" eingebracht worden war, sah jedoch eine bloß subsidiäre Anwendung des Bundesdatenschutzgesetzes auf die Kirchen vor, soweit diese keine eigenen ausreichenden Datenschutzmaßnahmen getroffen haben7. Selbst damit wäre den Kirchen für das gesamte Datenschutzrecht einschließlich ihrer privatrechtlich betriebenen Werke und Einrichtungen die Befugnis zur Eigenregelung überlassen geblieben. Eine ausdrückliche Ausklammerung der Kirchen ist jedoch schon angesichts der klaren verfassungsrechtlichen Lage nicht erforderlich gewesen; das Gesetz verzichtet konsequenterweise auf eine Regelung, die bloß deklaratorischen Charakter hätte haben können. Die wesentlichen verfassungsrechtlichen Argumente sind von Dieter Lorenz vorgetragen worden8. Das Prinzip des Datenschutzes hat Verfassungsrang und folgt aus dem Persönlichkeitsrecht, das in Art. 2 Abs. 1 i.V.m. Art. 1 Abs. 1 GG verankert ist. Hierzu gehören nach dem Urteil des Bundesverfassungsgerichts zur Volkszählung von 19839 Aufklärungs-, Auskunfts- und Leistungspflichten, die Möglichkeit einer Kontrolle durch einen unabhängigen Datenschutzbeauftragten, endlich auch das Verbot der Zweckentfremdung von Daten. Dies bildet das Grundprinzip des Datenschutzes. Auf die Wahrung dieses Prinzips sind die Kirchen auch im Rahmen ihres Selbstbestimmungsrechtes aus Art. 137 Abs. 3 WRV i.V.m. mit Art. 140 GG verpflichtet. Die einzelnen Modalitäten der Durchsetzung dieses Verfassungsprinzips müssen aber wegen des kirchlichen Selbstbestimmungsrechtes ihnen überlassen bleiben. Die Kirchen verstehen sich ganz wesentlich als Kommunikationsgemeinschaft. Ihre Existenz als Gemeinschaft von Brüdern und Schwestern bedingt gegenseitige Anteilnahme. Dies wiederum bedeutet die Notwendigkeit des Wissens umeinander und damit die Kenntnis und Verarbeitung nicht notwendig von mehr, aber von anderen Daten, als das im staatlichen und weltlich privaten Bereich der Fall ist. Welche spezifischen Daten für die Erfüllung des kirchlichen Auftrages und ihre Existenz als Gemeinde erforderlich sind, unter7 Vgl. Ulrich Dammann, Die Anwendung des neuen Bundesdatenschutzgesetzes auf die öffentlich-rechtlichen Religionsgesellschaften, N V w Z 1992, S. 1148. 8 Vgl. Dieter Lorenz, Die Stellung der Kirchen nach dem Bundesdatenschutzgesetz 1990, ZevKR 1992, S. 27, S. 36 ff.; vgl. auch Marie-Theres Tinnefeld/Eugen Ehmann, Einführung in das Datenschutzrecht, 1992, S. 45 f. 9 Vgl. BVerfGE 65, 1/46 ff.

Gerhard Robbers

38

liegt prinzipiell dem kirchlichen Selbstverständnis in seinen religiösen Bezügen. Manche Daten, die im staatlichen Bereich als sensibel gelten und der Verarbeitung grundsätzlich entzogen werden können, müssen im kirchlichen Bereich als selbstverständliche Basis der Gemeinschaft anerkannt sein. Dieser Grundsatz gilt nicht lediglich für den innerkirchlichen Mitgliedschaftsbereich. Den Kirchen kommt von Verfassungs wegen ein auch staatskirchenvertraglich gesicherter Öffentlichkeitsanspruch und Öffentlichkeitsauftrag zu. Dieser enthält auch die Befugnis, Seelsorge gegenüber Nichtmitgliedern anzubieten, letztlich auch die Befugnis zur Mission. Verfassungsrechtliche Ausprägungen sind das kirchliche Zugangsrecht zu öffentlichen Einrichtungen gemäß Art. 141 Abs. 1 WRV i.V.m. Art. 140 GG. Die Bindung an das vom Bundesdatenschutzgesetz vorgesehene Organisationsmodell des Datenschutzes mit ihren staatlichen Kontrolleinrichtungen würde massiv in das Selbstorganisationsrecht der Kirchen eingreifen. Staatliche Aufsichts- und Kontrollrechte könnten zudem das Seelsorgegeheimnis verletzen. Vertretbar ist es durchaus, das Bundesdatenschutzgesetz von seiner Zielsetzung her als ein für alle geltendes Gesetz im Sinne der Schrankenklausel des Art. 137 Abs. 3 WRV anzusehen. Es würde dann dem kirchlichen Selbstbestimmungsrecht Grenzen ziehen. Das Bundesdatenschutzgesetz muß aber bei seiner Anwendung auch in diesem Fall nach den allgemeinen Grundsätzen der Bedeutung der Kirchenfreiheitsgarantie entsprechend einschränkend angelegt werden. Zu keinem anderen Ergebnis kommt Ulrich Dammann10. Auch nach dieser Auffassung ist das Bundesdatenschutzgesetz für Kirchen unanwendbar, soweit der Umgang mit personenbezogenen Daten ausschließlich die Mitgliedschaft, die Angelegenheiten der Religionsausübung, das Innehaben und Ausüben religionsspezifischer Ämter und Funktionen und andere vergleichbare organisationsinterne Angelegenheiten der Religionsgesellschaften zum Gegenstand hat. Zu eng ist diese Auffassung jedoch insoweit, als sie die Freistellung auf Mitglieder und Funktionsträger beschränkt. Auch kann nicht von Staats wegen bei der Anwendung des Gesetzes auf Beschäftigte der Religionsgesellschaften eine Differenzierung danach angebracht werden, ob es sich um Personen handelt, deren Aufgabe und innerorganisatorischer Status unmittelbar mit dem religiösen Charakter der Gesellschaft zu tun hat oder aber ihn nur mittelbar betrifft. Diese Entscheidung muß den Kirchen überlassen bleiben. 10

Vgl. Dammann, N V w Z 1992, S. 1149.

Das Datenschutzrecht und die Kirchen in der Bundesrepublik Deutschland

39

Zuzustimmen ist Dammann darin, daß die innerorganisatorische Durchführung des Datenschutzes den Religionsgesellschaften insgesamt zur eigenen Gestaltung überlassen bleibt. Die §§ 36 und 37 BDSG jedenfalls sind nicht anwendbar. Nicht gefolgt werden kann der Auffassung, daß die Ausübung der Kontrolle durch die Aufsichtsbehörden nach § 38 BDSG prinzipiell bestehen bleibt. Zwar beschränkt Dammann wegen des besonderen Status der Religionsgesellschaften die Kontrollbefugnis auf diejenigen Materien, auf die die materiellen Vorschriften des Gesetzes oder bereichsspezifische Datenvorschriften anzuwenden seien. Dies läßt sich jedoch von anderen, nicht der Kontrolle zu unterwerfenden Bereichen nicht trennscharf genug unterscheiden. Insgesamt berücksichtigt Dammann nicht hinreichend den verfassungsrechtlichen Hintergrund des Selbstbestimmungsrechts der Kirchen. 7. Die Kirchen haben dem Gedanken des Datenschutzes früh und zum Teil in wegweisender Art Rechnung getragen. Der Gedanke des Datenschutzes hat eigene religiöse Wurzeln, die sich in der Verpflichtung auf das Beichtgeheimnis und auf das Seelsorgegeheimnis in besonders wirkkräftiger Weise zeigen. In der katholischen Kirche gilt can. 220 CIC 1983. Danach darf niemand das persönliche Recht eines andren auf den Schutz der eigenen Intimsphäre verletzen. Dazu gilt gleichlautend in den Diözesen die Anordnung über den kirchlichen Datenschutz vom 5.12.1977. Sie entspricht in vielem der staatlichen Regelung. In der EKD galt zunächst das Kirchengesetz über den Datenschutz vom 10.11.1977 in der Fassung vom 7.11.1984 (ABl. EKD, S. 507 f.). Es ist von den einzelnen Landeskirchen übernommen und beschränkte sich auf die Regelung von Grundlinien. Die Landeskirchen und die EKD selbst haben jedoch darüber hinaus in neueren Verordnungen umfassende Anpassungen des Datenschutzrechtes an die gesteigerten Bedürfnisse vorgenommen11. Nunmehr gilt das Kirchengesetz über den Datenschutz der Evangelischen Kirche in Deutschland vom 12. November 199312.

11 Vgl. etwa EKD, V O zum Kirchengesetz über den Datenschutz vom 21. März 1986, ABl. EKD 1986; Ev.- Landeskirche Würtemberg, Kirchliche V O zur Durchführung und Ergänzung des Kirchengesetzes über den Datenschutz vom 31. März 1992, ABl. EKD 1992, S. 215 ff., Ev. Kirche von Kurhessen-Waldeck, VO zum Schutz von Patientendaten in evangelischen Krankenhäusern vom 29.10.1991, ABl. EKD 1992, S. 7; Bremische Ev. Kirche, VO zum Schutz von personenbezogenen Daten bei kirchlichen Friedhöfen vom 15.10.1992, ABl. EKD 1993, S. 9; Ev.-Luth. Landeskirche Sachsens, V O zum Schutz von Patientendaten in kirchlichen Krankenhäusern, ABl. E K D 1992, S. 486; Nordelbische Ev.-Luth. Kirche, Rechts Verordnung zum Datenschutz in kirchlichen Krankenhäusern vom 8./9. Oktober 1990, ABl. EKD 1991, S. 55. 12

ABl. EKD 1993, S. 505.

40

Gerhard Robbers

Das Datenschutzgesetz der EKD gilt für alle kirchlichen Dienststellen, Werke und Einrichtungen ohne Rücksicht auf deren Rechtsform. Kirchliche Stellen dürfen die in kirchlichen Dateien enthaltenen personenbezogenen Daten nur für die Erfüllung ihrer Aufgaben verarbeiten und nutzen. Sie dürfen sie aber nicht zu anderen Zwecken nutzen, etwa zur kommerziellen Nutzung weitergeben oder ohne Einwilligung veröffentlichen. Die besonderen Bestimmungen über den Schutz des Beicht- und Seelsorgegeheimnisses und über die Amtsverschwiegenheit gehen dem DSG EKD vor. Die Gliedkirchen und die EKD haben je eigene Datenschutzbeauftragte, die über die Einhaltung des Datenschutzes wachen. 8. Art. 136 Abs. 3 WRV i.V.m. Art. 140 GG lautet: "Niemand ist verpflichtet, seine religiöse Überzeugung zu offenbaren. Die Behörden haben nur soweit das Recht, nach der Zugehörigkeit zu einer Religionsgesellschaft zu fragen, als davon Rechte und Pflichten abhängen oder eine gesetzlich angeordnete statistische Erhebung dies erfordert". Dies ist die verfassungsrechtliche Grundlage für zahlreiche Sonderbestimmungen, die es im Einzelfall zulassen, nach der Zugehörigkeit zu einer Religionsgemeinschaft zu fragen und diese Daten zu verarbeiten. Für statistische Zwecke geschieht dies bei den Volksbefragungen 13. Gemäß § 2 Abs. 1 Nr. 11 Melderechtsrahmengesetz und entsprechenden Bestimmungen der Meldegesetze der Länder darf von der Meldebehörde zur Erfüllung ihrer Aufgaben die rechtliche Zugehörigkeit zu einer Religionsgesellschaft im Melderegister gespeichert werden. Entsprechend dem Landesrecht darf dieses Datum bei der An- und Abmeldung eines Einwohners erhoben werden. Gemäß § 19 MRRG dürfen einer öffentlich-rechtlichen Religionsgesellschaft bestimmte Daten ihrer Mitglieder übermittelt werden. Gemäß § 21 Abs. 1 Nr. 1 Personenstandsgesetz wird die rechtliche Zugehörigkeit oder Nichtzugehörigkeit der Eltern eines Kindes zu einer Kirche, Religionsgesellschaft oder Weltanschauungsgemeinschaft in das Geburtenbuch eingetragen, wenn die Eltern ihr Einverständnis erklären. Der Kirchensteuereinzug und der Kirchenaustritt bedingen nach Länderrecht die Angabe, Verarbeitung und Übermittlung von Daten der Konfession. 9. In zahlreichen Bereichen berühren sich danach Staat und Kirchen in Bezug auf den Datenschutz. a) Das System der Kirchensteuererhebung ist unmittelbar auf den Ruß persönlicher, religionsbezogener Daten zwischen Kirche, Arbeitgeber und 13

Vgl. BVerfGE 65, 1 ff.

Das Datenschutzrecht und die Kirchen in der Bundesrepublik Deutschland

41

staatlicher Steuererhebungsstelle angewiesen. Der Arbeitgeber muß über die Zugehörigkeit seines Arbeitnehmers zu einer Religionsgemeinschaft Kenntnis haben, um den Steuerabzug vornehmen zu können. Die staatliche Steuerverwaltung bedarf der Kenntnis über die Zugehörigkeit seiner Religionsgemeinschaft, um die Gelder der berechtigten Religionsgemeinschaft zuzuordnen. Das Merkmal der Konfession wäre auch dann wesentlich, wenn die Kirchen in eigener Regie die Kirchensteuer erheben würden. Sie können dies aufgrund der bürgerlichen Steuerlisten tun. Sie müssen deshalb Einblick in die Steuerakten ihrer Mitglieder nehmen können. Diese Berechtigung ist durch Art. 137 Abs. 6 WRV i.V.m. Art. 140 GG garantiert. b) Nach Art. 136 Abs. 3 WRV i.V.m. Art. 140 GG ist niemand verpflichtet, seine religiöse Überzeugung zu offenbaren. Die Behörden haben nur soweit das Recht, nach der Zugehörigkeit zu seiner Religionsgesellschaft zu fragen, als davon Rechte und Pflichten abhängen oder eine gesetzlich angeordnete statistische Erhebung dies erfordert. c) Art. 141 WRV i.V.m. Art. 140 GG garantiert den Zugang der Religionsgemeinschaften zu öffentlichen Einrichtungen und die dafür erforderlichen Voraussetzungen ihrer Tätigkeit. Soweit das Bedürfnis nach Gottesdienst und Seelsorge im Heer, in Krankenhäusern, Strafanstalten oder sonstigen öffentlichen Anstalten besteht, sind Religionsgesellschaften zur Vornahme religiöser Handlungen zuzulassen, wobei jeder Zwang fernzuhalten ist. Diese Garantie eröffnet die Möglichkeit, daß Seelsorger der Religionsgemeinschaften in diesen staatlichen Institutionen tätig werden. Hierzu bedürfen sie der Kenntnis über die Religionszugehörigkeit der betroffenen Individuen. Die Seelsorge in Krankenhäusern etwa wäre massiv behindert, wenn die Geistlichen nicht mehr darüber informiert werden dürften, welcher Religionsgemeinschaft ein ernsthaft erkrankter Patient angehört. d) Das gesamte kirchliche Meldewesen ist mit dem staatlichen Meldewesen in Deutschland eng verbunden. Durch die Existenz der evangelischen Kirchen als Landeskirchen mit zum Teil verschiedener evangelischer Konfession als lutherische, reformierte, unierte Kirchen besteht das Bedürfnis eines funktionierenden Datenabgleichs, Beim Umzug aus dem Bereich einer evangelischen Landeskirche in den Bereich einer anderen evangelischen Landeskirche wird der Betroffene automatisch Mitglied der neuen Landeskirche, es sei denn, er widerspräche dieser Zugehörigkeit. Die staatlichen Meldebehörden übersenden die Anmeldung an einem neuen Wohnort an die betref-

42

Gerhard Robbers

fende Kirche. Es würde eines erheblichen Aufwandes bedürfen, wenn die Kirchen hier gezwungen wären, ein eigenes Meldewesen aufzubauen. e) Der Religionsunterricht ist in den öffentlichen Schulen mit Ausnahme der bekenntnisfreien Schulen ordentliches Lehrfach (Art. 7 Abs. 3 S. 1 GG). Der Religionsunterricht wird in Übereinstimmung mit den Grundsätzen der betreffenden Religionsgemeinschaft erteilt. Er besteht nach der Rechtsprechung des Bundesverfassungsgerichts als konfessionsgebundener Unterricht. Die Schüler sind verpflichtet, am Religionsunterricht teilzunehmen, es sei denn, sie melden sich vom Religionsunterricht ab, was ihnen freisteht. Die Garantie des Religionsunterrichts ist auch ein Recht der Kirchen. Zur ordnungsgemäßen Erteilung und Durchführung des Religionsunterrichts ist erforderlich, daß den Kirchen Zugang zu den Daten über die Religionszugehörigkeit der Schüler gewährt ist. f) Auch ein Datenaustausch zwischen Religionsgemeinschaften ist erforderlich. Dies gilt etwa bei Trauungen konfessionsverschiedener Partner. Relevanz in Einzelfällen besitzt auch der Kirchenübertritt.

III. 10. Der gegenwärtige Entwurf einer Datenschutzrichtlinie gefährdet in der Bundesrepublik Deutschland das System des Kirchensteuereinzuges, das Meldewesen und die Seelsorge an Benutzem kirchlicher Einrichtungen ebenso wie die Seelsorge an Benutzern staatlicher Institutionen, für die die Kirchen ein Zugangsrecht haben. Die Beschränkung des Zuständigkeitsbereichs der Europäischen Gemeinschaft und damit des Anwendungsbereichs der Richtlinie und des darauf beruhenden nationalen Rechts gibt keine hinreichende Garantie der kirchlichen Bedürfnisse. Soweit aufgrund der Beschränkung der gegenwärtigen Zuständigkeiten einzelne Bereiche nicht in den Anwendungsbereich der Richtlinie fallen, bleibt gleichwohl die Möglichkeit einer zukünftigen Ausweitung der Kompetenzen der Europäischen Gemeinschaft. Sie würden dann gegebenenfalls automatisch auch die kirchliche Existenz berühren. Die Ausnahmeregelung des Art. 8 Nr. 3 RL läßt zwar eine Verarbeitung au* wichtigen Gründen des öffentlichen Interesses auch sensibler Daten zu. Schon für den Kirchensteuerabzug ist die Reichweite dieser Regelung aber fraglich.

Das Datenschutzrecht und die Kirchen in der Bundesrepublik Deutschland

43

Die Kirchen müssen unbedingt weiterhin in der Lage sein, bei Einstellung von Mitarbeitern auch nach deren Religionszugehörigkeit zu fragen. Solche Daten müßten auch kontinuierlich verarbeitet werden dürfen. Andernfalls wäre das Selbstverständnis der Kirchen als Dienstgemeinschaft grundsätzlich in Frage gestellt. Gänzlich inakzeptabel ist für die Kirchen die in der Richtlinie vorgesehene Rolle der Kontrollbehörde gemäß Art. 30 Richtlinie. Die darin vorgesehenen Untersuchungsbefugnisse wie das Recht auf Zugriff zu Daten, die effektiven Eingriffsbefugnisse wie die Anordnung des endgültigen Verbots einer Verarbeitung, der Vernichtung eines Datenträgers oder die Befugnis, eine Verwarnung an den Verantwortlichen der Verarbeitung zu richten, verletzen eklatant das Selbstbestimmungsrecht der Kirchen. Es verletzt die innerkirchliche Leitungsbefugnis des Bischofs und der Synoden. Es ermöglicht den Zugriff auf Daten, die dem Seelsorgegeheimnis unterliegen. Dies ist aus den gleichen Gründen unzulässig, aus denen das Bundesverfassungsgericht die Zugriffsrechte des Konkursverwalters auf die kirchliche Verwaltung für verfassungswidrig erklärt hat. Wenn die Datenschutzrichtlinie in Art. 9 die Datenverarbeitung im Pressewesen aus ihrer Regelung ausnimmt, verletzt sie in Bezug auf die Religionsgemeinschaften das auch gemeinschaftsrechtlich geltende Gebot der Gleichbehandlung. Erst recht müßte die Freistellung für die Kirchen aus Gründen der Religionsfreiheit gelten.

Datenschutz und Kirchen in Griechenland Von Philippos C. Spyropoulos, Athen

I. 1. Das Staat-Kirche-Verhältnis

Parallel zur Gewährleistung individueller und korporativer Religionsfreiheit erkennt die griechische Verfassung die orthodoxe Kirche Griechenlands als "vorherrschende Religion" an. Alle anderen Religionsgemeinschaften werden als "bekannte Religionen" bezeichnet. "Bekannte Religion" ist nicht im Sinne einer vom Staat offiziell anerkannten Religion zu verstehen. "Bekannte Religion" ist die, deren Lehre und Kultus offenkundig, d.h. nicht geheim sind, und die nicht im Widerspruch zu der Rechtsordnung und den guten Sitten steht. "Vorherrschende Religion" ist die orthodoxe Kirche deshalb, weil nach herrschender Ansicht fast die Gesamtheit der Griechen dieser Kirche angehört. Die Bedeutung des Begriffs "vorherrschende Religion" ist also nach herrschender Meinung rein deklaratorisch. Nichtsdestoweniger sind mit dieser Qualifikation gewisse Privilegien verbunden: So werden staatliche Festlichkeiten in den gottesdienstlichen Gebräuchen der orthodoxen Kirchen begangen; die Besoldung des orthodoxen Klerus wird vom Staat übernommen; der Religionsunterricht im Elementar-und Mittelschulwesen wird aufgrund der orthodoxen Lehre erteilt. Immerhin gibt es Gesetzesbestimmungen über den Religionsunterricht für Angehörige anderer Religionsgemeinschaften, so daß das Grundrecht der Religionsfreiheit der Nicht-Orthodoxen nicht beeinträchtigt wird. Die Privilegien der orthodoxen Kirche, hauptsächlich ihr Status als Körperschaft des öffentlichen Rechts, im Gegensatz zu den übrigen Religionsgemeinschaften, die nicht öffentliche Körperschaften sind, sowie auch die traditionelle Verbindung zwischen dem griechischen Staat und der orthodoxen Kirche sprechen dafür, daß das Modell des Staat-Kirche-Verhältnisses ein Staatskirchen-

46

Philippos C. Spyropoulos

tum ist. Hinzu kommt auch das Argument, daß die Grundordnung der orthodoxen Kirche Griechenlands vom staatlichen Gesetzgeber bestimmt wird. Immerhin wird dieses Modell im Schrifttum, und zwar seit den 20er Jahren, als sich Liberalisierungstendenzen im Staat-Kirche-Verhältnis äußerten und insbesondere seit der geltenden Verfassung von 1975, als "System des durch das Gesetz regierenden Staates" oder auch als Modell einer "Quasi-Kooperation" bezeichnet. Das Staatskirchentum ist in der Tat mit der Verfassung von 1975 milder und lockerer geworden. Eine Trennungsdiskussion, und zwar ohne Verfassungsänderung, d.h. ohne Abschaffung der Qualifikation der orthodoxen Kirche als "vorherrschende Religion", hat bereits angefangen.

2. Verfassungsrechtlicher Begriff und Selbstbestimmungsrecht der Religionsgemeinschaften

Religionsgemeinschaft ist die Gemeinschaft der Gläubigen und Geistlichen, die ihren Kultus und jede andere Religionsäußerung im forum externum frei und ungehindert unter dem Schutz der Gesetze ausüben kann. Eingriffe des Staates in das innere geistliche Leben der Religionsgemeinschaften sind selbstverständlich ausgeschlossen. Aber die Religionsfreiheit beschränkt sich nicht nur auf das Dogma und das innere Denken; sie greift vielmehr in den Raum der gesellschaftlichen Auswirkung aus. Lehre, Kultus, karitatives Wirken usw. sind Manifestationen des von der Religionsfreiheit geschützten Bereichs. Die griechische Verfassung garantiert zwar nach der Rechtsprechung des Obersten Verwaltungsgerichts, des Staatsrates, in bezug auf die Rechtsstellung der orthodoxen Kirche das Dogma, die Lehre und den Kultus, aber nicht die Verwaltungsnormen und die besonderen Traditionen dieser Religionsgemeinschaft.

3. Finanzierungssystem

Ein großer Teil der Kosten der orthodoxen Kirche Griechenlands, d.h. die Besoldung des Klerus, wird, wie schon angemerkt, vom Staat übernommen. Die übrigen Religionsgemeinschaften genießen dieses Privileg nicht. Sie werden nur aus Eigenvermögen finanziert. Es muß jedoch betont werden, daß die orthodoxe Kirche mehrmals Teile ihres Vermögens dem griechischen Staat geschenkt hat, um soziale Bedürfnisse zu befriedigen. Kirchensteuer besteht in Griechenland nicht.

Datenschutz und Kirchen in Griechenland

47

II. 4. Datenschutzrecht des Staates und der Religionsgemeinschaften

Religionsgemeinschaften verfügen über kein Datenschutzrecht. Der griechische Staat eigentlich auch nicht. Der Gesetzentwurf über den Schutz der Person bei der Verarbeitung personenbezogener Daten, der von einem Ausschuß von Rechtsexperten bereits im Jahre 1986 vorbereitet und dem zuständigen Justizminister zugeleitet worden war, um im Parlament eingebracht zu werden, ist bis heute noch nicht verabschiedet worden. Während der Vorbereitung des Gesetzentwurfs wurde aber das Gesetz 1599/1986 verabschiedet, welches die einheitliche Matrikelnummer für alle griechischen Staatsbürger einführte. Seit Dezember 1991 sind allerdings die Gesetzesbestimmungen über die einheitliche Matrikelnummer durch das Gesetz 1988 abgeschafft worden. Die einheitliche Matrikelnummer sollte die gleiche sein für den standesamtlichen Status der Person, den Personalausweis, den Pass, das Wahl- und das Sozialversicherungsheft, den Führerschein, die Steuernummer usw. Diese Vorschrift war in Wirklichkeit nie in Kraft getreten, weil die von diesem Gesetz als notwendig vorgesehenen Ministerialentscheidungen nie erlassen worden waren. Das Ziel war eigentlich, nachdem heftige Kritik gegen die elektronische Durchdringung des Privatlebens der Person ausgeübt wurde, die einheitliche Matrikelnummer zusammen mit dem Gesetz über den Schutz der Person bei der Verarbeitung personenbezogener Daten einzuführen. Im Juli 1992 wurde das Gesetz 2068 erlassen, welches die europäische Konvention zum Schutz personenbezogener Daten vom 28.1.81 ratifizierte. Auch dieses Gesetz ist noch nicht geltendes Recht in Griechenland, weil die Ratifizierungsurkunde bis jetzt dem Generalsekretär des Europarates noch nicht zugestellt worden ist (vgl. Art. 22 Abs. 1 und Abs. 3 der Konvention). Die Richtlinien des noch nicht verabschiedeten Gesetzentwurfs sind die folgenden: Der Gesetzentwurf geht von einer Unterscheidung zwischen vertraulichen Daten, streng persönlichen Daten und einfach personenbezogenen Daten aus. Zu den vertraulichen Daten zählen die Daten über die Zugehörigkeit zu einer Nation, einer Rasse, einer Religionsgemeinschaft, über die persönlichen Beziehungen zwischen Ehegatten und zwischen Eltern und Kindern, über die Gesundheit, die Strafverfolgung und die Aktivität in Vereinen und politischen Parteien. Streng persönliche Daten betreffen die politischen oder philosophi-

48

Philippos C. Spyropoulos

sehen Anschauungen sowie auch das emotionelle und sexuelle Leben. Es sei bemerkt, daß die Unterscheidung der weltanschaulichen Überzeugung und des religiösen Glaubens in bezug auf die Charakterisierung der Daten als streng persönlich oder vertraulich nicht verfassungskonform erscheint, denn die Verfassung schützt gleichrangig sowohl das religiöse Gewissen als auch die nichtreligiösen Überzeugungen. Die Verarbeitung von streng persönlichen Daten ist verboten. Das Gesetz darf Ausnahmen bestimmen, indem es die Gründe, das zuständige Organ und die Art und Weise der Verarbeitung spezifiziert. Die Verarbeitung von vertraulichen Daten ist nur unter der Voraussetzung möglich, daß die Aufsichtsbehörde eine Erlaubnis gegeben hat, der Betroffene schriftlich eingewilligt hat und die Verarbeitung notwendig für die Ziele der Datei ist. Dateien von Privatpersonen oder öffentlichen Behörden dürfen nur aufgrund einer Erlaubnis der Aufsichtsbehörde gegründet werden. Für die Erteilung der Erlaubnis ist u.a. notwendig, daß das Ziel der Datei und der Datenverarbeitung, die Empfänger der Daten und das Sicherheitssystem der Datei spezifiziert werden. Jegliche Datenverarbeitung darf nur im Einklang zur Menschenwürde, zum Privatleben und zur Verfassung sowie zum Recht im Allgemeinen unternommen werden. Jedem Betroffenen wird das Auskunftsrecht garantiert.

5. Sonderregelungen des staatlichen Datenschutzrechts für religionsrelevante Daten

Die Freiheit der Religionsausübung umfaßt die Freiheit der schriftlichen oder mündlichen Kundgabe der eigenen Glaubensüberzeugungen, sowie auch die Freiheit, über den eigenen Glauben zu schweigen. Freilich handelt es sich nicht um eine Verletzung der Freiheit, über den eigenen Glauben zu schweigen, wenn man von Behörden nach seinem religiösen Glauben gefragt wird, vorausgesetzt, daß aus der Beantwortung eine Rechtsfolge, wie z.B. die kirchliche Trauung, abhängig gemacht oder eine offizielle Statistik erleichtert wird. Die Angabe der Zugehörigkeit zu einer Religionsgemeinschaft ist aber auch aufgrund des Gesetzes 1988/1991 für den Personalausweis obligatorisch. Ein Ge-

Datenschutz und Kirchen in Griechenland

49

setzentwurf, demgemäß die Zugehörigkeit zu einer Religionsgemeinschaft nicht mehr obligatorisches Element des Personalausweises sein sollte, sondern nur auf Wunsch des Betroffenen aufgeschrieben werden sollte, ist neulich vom Parlament abgelehnt worden.

6. Der Gesetzentwurf zum Schutz der Person bei der Verarbeitung personenbezogener Daten, die Richtlinie des Rates und die Religionsgemeinschaften

Die Bestimmungen des griechischen Gesetzentwurfs kollidieren nicht mit der Richtlinie. Die Aufsichtsbehörde ist ein Kollegialorgan, das aus Richtern, Universitätsprofessoren, Informatikexperten und Parteibeauftragten besteht. Die religionsrelevanten Daten werden als vertraulich charakterisiert und genießen einen erhöhten Schutz. Religionsgemeinschaften dürfen, genauso wie Verbände oder Personenvereinigungen, im Rahmen ihres berechtigten Ziels, Mitgliedslisten aufstellen und bewahren. Über die Akzeptanz des staatlichen Datenschutzrechts und der Richtlinie des Rates seitens der Religionsgemeinschaften hat es bis jetzt in Griechenland keine öffentliche Diskussion gegeben. Meiner Ansicht nach gibt es keinen Grund für die Religionsgemeinschaften, um Ausnahme vom Gesetzentwurf und vom Vorschlag für die Richtlinie zu kämpfen.

Literatur Spyropoulos, Philippos C.: Die Beziehungen zwischen Staat und Kirche in Griechenland, Unter besonderer Berücksichtigung der orthodoxen Kirche, Diss. iur. Freiburg i.Br., Athen 1981. Marinos, Anastasios: Computer und Recht, 2. Aufl., Athen 1991 (griech.).

4 Robbers

Data Protection and the Churches in Spain By Agustin Motilla, Madrid I. Constitutional Basis for the Relations between the Religious Organizations and the State The Constitution of 1978 establishes the protection of the freedom of beliefs, both ideological and religious, as the basis to govern the regulation on religious matters. The right to individual religious freedom proclaimed in art. 16, is also projected upon the groups to which the believer joins for the practice of his beliefs. The Constitution not only guarantees, as a statement of religious freedom, the occasional meeting for the practice of worship acts (art. 16,1), but also and especially protects the institutionalized capacity of these, to which it denominates "confesiones religiosas". With respect to the religious organizations, the Constitution, considering that the individual's religious activity is mainly practiced in its context, goes further of the tutelar scope of its autonomy by binding itself to collaborate with the organizations in the resolution of the social capacities of its activities. The last clause of paragraph 3 of article 16 declares: "The public authorities will take into account the religious beliefs of the Spanish society and will maintain the consequent cooperation relations with the Catholic Church and the other organizations". The precept extends to the religious matter, the concept of public protection of the human rights in its promotional sense or of supervisor as State, so that its possession be real and effective (as expressed in article 9.2. of the Constitution), granting at the same time the participation of the groups in the standard decisions that might affect them, being these the typical characteristics of the "pluralist-democracy" system. Obviously the obligation to cooperate on the part of the public authorities, grant the latter a wide judgement at the time of establishing the definite lines of collaboration and in determining which organizations will obtain this benefit. Constitutionally this cooperation confronts to two generic limits. On the one hand the declaration in clause first, paragraph 3 of article 16, which states that 4*

Agustin Motilla

52

"no organization will bear a state character", this statement being interpreted both doctrinal and legally in the sense of forbidding both the phenomenon of the "church of State", as well as the confessionality of the State - closest to the Spanish historical tradition - which leads to the configuration of a "neutral State" with respect to the definite religious beliefs. On the other hand the equality in religious matters proclaimed in article 14 that puts veto on any discrimination, on account, among other personal circumstances, of the religious beliefs. The compatibility between the constitutional requirements of equality and cooperation is not easy, as in its strict consideration leads to a certain contradiction. The jurisprudence of the Constitutional Court determines the legitimacy of the specific treatment favourable to a determined group or social entity, always and when the regulations respond to a margin of justification and fairness 1. It is obvious that behind this judgement it still exists a great amount of undetermination, taking special relevance the social and political circumstances estimated, according to the prudence and wit of the judge. The previous disposition foreseen in the law, in order to put into practice the cooperation between the State and the organizations, is the inscription in a special registry located in the Ministry of Justice: the Registry of Religious Entities. The data requested from the religious groups in order to inscribe them, which will be analysed later on, are justified as a means of an eventual regime of cooperation with the applicant group, this not resulting in a proceeding of control and restriction of its religious activity. Besides, the stipulation of a "cooperation agreement" with the State is the way to obtain full cooperation, as it allows to determine the specific status of the organization, as well as to benefit from the legal, economic and administrative advantages granted in these cases. This possibility is foreseen in the Organic Law of Religious Freedom2. Considering these two parameters, inscription and agreement, as part of the same process of cooperation, the rank of the religious groups can be classified in three different categories: a. Organizations that have agreements with the State. Actually only the Catholic Church3 - which has inspired the conventional system, as the tradition 1

Cfr M in this sense, Sentence of the Constitutional Court of November 29, 1985. Organic Law 7/1980, of July 5, of Religious Freedom. 3 Cfr., the Agreement of July 28, 1976; the Agreements on Legal Affairs, Economic Affairs, Education and Cultural Affairs, Religious Assistance to the Armed Forces and Military Service of Priests and Religious Individuals, stipulated on January 3, 1978; to which we may add, the Agreement on the Recognition to Civil Effects of Non-Ecclesiastic Studies, undertaken in the Church Universities, of April 5, 1962. 2

Data Protection and

hurches in

i

53

of the concordat agreements in Spain go back to the XVIII century, and before that in partial agreements with the Catholic Church - and the Evangelicals, Jews and Moslems4 have also stipulated this type of agreements. Although it is convenient to emphasize the differences between the Agreements with the Holy See and those signed with the non-catholic organizations and communities, not only according to its legal nature - the previous are considered as international treaties - but also in its content and effects which grant the Catholic Church all kinds of advantages and benefits, highly superior to those of the remaining organizations. b. Organizations inscribed in the Registry of Religious Entities, but which have not reached a global agreement with the State. c. Religious groups which are not inscribed. The legal protection of the autonomy of the church, organizations and communities, obviously depends on the legal statute obtained under the law.

I I . Degree of Autonomy of the Religious Organizations and of Its Members The regulation on religious matters established under the Spanish law, starts from the use of special law techniques, in order to determine the legal statute for each organization under the law. Depending on the degree of recognition and cooperation by and with the State, we can find a rank in the safeguards that the law grants for the free development of the religious organizations. On a first step, the groups not inscribed in the Registry of Religious Entities - at their own will, or due to being out of the limits of religious protection within the meaning of article 3,2 of the Organic Law of Religious Freedom5 - might exercise its right to religious freedom under the common scope of protection of the freedom of ideologies and thoughts - right to the freedom of information, 4 Cfr., Law 24/1992, of November 10, by which the Agreement of Cooperation of the State with the Federation of Evangelical Religious Entities in Spain, is approved: Law 25/1992, of November 10, by which the Agreement of Cooperation of the State with the Federation of Israelite Communities in Spain, is approved; Law 26/1992, of November 10, by which the Agreement of Cooperation of the State with the Islamic Commission of Spain, is approved. 5 According to this precept, "the activities, purposes and Entities connected with the study and experimentation of the psychic and parapsychological phenomenons, or with the divulgence of humanistic or spiritual securities or other similar purposes alien to the religion, will be left out of the scope of protection of the Law".

54

Agustin Motilla

gathering, education, etc., or they can also benefit of the right of association, as expressed in article 22 of the Constitution and thus inscribe in the Registry of Associations dependant of the Ministry of Internal Affairs. They therefore subdue to the Law of Associations of 19646, stipulated under General Franco's regime, that, although adapted to the Constitution of 1978, is not very explicit in the scope of granting internal autonomy. Article 6 of the Law stipulates that they can govern themselves by their own rules - statutes and Board of Directors. But in this latter aspect, the law requests the existence of a General Assembly composed by all of its members, as the maximum governing instrument and a Board of Directors to perform the agreements taken by majority consent by the latter, as well as to carry out the ordinary tasks. This type of structure might collide with some dogmatic aspects of the religious group, as for example if absolute legal and teaching powers are conferred to an individual or group of individuals, reputed as sacred. The fact of inscription in the Registry of Religious Entities confers the organization complete normative and organizational autonomy. Article 6,1 of the Law of Religious Freedom is conclusive in this sense. "The inscribed Church, Organizations and Religious Communities will have full autonomy and will be able to establish their own rules regarding organization, internal regime and personnel policies". This implies the recognition of the non-state origin of the organizations and the freedom to rule themselves internally towards the achievement of their own purposes, this scope being interdicted to the State's interference. Although naturally, they are also subdued to the laws of the State. The public tutelage of the religious autonomy is not limited to the recognition before the State. Likewise it protects itself from other beliefs or religious groups. Article 6,1 also stipulates that "In said regulations, as well as in those that rule the institutions established by the former to achieve its purposes, clauses to safeguard its religious identity and own character, as well as the respect to its beliefs, might be included, without detriment of the rights and freedoms recognised by the Constitution and, notably those of freedom, equality and non-discrimination". The safeguard clauses are used to identify the essentials of the beliefs, thus to individualize them before other groups, in order to avoid hypothetical usurpations of the religious identity. The interpretation and application in practice of these clauses by the public authorities will not always be easy. It is unavoidable that tensions between the free practice of religion and

6 Law 191/1964, of December 24, of Associations.

Data Protection and

hurches in

i

55

the confessional autonomy arise, as well as the need to adopt theological and doctrinal appraisals inconsistent with those of the secular authorities. With respect to the organizations which have agreements with the State, only those of the Catholic Church expressly develop aspects of the autonomy of this organization. In article 1 of the Agreement on Legal Affairs, the State recognizes and grants the right of the Church to the "... free and public practice of its own activities and especially those of public worship, jurisdiction and teaching" - which doesn't add much to the tutelar scope of the organizations inscribed -. The intricacy of the organizational structure of the Church, justifies the specific autonomy recognised by the State regarding its planning and performance: "The Church may organize itself freely and in particular, may found, modify or suppress Diocese, Parishes and other territorial circumscriptions". As declared under the dispositions of the Spanish Constitution, the right to the establishment of associations (art. 22) and foundations for purposes of general interest (art. 34), the Organic Law of Religious Freedom reiterates these rights in the assumptions of entities established in their religious organizations: "the Church, Organizations and Religious Communities may establish and promote Associations, Foundations and Institutions, in order to achieve its purposes, according to the dispositions under the Law". The degree of autonomy of these will be that applicable to the common regime of civil associations, should they not be inscribed in the Registry of Religious Entities. In case they are already inscribed, as so is allowed by the Standing Rules7, the protection of their legal and organizational autonomy would be strengthened as stipulated in article 6,1 of the Law of Religious Freedom aforementioned. Let's remember that said regulation expressly refers to "... the institutions established by those the organizations - in order to achieve its purposes ..." under which regime, clauses for the safeguard of their own identity might be set. Of course, the more common the purposes of those entities - hospitals, schools, asylum, cultural societies, etc. - the less necessary to establish the clauses. The Agreement on Legal Affairs with the Holy See also mentions the right of the Church to "... found, approve and suppress Religious Orders and Congregations, other Devote Institutes, as well as Ecclesiastic Institutions and Entities ...", without including any declaration on the degree of autonomy of the same, thus being applicable, in this case, the common regime for the inscribed organizations.

7 Article 2 of the Royal Decree 142/1981, of January 9, on Organization and Operations of the Registry of Religious Entities.

56

Agustin Motilla

The concept of autonomy being understood as "institutional autonomy", that is with the capacity to establish own entailing rules; organize itself internally by creating hierarchies and services as well as to delimitate functions and tasks. As seen before, these were protected under the Spanish Law. Both this as well as the ones not inscribed as a consequence of the right to religious freedom, may request and store personal data from its members, if deemed necessary for the development of its apostolic tasks, although always subject to the constitutional right to protect the honour and personal privacy of the individual, and consequently, to the means established by the law to that end and that will be explained later on. I I I . Declaration of the Religious Beliefs before the Public Authorities The criterion of specific protection of the right to religious freedom assumed by Spanish law is subject to the implicit or explicit declaration of the religious beliefs, in order to obtain the advantages or benefits of whatever kind, in the scope of personal development as a member of an organization or community member. Both the individual at the time to exercise his right to religious freedom and the organizations that wish an active cooperation with the State, need to identify themselves, express their wishes according to their beliefs or even their religious belonging, for example in case they have to claim religious assistance for confession. In the case of the groups, so as to obtain specific protection according to its religious nature. The proposal of this study will be the situations in which the law provides certain legal consequences on the previous declaration of religious beliefs. In all the assumptions, this declaration is considered a "sine qua non" circumstance for the concession of an advantage or benefit to facilitate the practice of the right to religious freedom. Obviously this gives the Public Authorities ample information about the ideological and vital profile of the individual. The amount of information in the hands of the Administration will conform the substratum over which the law will perform lawful acts regarding the protection of personal data. This will be studied later on. 1. Declaration of Individual Beliefs

The freedom to declare one's personal beliefs is expressed in the Spanish law as a legal right of the individual. It includes the right to disclose the personal

Data Protection and

hurches in

i

57

religious ideologies or beliefs, in order to obtain the protection of a legitimate interest or benefit that the law grants. Besides the examples we find in the law and to which we will refer afterwards, the declaration of beliefs may be performed in law proceedings, when the deponent seeks, through the judge's decision, the obtention of a certain lawful consequence he deems close to his ideologies. This is rather frequent in the proceedings of Family Law, - divorce proceedings, determination of the guard and custody of the children, constitution of tutelage, adoptions, etc. -. The Spanish Constitution only forbids the existence of a legal duty to declare, imposed upon with a compulsory nature. Article 16,2 stipulates: "Nobody will be obliged to declare over his ideologies, religion or beliefs". This, of course, does not exclude, we insist, the voluntary declaration of the individual8. Or even more, in the assumption that the public authorities should take into consideration the beliefs, in order to grant the legal means needed for the practice of the religious freedom, the inquiry that bears a declaration of beliefs might be considered as legal, if and when the obligation to answer doesn't exist, observing therefore the right to silence. Based on the various assumptions foreseen in the law on declaration of personal beliefs and/or religious convictions, the following circumstances might be pointed out: a) Actions which imply a declaration on the conscience motivations Under the Spanish law, the declaration on the ethic beliefs of the individual is an unavoidable precious requisite, in order to be recognised as a conscientious objector and thus get exempted from the military service. Article 1,2 of the Law 48/1984 of December 26, which regulates the Conscientious Objection and the Social Substitutory Service, states, as applicable motivations of conscience, the convictions of "... religious, ethic, moral, humanitarian and philosophical nature, or any other of the same nature ...". Under the unique objection legally specified, the individual is requested to justify himself, before the National Council of Conscientious Objection, giving the reasons on which his denial to perform the military service are based. This involves the statement of his personal beliefs, religious or not. In the first case it would not be necessary 8 Likewise, we arrive to this conclusion by applying analogically the legal development of other very personal rights safeguarded in our Constitution, such as the right to honour, to the personal and familiar privacy, and to One's Own Image. Article 2,2 of the Organic Law 1/1982, of May 5, on Civil Protection to the Right of Honour, to the Personal and Familiar Privacy, and to one's own image, excepts, from what qualifies as unlawful intrusion in the scope of protection, the express consent of the individual entitled to this right.

58

Agustin Motilla

to declare the belonging to an organization, but no doubt should you declare the belonging to certain organizations, as for example to the Witnesses of Jehovah, whose main characteristic is that of the objection of conscience, this will prove the reliability of the objection. Other assumption that could be considered as declaration of ethic beliefs, is that of the compulsory oath. Although the abstract character of the form used, which unbinds the oath to any adhesion to transcendence9, takes away relevance as a means of expressing beliefs. b) Actions which involve implicitly the declaration of religious beliefs In this group we can find three typical assumptions of the promotional character of the religious freedom, that the public authorities develop through the cooperation with the organizations. The exposition will be limited to explaining in what sense and terms, the petition of the individual implies a declaration of his religious beliefs. The religious matrimony, by agreement stipulated with the State, obtains civil consideration by inscription in the Civil Register10. The fact of informing the public authorities of the matrimony at the time of registering, implies, no doubt, a declaration that, at least, one of the contracting parties - in the case of mixed matrimony - belongs to the organization and adheres to the spiritual and ethical principles that dogmatically form part of a determined concept of matrimony. The same conclusion may be put forward in the assumption of the canonical matrimony in cases of nullity or dissolution11. Another case in which the Law requests a personal declaration of beliefs, in order to obtain a benefit under the right to religious freedom, is represented by the optional character of the teaching of the religion as a subject in public 9 For example, article 1 of the Royal Decree 707/1979, of April 8, by which the Formula for the Oath in Duties and Public Functions is established, foresees the alternatives of swearing or promising, in good faith or by honour, to observe his obligations, or simply to swear or promise to observe them. 10 Article 6 of the Agreement on Legal Affairs stipulated with the Holy See, and article 63 of Civil Code, regarding the canonical marriage. Article 7 of the Agreement with the Federation of Evangelic Religious Entities, Agreement with the Federation of Israelite Communities and Agreement with the Islamic Commission, regarding their marriages in the Protestant, Jewish and Moslem marriages, respectively. 11 Article 6 of the Agreement on Legal Affairs, article 80 of the Civil Code and the Second Additional Disposition of the Law 30/1981, of July 7, that modifies the Civil Code on matrimonial matters.

Data Protection and

hurches in

i

59

schools. According to the regulations contained in the various norms that develop the Organic Law 1/1990, of October 3, of the General Ordinance of the Educational System in the matter of Catholic Religion12, but which might be extended to the other organizations which have agreements with the State13, the parents, tutors or the student himself, being of full age, take the choice at the beginning of the school term, also having the possibility to reconsider this choice each year. The request to study this subject does not necessarily mean the belonging to that organization, or that the beliefs are totally coincident, although it does mean a strong presumption towards them. In general, the State gives economic assistance to the religious organizations by granting them tax exemptions or benefits, putting them on the same level as the non-profit making civil associations and of charitable nature14. Moreover, the law wishes to promote the donations made by physical or legal persons in favour of the religious organizations, by granting them fiscal advantages by reducing the amount on the Personal Income Tax or the Corporation Income Tax, depending whether it is referred to a physical person or legal entity15. The Catholic Church benefits also from a new way of financing, that is from the collection of a quota or percentage of the Personal Income Tax, if and when the tax-payer, by his own will, expressly indicates it 16 . This mechanism of the tribuary assignment therefore requires a declaration of the tax-payer which iinpli12 Article 14 of the Royal Decree 1.006/1991, of July 14, by which the Minimum Education corresponding to the Primary Education is established: article 14 of the Royal Decree 1.007/1991, of July 14, by which the Minimum Education corresponding to the Secondary Obligatory Education is established: Article 15 of the Royal Decree 1.178/1992, of October 2, by which the Minimum Education for the Baccalaureate is established; article 27 of the Royal Decree 1.179/1992, of October 2, by which de Curriculum of the Baccalaureate is established. 13 Article 10 of the Agreements with the Evangelic, Israelite and Islamic Federations. 14 Cfr., with generic nature, article 7,2 of the Organic Law of Religious Freedom. Notwithstanding, the individuals belonging to the structure of the religious organizations or those of accredited religious nature, benefit from a more favourable regime of fiscal exemptions. Cfr., article 4 of the Agreement of Economic Affairs with the Holy See and article 11 of the Agreements with the Evangelic, Israelite and Islamic Federations. 15 Article 78, 6,c) of the Law 18/1991, of July 6, on the Personal Income Tax, established an exemption of 10 % on the amounts donated to the religious organizations with agreement; and article 123 of the Royal Decree 2.631/1982, of October 15, by which the Regulation on the Corporation Income Tax, prescribes a deduction of 10 % of the amounts donated to these same religious organizations. 16 Article 2,2 of the Agreement on Economic Affairs with the Holy See states: "... the State may assign to the Catholic Church, a percentage on the income tax or net patrimony, or other of personal nature, by the most technically adequate proceeding. To this end, it will be necessary that each taxpayer expressly declares his will as to its destination. In the absence of such a declaration it will be assigned to other purposes". The tributary assignation in favour of the Church got into effect in the fiscal year 1988, being set in the Fifth Additional Disposition of the Law 33/1987, of December 23, of the State General Budgets of 1988, the percentage or quota on the Personal Income Tax.

60

Agustin Motilla

citly bears an indication regarding his beliefs. Although strictly speaking he is only requested to indicate his will with respect to giving a part of his income tax payment to the Church, having also the option to make a donation for social purposes, or to abstain from both options, the fact of choosing the option of making the donation to the Catholic Church, also means a presumption of belonging or of being congenial with this organization. c) Actions which involve the declaration of belonging to a specific organization The right to receive religious assistance from one's own organization, as stated in article 2,1 of the Organic Law of Religious Freedom17, implies under specific circumstances and according to special situations of the individual the collaboration of the State with the organizations, so as to provide the spiritual needs of the individual. The most important assumptions stated in the law are those of the right to assistance in public hospitals, penitentiaries or during the completion of the military service. Under normal circumstances, the individual himself should be the one to request from the administration of the public institution, the right to religious assistance, this being equivalent to a declaration of religious beliefs. But even more, the Spanish law allows to question the hypothetical beneficiaries about their will to receive religious assistance and their belonging to a specific organization, in order to organize the assistance according to the number of individuals interested in the same, if and when the right to silence be observed. In this sense, the Royal Ordinance of the Armed Forces prescribes that its members "should not be obliged to declare about their ideologies, religion or beliefs, but might be asked to the sole purpose of providing the organization of the religious assistance, although they might abstain from answering to their own will" 18 . The data on the belonging of the individual are quite useful both to the civil and religious authorities, in order to arrange the means for material and personal assistance, and the logical moment to ask this question is at the entrance of the individual in the corresponding centre. With respect to the other assumptions of assistance in penitentiaries or public hospi17

"The religious freedom ... comprises ... the right of all individuals to: b) Practice ceremonies of public worship and receive religious assistance from its own religious organization ... and not being obliged to practice acts of public worship or to receive religious assistance contrary to his personal beliefs". 18 Article 239 of the Royal Decree 2.945/1983, of November 9, which approves the Royal Ordinances of the Army: article 294 of the Royal Decree 494/1984, of February 22, which approves the Royal Ordinances of the Air Forces: article 437 of the Royal Decree 1.024/1984, of May 23, which approves the Royal Ordinances of the Navy.

Data Protection and

hurches in

i

61

tais, the law does not expressly indicate the lawfulness of the question, but we do not find any obstacle to applying the same regulation as in the case of the Armed Forces, but always emphasizing the voluntary nature of the reply. Along with the situations originated by the practice of the right to religious assistance, which represent the most explicit declarations of religious beliefs under the Spanish law, other declarations of religious belonging to which the law subordinates certain rights and benefits, as for example those of the representative or active members of the religious groups who take the choice to inscribe the same in the Registry of Religious Entities, so as to obtain the advantages granted by the State for their cooperation. Due to the importance more social than individual of this declaration, the fact of the inscription as releaser of community data will be examined under the next headline. 2. Declaration of the Organizations of Their Own Beliefs, Type of Organization or Operations

The cooperation system with the organizations as expressed in article 16.3 of the Constitution, states the need of a certain knowledge on the part of the public authorities, concerning the structure and needs of the religious subject who requests this cooperation. These data are requested at the moment of inscription in the Registry of Religious Entities, assuming, besides the granting of other recognitions orrights, a hypothetical cooperation with the State in its activities of social transcendence. The legal regulation, at least in its inspiring lines, withdraws from the aforementioned function of the Registry of Non-Catholic Associations, that controls these associations through an exhaustive entry of their members and economic resources19. The basis of the Registry regulated by article 5 of the Organic Law of Religious Freedom of 1980, is to declare and prove before the public authorities the necessary means in order to claim the benefit of a specific regime of cooperation with the State. We have already seen that the associations or foundations, dependant on the religious organizations, might also be inscribed in a Department of the Registry. In these cases, as well as for the mother organizations, the Royal Decree 142/1981 of January 9, on Organization and Performance of the Registry of Religious Entities, as ex19 Articles 15, 17 and 18 of the Law 44/1967, of June 28, Regulating the Exercise of Civil Law to Freedom in Religious Matters, demands the annotation of the worship ministers, registering of its members and accounting books, which will be at the disposal of the governmental authorities for inspection, as well as to declare about the patrimony and economic resources at the disposal of the religious organizations.

62

Agustin Motilla

pressed in the article of the Law of Religious Freedom aforesaid, states that at the time of the inscription, the document of foundation in Spain must be provided with, containing the following information: "a). Denomination of the organization, in such a way that it be idoneous to be distinguished from any other; b). Residence; c). Religious purposes regarding the limits established in article 3 of the Organic Law 7/1980, of July 5, of Religious Freedom, to exert the rights originating in religious freedom (...); d). Performance regime and representative organizations, indicating its faculties and requisites for a valid designation; e). Optionally, a list of the individuals who bear its legal representation. The corresponding certification issued by the registry will be enough proof to accredit such distinctive character." Undoubtedly, some of these data confer a wide margin of interpretation to the data processor in charge of its evaluation, in the first instance the administrative authorities which admit or deny the inscription. The undetermined concepts such as "religious purposes" or "performance and representative organizations" imply the natural operation of applying the rule to each concrete case giving an accurate meaning to metajuridical categories that are subject to controversy under the scope of discussion of other sciences. The Registry's praxis is in these cases of restrictive interpretation, essentially since the social controversy that came forth about the activities of the so-called "new religious movements". The religious nature of the petitioner group should be accredited, not by demonstrating the absence of a purpose inconsistent with the religion, or adverse to public respect, as prescribed in section c) of article 3 of the Registry's Regulations, but by requesting the accomplishment of a predetermined concept of religion in which the existence of an organic ensemble of dogmas and beliefs about a transcendent Supreme Being, and of their own ceremonies of public worship be evident. Likewise in the "regime of performance and representative organizations", the Administration not only requires information about the structure, in order to verify the lawfulness and entailment of the internal resolutory processes of the cooperative agreements; but demands a given organization denominated as "religious" where the distinction between a hierarchical sacerdotal ministry and a parish is clearly shown20. It is evident that the restrictive interpretation herein stated, that to our judgement, compels the 2 0 Regarding these two aspects, one may consult the Denying Resolutions of Inscription of the Church of the Unification and the Church of the Scientology, of April 12, 1983 and April 22, 1985, respectively, which are included in the Annex of my monography: Sects and the Law in Spain. A study regarding the position of the new religious movements in the Spanish Law. Madrid 1990, pages 244 ss.

Data Protection and

hurches in

63

"ratio legis" of the rule, requires an exhaustive declaration of data about the religious beliefs that is not expressed in the law. Parallelly, and in spite of the character of "numerus clausus" stipulated in the standing rules as expressed in article 3 21 , the Administration is requesting from the groups new data in the light of its faculty of "prior qualification", such as significant number of members, stability and time of establishment of the petitioner. These data indeed would be useful to demonstrate the time of establishment of the religious organization, as requested in article 7.1 of the Organic Law of Religious Freedom, in order to make agreements with the State, that decides, as stated in said article, in the light of the parameters of "scope" and "number of members". Should this be right, the Public Administration would have new data about the organization to complement those demanded "ex lege" at the inscription; that is, nominal relation of the number of members, initiation date of its activities, properties and its location throughout the national territory, dependant associations, etc. Although, even nowadays the criteria on time of establishment are still unknown. They are also missing in the case of the religious organizations that have stipulated agreements with the State. The Catholic Church for its self-evidence is constitutionally recognised. And the Evangelic, Jewish and Moslem religions, for not having been accredited the assumption of such a qualification which had been granted "a priori". This means that, as pointed out by the "Consejo de Estado", in front of the lack of data at this respect, it is urgent to adopt a criterion to be used as "... precedent that might entail in the future the range of the undetermined concepts about the time of establishment contained in the Organic Law 7/1980"22. Once an agreement with the State is reached, a special department will be opened in the Registry23 for the inscriptions and entries of the religious organizations. In the Jewish and Moslem Agreements, recently approved, new matters of inscription towards the end of specifying the objective or subjective scope of protection to be ruled are determined. Thus, for example, as regards to

21 Article 4.2 of the Royal Decree on Organization and Operations of the Registry of Religious Entities states: "The inscription may be denied only when the requisites referred to in article 3 are not adequately accredited". 22 Dictamen of the "Consejo de Estado" of January 31, 1991 on the Cooperation Agreements with the Federation of Evangelic Religious Entities of Spain and Federation of Israelite Communities of Spain. 2 3 In this sense, cfr. article 7,2 of the Royal Decree on Organization and Performance of the Registry of Religious Entities.

64

Agustin Motilla

the place where the ceremonies are celebrated24, but it can be extended to other matters, such as the statement of sacred ministers, which represent new data provided to the public authorities. The economic-fiscal benefits foreseen in the law, in favour of the religious organizations that have reached an agreement with the State, also offer sufficient accurate knowledge about the real estate, management and administration of the properties of the religious organizations. With respect to the Catholic Church, the amounts contributed by the system of fiscal assignations, through which it receives a percentage of the Personal Income Tax of the individuals, as explained before, are also complemented by the amounts received from the State25. Therefore, paragraph two of the Additional First Protocol of the Agreement on Economic Affairs which binds the Church to present an annual balance sheet justification of the disposition of the resources received directly from the State for their needs, as well as a projection of future expenses, is applicable. The State contribution being the most important item received by the Church, the annual balance sheet assumes the handing over, in a more or less complete manner, of the accounts of the Spanish Catholic Church. As refers to fiscal benefits of the ecclesiastic entities belonging to the institutional structure of the organization or of accredited religious nature, the tax exemptions, as for instance the VAT and the Income Tax, have to be justified by stating the type of activity that has originated the tax and also demonstrating, in the second assumption, the non-becoming income from profit-making activities such as the development of economic resources, profits on usage cessions and capital investments, etc.; and the tax exemptions on real estate have to be accredited to specific usage as stated in the agreements26. All of this, as a whole, provides a source of full information about the properties and income of the religious organizations under agreement, although somehow dispersed due to the singularity of each ecclesiastic entity and the competent administrations that collect the taxes. Similar conclusions might be drawn, regarding those religious organizations, which due to their charitable activity of civil nature request the exemp-

2 4 Article 2,5 of the Agreement with the Federation of Israelite Communities of Spain and the Agreement with the Islamic Commission of Spain. 2 5 The Agreement on Economic Affairs, establishes a transitory period of three years, but in effect, the complement has been extended up to nowadays, that is, the sixth fiscal year since the system of tributary assignation got into effect. Therefore, cfr., with respect to the fiscal year in progress, Law 39/1992 of the State General Budgets for 1992, Sixth Additional Disposition. 2 6 Article 4 of the Agreement on Economic Affairs with the Holy See; article 11 of the respective Agreements with the Evangelic, Israelite and Islamic Federations.

Data Protection and the Churches in

a

65

tions or allowances stated under the general law for the non-profit making or charitable associations. Summarizing, the cooperation system with the religious organizations provides the public authorities a disperse and varied range of information on them, that goes from the dogmatic matters about their essential beliefs or distribution of the internal mastership powers, up to the economic data, this flow of data increasing as the degree of collaboration progresses. The perfect stage is attained when an agreement with the State is reached. Although the declaration of data, in principle, has a voluntary nature, to make it depend on the degree of cooperation entails the risk of using it as an instrument for the public control of the social beliefs. Hence the importance of the study on the limits to which the public authorities are subdued when using these data.

IV. The Safeguard of the Personal Data and the Data of Religious Organizations in Spanish Law The Constitution provides a specific safeguard of the personal data files as a corollary to the right to privacy, referring its development to the legislator. In this sense, article 18.4 states: "The law will limit the use of data-processing systems in order to safeguard the honour and personal and familiar privacy of the individuals, as well as the full practice of their rights". This particular attention paid to the processing of data, is accountable to the actual possibility of storing a great amount of data regarding an individual, that might be exchanged in order to get acquainted with certain details of his personality with which, as a whole, it is possible to draw a complete profile of his being and circumstances. The risk to violate the limits of the right to personal privacy is evident. The safeguard of personal data is provided for in the Spanish law through the Organic Law 5/1982, of October 29, of regulation of the Personal Data Processing Systems, the objective of which is to develop article 18.4 of the Constitution. In turn this Law takes into consideration, as expressed in the statement of circumstances, a treaty with the European Council, The Council of Europe Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data, subscribed on January 28, 1981 and ratified by Spain on January 31, 1984, that sets the fundamental principles and techniques of international cooperation in this matter.

5 Robbers

66

Agustin Motilla

In the strict sense of the religious beliefs, the Organic Law distinguishes between the data that are in the hands of the church, religious organizations and communities - whether inscribed or not -, and the processing of other public or private data files. Section e) of article 2.2 excepts from the scope of application of the Law the files of the political parties, trade unions and religious organizations, if and when these data are referring to their associates or members and ex-members. This means that the respective registries might be ruled under full autonomy according to its purposes and needs. Nevertheless, the exclusion does not have an absolute character. This could damage the right to privacy and intimacy stated in the Law. The nucleus of the law which grants the scope of immunity of the individual constitutes "ius cogens" of general character. Thus, the Law of Processing of Personal Data, limits in two different spheres the self-regulation of the files of the religious organizations and of the other organizations aforementioned. With respect to those of personal nature which reveal the ideology, religion or beliefs - data especially protected under the Law -, article 7 requests the express and written consent of the data subject for its processing and forbids to open files for the sole purpose of storing these data27. Naturally, the own ultraterrestrial purposes of the religious organizations, their ritual and practice activities - after all, all of them related to the beliefs - justify the lawfulness of their registries. Likewise, the disclosure of personal data belonging to the religious organizations, to third parties, is conditioned to the existence of previous consent of the data subject, and to the fact that these be disclosed for purposes connected with the lawful tasks of the cedent and the cessionary28. But in a superior scope to these two limiting assumptions of the regime of autonomy, on the storing of diverse data about the members or associates that belong to the church or religious communities, the general principles stated in article 5 of the European Convention are also applicable - let us remember that this practice is actually in force under Spanish Law -, that is, the fair processing of data in order to comply with specific purposes, of which they will not deviate, its accuracy and relevance and the non excessive accumulation of these data in the light of the registry, as well as of therights of the individuals, as ex2 7 Paragraph 2 of article 7 states: "Only under the express written consent of the data subject, the data of personal nature which reveal ideologies, religion and beliefs, may be subject to automatic processing". Also paragraph 4 of the same article states: "The files opened to the exclusive purpose of storing data of personal nature which reveal the ideologies, religion, beliefs, racial origin or sexual life, are forbidden".

Data Protection and the Churches in Spain

67

pressed in article 8, of acknowledgement of the existence and purpose of the registry, access to personal data and demand of corrections. These principles andrights constitute the lines of safeguard of the private life of the individuals, likewise fundamental of the Law of Processing of Personal Data. The Organic Law 5/1992 completes the regulation of the legal regime and protection system of the rights of the individuals by creating an administrative body, the Agency for the Protection of Data29, that is in charge of the observance of the Law, of the assistance of the individuals in their claims without prejudice of claiming before the courts -, as well as of the management of the General Registry of Data Protection, where all private and public automatic files are inscribed and also to establish a regime of administrative infringements and penalties. To the effects of the present work, what acquires a greater interest are the premises stated in the Law about the protection of the religious beliefs, as far as they are made evident to the public authorities under the circumstances aforesaid, and which can be put on record in administrative registers subject to data processing systems. We have already said that the data about ideological or religious beliefs are considered as of special protection. The statement of motives of the Organic Law 5/1992 justifies the strengthening of the safeguards of the data subject's consent, in the processing of data considered as "sensible", his privacy being expressly safeguarded in article 16.2 of the Constitution. The European Convention forbids in its articles 6 and 9 the automatic processing of these data, unless deemed necessary for the protection of public security or of the rights and freedom of other individuals and be safeguarded appropriately under internal laws30. The Organic Law 5/1992, reduces, in our opinion, the protection over these data, reversing the declarations of the European Council in the sense of admitting the existence of files containing data about the ideological or religious beliefs, if and when its purpose is not exclusively the storage of these data and with the data subject's express consent to the automatic 2 8 According to article 11,1, "the data of personal nature subject to the automatic processing, will be disclosed only for purposes connected with the lawful tasks of the cedent and the cessionary, and with the previous consent of the data subject". 2 9 The composition, tasks and economic regime both patrimonial and personal of the Agency for the Protection of Data are stated in the Royal Decree 428/1993, of March 26, by which the Statute of the Agency for Data Protection is approved. 30 Article 6 states: "The data of personal nature which disclose the racial origin, politic opinions, beliefs, as well as the data of personal nature regarding the health or sexual life of the individuals, should not be processed automatically, unless the internal law foresees the adequate safeguards. The same rule will govern in the case of data of personal nature referring to imprisonments". Article 9 establishes the mentioned exceptions.

5*

68

Agustin Motilla

processing of these data. Now then, even the last limitation, the consent of the data subject, bears an exception in what refers to the public registries. Article 20.3 of the Law empowers the State Security Forces to compile data about the religious or ideological beliefs of the individuals, when considered necessary in order to develop certain investigations31, and without the consent of the data subject. As a matter of fact, the existence of files opened by a special brigade of the National Police, for the pursuit and eventual incrimination of certain new movements qualified socially as "destructive sects", is well known. The existence of this type of public registries increases the importance of another activity regulated in the Law: the disclosure of data. In previous paragraphs, we pointed out how the exchange of information on personal data and more reasonably, if these are of a nature especially sensible to privacy, when reflecting the religious beliefs of the individual -, might define an exact ideological and existential profile, thus violating its privacy. Now then, the principles on which the Law supports the lawfulness of the disclosure of data are: the consent of the data subject and the correspondence with the purposes of the registries that deliver and receive the data. Nevertheless, when dealing with an exchange between files of public titularity, the personal consent will not be necessary, always and when the rule governing the use of the registry (arts. ll,2,e) and 19) allows this exchange of data. Furthermore, the rights of information and access to data of personal nature can also be limited in the public registries for reasons of public interest32. Adding up the pile of exceptions to the principles and rights established for the protection of personal data, in favour of the registries of public titularity, sometimes entrusted even to the Administration - disposition in that sense of a specific normative -, or considering the extent of the categories by which the Law deems the limitations as lawful public interest, national security, etc. -, we have to emphasize the great autonomy that, in principle and to the extent which the Law defines the application of these undetermined clauses, the Public Administration has in the automatic processing of personal data. As an example, let's point out the multiple tensions 31 "The withdrawal and processing of data by the Armed and Security Forces, referred to in sections 2 and 3 of Article 7 - ideologies, religion and beliefs, racial origin, health and sexual life might be exclusively undertaken in the assumptions deemed absolutely necessary to the end of a precise investigation". 3 2 To sum up, the right to information about the personal data, is limited in article 22,1 when "... it obstructs or hinders seriously the performance of the functions of control and verification of the Public Administration, or when it affects the National Defence, the Public Security, or the pursuit of the penal or administrative infractions"; the right of access will not proceed, as stated in article 22.2 when "... having to comply with reasons of public interest or third party's interests deserving protection".

Data Protection and the Churches in

a

69

that may cause an expansionist administrative praxis and the safeguard of the privacy, constitutionally recognized. In any case, the interpretation of the normatives herein exposed, should be presided by the principle of "favor libertatis", that compels to apply restrictively the limits of the rights we are dealing with. Another important source of data available to the State in the scope of the religious beliefs are the declarations and documentation provided by the religious groups, in order to fulfil the requirements established in the Law for its inscription in the Registry of Religious Entities. Data about the beliefs and other community aspects, which were requested, as we saw, further than the law admits, due to an extremely strict practice. And there is also the open possibility of providing other data, once the religious organization requests the recognition of the time of establishment, or comes to an agreement with the State. The nature of the Registry of Religious Entities is that of public registry 33 and therefore its contents are open to all individuals or institutions interested in knowing its entries. This is justified if we consider one of the principal effects of the inscription, the concession of legal personality to the petitioner entity; the security of commercial trading requires that identification data, individuals and representative members of the religious organization, be at general disposal. Its public nature excludes it from the reserve and caution about personal information prescribed by the Law for the Protection of Individuals with regard to Automatic Processing of Personal Data34. They are solely affected by article 19.3 which forbids the disclosure of its data to files of private titularity, unless the data subject consents to it, or it is expressly stated in the Law 35 . The specific regime of publicity of the Registry of Religious Entities is regulated in the Order of May 11, 1984 about Publicity of the Registry of Religious Entities, which provides the access to the Registry's data by means of a mere application. Only in the cases of cancelled entries, it will be necessary to 3 3 This is stated in article 5.1 of the Organic Law 7/1980, of July 5, on Religious Freedom and in article 1 of the Royal Decree 142/1981, of January 9, about Organization and Performance of the Registry of Religious Entities. 3 4 Article 2,2 a) declares non-applicable to the public registries: "The regime of protection of data of personal nature as established in this Law, will not be applicable to: a) The automatic files of public titularity whose purpose, lawfully established, is that of storing data for its publication with general character". 35 "... the disclosure of data collected from sources accessible to the public, will not be disclosed to files of private titularity, but with the consent of the data subject, or if the Law so foresees".

70

Agustin Motilla

demonstrate a qualified interest of the petitioner, whether individual or entity. Its content is revealed by means of a certificate issued by the person in charge. We believe that the protection of the legal reserve about the beliefs, number of members, or other data in the possession of the Registry, requested by the Administration and whose public knowledge might jeopardize the autonomy of the religious organizations, should be kept out of the contents of the certificates, and to that end, article 7 "in fine" of the Order, is applicable, stating that "... it is not possible to issue certificates on reserved information, attached to the dossier". The certificates have therefore to circumscribe to the strictly necessary data, in order to safeguard the public transfer. The reserve should also be extended to the data which are in the hands of the Administration, about patrimonial and economic position of the religious organizations, safeguarding the performance of the institutional autonomy. Nevertheless, those dispositions do not exist in the Spanish law.

V. Application of the Draft of the Directiveof the European Community with Regard to the Processing of Personal Data and of the Free Movement of such Data in the Spanish law The similarity between the structure and articles of the Law which regulates the Automatic Processing of Personal Data and the draft of the Directive of the European Community is evident. We must assume, then, that the Spanish legislator, knowing the directives of the community draft, has advanced in the development of this subject connected with the protection of the constitutional right to personal privacy, in order to establish in the internal law the adequate tutelar normative. Notwithstanding, there is an important difference between the Spanish law and the draft Directive consulted36 and that affects the registries and files in the hands of the religious organizations. The Law of 1992 excludes from its scope, the files kept, among other groups, by the religious organizations, except in what concerns the need of consent of the data subject for the automatic processing of data about beliefs and its transfer to third parties. And, for the reasons stated before, to the fulfilment of the principles of safeguard of the rights we are dealing with. The autonomy of the religious organizations to regulate the 3 6 The draft being used corresponds to the text proposed by the Commission on October 16, 1992, and published in the Official Diary of the European Communities, No. 311/30, of November 27.

Data Protection and the Churches in

a

71

inscription, as regards to the amendment or cancellation of data, is very ample, - always within the limitations aforementioned - without any obligations prescribed by the Law for other files of private titularity, such as declaration of its existence to the Agency of Data Protection, inspection and request of information about its contents and eventual sanction of this institution, or the entry of the file in a special registry. The processing given in the draft of the Community Directive reverses the planning about the regulation in Spanish law. Unlike in the initial text of the Commission37, the amended draft of the Directive subdues to the general normative the files of the non-profit making associations, among them, those of religious nature. The reason for amending the draft comes from the will to safeguard the right to privacy in every file, both public or private in which data are stored. Nevertheless certain exceptions regarding the religious organizations are contemplated with respect to their general regime, as for example, the possibility of processing data of ethic or religious nature, or other of private character regarding its members (art. 8,2,b), without the express consent of the data subject - or the exemption of the obligation to notify the competent authorities prior to the processing of personal data (art. 18). The nature of the actual draft of the Directive raises serious doubts. As a first step, the material competences should be questioned. If the regulation on religious matters or beliefs is not attributive to the Community, how can the various competences it assumes with respect to the religious organizations be justified? Additionally, and regarding the regulation fund, the submission of the registries or files to a supervisory authority with wide jurisdiction of access to the data during the course of his investigations, or the power to order the blocking or erasure of data, a ban on processing, the destruction of data material, etc. (art. 30), is an attempt against the internal autonomy of the religious organizations under the Spanish law, as expressed in art. 6,1 of the Organic Law 7/1980, of July 5, on Religious Freedom. Bringing into force the measures taken under this Directive, may lead to a "neo-jurisdiccionalismo" of State, causing such contradictory situations with the "libertas- Ecclesiae" as, for example, the observance of the regime of safeguards and control of data flow operating between the Spanish Catholic Church and the Holy See, considering 37

Cfr., Article 3,2 b) by which the Directive is declared as non-applicable to the files of the non-profit making associations, especially to those of politic, philosophical, religious, cultural, syndical, sportive or recreative nature, in their scope, regarding voluntary members and without being disclosed to third parties. The text of the Commission's initial proposal, might be consulted in ibidem.

72

Agustin Motilla

the Vatican State as a third country subject to the preventions stipulated in Chapter IV of the draft of the Directive. In this Directive, we may also emphasize the possibility of data processing revealing religious or ethic beliefs, without the consent of the data subject, on the grounds of public interest, by means of a legal or supervisory provision (art. 8,3). The extent and undetermined nature of the formula "public interest", should be interpreted in a restrictive sense, so as to safeguard, in all instances, the right to personal privacy. In any case, and to conclude, the adequacy to internal law of the draft of the Directive is substantially made in the Organic Law 5/1992, although important differences do exist, as in the case of the processing of files of the religious organizations. Its submission to the general rules of the Directive under the terms stipulated in the draft, might raise tensions in its transposition to the Spanish law, as it opens a way of interference in the scope of autonomy of the religious organizations constitutionally safeguarded.

La protection des données en France et les Églises Par Anne Carblanc, Paris Les textes du droit public français - dont la déclaration des droits de l'homme et du citoyen de 1789, les principes fondamentaux garantis par les lois de la République, la Constitution de la cinquième République et la convention européenne de sauvegarde des droits et libertés fondamentales - reconnaissent et protègent, en matière de croyance et de religion, plusieurs libertés fondamentales: - liberté de penser - liberté de conscience - liberté de culte - liberté d'association. Pour l'État français laïque, les Églises sont des communautés confessionnelles, majoritaires ou minoritaires, dont les missions ne relèvent pas, sur le fond, de son appréciation. Cette neutralité religieuse de l'État et l'égalité des citoyens ont pour effet que les pouvoirs publics, dans le cadre de la loi du 9 décembre 1905 qui a instauré la séparation des Églises et de l'État, garantissent, sous réserve qu'ils ne portent pas atteinte à l'ordre public, la liberté de conscience et le libre exercice du culte sans porter de jugement de valeur sur les croyances. *

En matière de protection des données, comme dans les autres domaines, les opinions ou convictions religieuses sont protégées. Il n'est pas besoin d'insister sur le danger de fichiers tels ceux constitués sur les juifs pendant l'occupation. Ainsi que le rappelait Joël-Benoît D'Onorio dans un article consacré aux sectes en droit public français, bien après que la mention de la religion ait été supprimée des opérations de recensement, elle a disparu des registres de l'état civil puis des fiches d'hôtel et enfin des fichiers informatiques. Plus précisé-

74

Anne Carblanc

ment, la loi du 6 janvier 1978 relative à l'informatique et aux libertés - seul texte de droit interne réglementant la protection des données personnelles pose, dans son article 31, le principe de l'interdiction - sauf accord exprès de la personne concernée - de la mise en mémoire ou la conservation sur support manuel ou informatique de données faisant apparaître directement ou indirectement les opinions religieuses. Dans le même esprit, la convention n° 108 du 28 janvier 1981 du Conseil de l'Europe pour la protection des personnes à l'égard du traitement automatisé des données à caractère personnel - entrée en vigueur en France le 1er octobre 1985 - prévoit, dans son article 6, que les données révélant les convictions religieuses ou autres convictions ne peuvent être traitées à moins que le droit interne ne prévoit des garanties appropriées. Ces garanties appropriées - c'est à dire l'exigence d'un accord exprès - valent, dans le droit français, aussi bien pour le traitement informatique que pour le traitement manuel des données à caractère religieux. La loi française prévoit toutefois que cette exigence n'est pas requise dès lors que les Églises ou groupements religieux tiennent simplement registre de leurs membres et correspondants, aucun contrôle ne pouvant être exercé, de ce chef, à leur encontre. La proposition modifiée de directive sur la protection des données, qui est en cours d'examen devant le Conseil Européen, reprend pour l'essentiel les dispositions de la loi française notamment dans son article 8 relatif aux catégories particulières de données. Aussi, l'exposé de 14 ans de doctrine de la CNIL est-il utile pour rendre compte du chemin parcouru en matière de protection des données appliquée aux Églises et groupements. *

A l'occasion des divers dossiers qui lui ont été soumis, la CNIL a peu à peu précisé les termes de l'article 31 de la loi du 6 janvier 1978 et sa portée au regard de l'exercice de ses missions de contrôle général et des droits reconnus aux personnes concernées. S'appuyant sur une jurisprudence constante du Conseil d'État, elle a rappelé que les termes "accord exprès" devaient s'entendre d'un accord écrit portant spécifiquement sur l'enregistrement de telle ou telle donnée relevant de l'article 31. Ainsi, les Églises et groupements sont dispensés par la loi de demander à leurs membres et correspondants un accord écrit pour conserver manuellement ou en mémoire informatique des données "sensibles" les concernant se rapportant directement à l'exercice des missions de leur organisme, mais demeurent tenus d'obtenir un accord pour recueillir d'autres

La protection des données en France et les Églises

75

données visées par l'article 31. A titre d'exemple, un parti politique ne peut collecter librement les opinions religieuses de ses membres. Elle a également, dans une recommandation (délibération n° 91 - 115 du 3 décembre 1991) concernant les fichiers de membres et correspondants des partis politiques, précisé le sens du terme "correspondant". Selon son interprétation, peut être considérée comme un correspondant toute personne ayant accompli une démarche positive et réitérée, touchant directement à l'action propre de l'organisme concerné (demande d'informations, versement de fonds, etc....). En cas de démarche positive non réitérée au terme d'un délai de deux à trois ans, la personne concernée ne doit plus être considérée comme un correspondant. En ce qui concerne l'étendue de son contrôle à l'égard des Églises ou groupements à caractère religieux, la Commission a, dans cette même délibération, rappelé (rapport d'activité pour 1980 - 1981) que l'article 31 dispensait les Églises ou groupements de déclarer à la Commission, avant leur mise en oeuvre, leurs fichiers informatisés de membres et correspondants. En revanche, tous leurs autres traitements informatiques sont soumis au respect des formalités préalables prévues par la loi. Elle a encore précisé en 1987, lors de l'instruction d'un dossier relatif à l'Église de Scientologie, que si la loi interdisait tout contrôle du respect de l'article 31 pour le recueil et la conservation des opinions religieuses, elle ne dispensait pas la Commission de vérifier que l'ensemble des dispositions de la loi était correctement observé. En l'espèce, un formulaire de confession dénommé "liste de confession de Joburg", établi en 1980, véritable questionnaire destiné à "faire changer" les personnes qui s'y soumettaient, comportait des questions visant les opinions politiques et la vie sexuelle sans que soit recueilli l'accord exprès des personnes concernées et ne respectait pas les dispositions de l'article 27 de la loi qui impose l'apposition sur tout questionnaire de collecte d'informations nominatives de mentions relatives au caractère obligatoire ou facultatif des réponses, aux destinataires des informations et à l'existence d'un droit d'accès et de rectification. Dans le même esprit, la Commission a, notamment à l'occasion de l'instruction de plaintes, précisé l'étendue des droits garantis par la loi aux personnes dont des données étaient traitées manuellement ou informatiquement

76

Anne Carblanc

par les Églises et groupements. Elle s'est particulièrement attachée à veiller au strict respect des droits d'accès, de rectification et de radiation. En pratique, elle a pu se prononcer sur l'application de ces dispositions à quelques Églises et groupements.

1. L'Église de Scientologie La Commission a été saisie à de nombreuses reprises par des particuliers de demandes de radiation des fichiers de cet organisme. Ces demandes, fondées sur les articles 26 (droit d'opposition) et 36 (droit d'effacement), étaient motivées soit par le souhait de ne plus recevoir de sollicitations (l'Église de Scientologie et les centres diabétiques ont une activité de vente par correspondance de leurs divers produits et services), soit par la volonté de ne plus appartenir à cette communauté. Dans toutes ces affaires, l'Église de Scientologie ne s'est pas opposée à l'action de la CNIL et a accepté, plus ou moins rapidement, de radier le nom des plaignants.

Il convient d'ajouter que la Commission a été saisie d'une plainte qui prouve que l'Église de Scientologie française transmet aux États Unis les informations dont elle dispose sur ses membres. Ce dossier est l'occasion pour la CNIL de rappeler très précisément que les Églises et groupements ne sont pas dispensés du respect des dispositions relatives notamment aux flux transfrontières de données. Les articles 24 de la loi et 12 de la convention n° 108 subordonnent en effet les échanges transfrontières à l'existence dans le pays destinataire de règles sur la protection des données équivalentes à celle de la France.

2. Le Grand Orient de France La Commission a été saisie - c'est une affaire qui remonte à 1992 - de la conformité aux dispositions de la loi du 6 janvier 1978 d'un questionnaire intitulé "notice autobiographique" que doivent remplir les postulants au Grand Orient de France qui est l'une des obédiences maçonniques. L'appréciation de ce questionnaire a soulevé des problèmes au regard de l'information des personnes lors de la collecte (article 27 précité), de la nature des informations collectées (données à caractère pénal visées par l'article 30 et autres données sensibles

La protection des données en France et les Églises

77

énumérées par l'article 31) et enfin de la durée de conservation (durée illimitée même en cas de refus d'admission, de radiation ou de démission du postulant ou membre). Interrogé par la CNIL, le Grand Orient de France a précisé que les informations étaient conservées avec l'accord exprès des intéressés et que la durée illimitée de conservation permettait d'exercer un contrôle en cas de renouvellement d'une demande d'admission ayant précédemment fait l'objet d'un refus. Au cours de l'examen du dossier en séance plénière, il est apparu que les questions essentielles tenaient d'une part, au traitement par un organisme non habilité de données à caractère pénal (extraits du casier judiciaire) et, d'autre part, à la compatibilité entre l'exercice du droit de radiation et l'accord exprès donné à la conservation illimitée des informations. Sur le premier point, il a été rappelé que le Grand Orient ne pouvait pas procéder au traitement d'informations relatives aux infractions ou condamnations pénales et que l'article 30 lui interdisait de porter sur des fiches papier la mention d'une ou plusieurs condamnations qui auraient pu être relevées sur le casier judiciaire. Pour autant, la Commission a considéré que le Grand Orient pouvait obtenir des candidats la production d'un extrait du casier judiciaire mais à la condition qu'aucune trace ou mention d'une infraction ne soit conservée sous quelque forme que ce soit. Sur le second point, la Commission s'est posé la question de savoir si une personne pouvait accepter de renoncer au droit de s'opposer, pour des raisons légitimes, à ce que des informations la concernant figurent dans un traitement. Après avoir considéré que ce droit procédait de l'idée de maîtrise des données directement ou indirectement nominatives et du droit à l'oubli qui sous-tend l'ensemble de la loi du 6 janvier 1978, elle a estimé que le consentement éclairé donné à la conservation permanente des données ne pouvait faire obstacle à l'exercice ultérieur du droit d'opposition. Pour autant, en l'état, ce dossier n'est pas clôturé. Les orientations retenues par la Commission ont été transmises au Grand Orient; de France, conformément au principe du contradictoire qui préside aux débats de la Commission1.

1

Depuis, le dossier a été clôturé, le Grand Orient de France ayant accepté de pendre en compte toutes les demands de la CNIL.

78

Anne Carblanc

3. L'Archevêché de Lyon La CNIL a été saisie de la plainte d'une personne qui souhaitait que son identité soit supprimée du registre de la Paroisse de la Rédemption de Lyon où elle avait été baptisée en 1941. Par cette requête, le demandeur voulait, pour différents motifs, manifester sa "non appartenance" à la communauté catholique. Ayant tout d'abord saisi la Paroisse, il avait obtenu l'inscription, en marge du registre des baptêmes, d'une mention indiquant sa volonté de ne plus être compté parmi les catholiques. Mécontent de ce résultat qui, selon lui aggravait sa situation, il avait demandé à la CNIL d'intervenir. La Commission, à l'issue de l'instruction de cette demande, avait considéré que les dispositions de la loi du 6 janvier 1978 applicables aux fichiers tant informatisés que manuels avaient été respectées: le requérant avait pu exercer ses droits d'accès et de rectification. Seule sa demande de radiation - ou d'effacement - fondée exclusivement sur l'article 36 n'avait pas été satisfaite et ne pouvait l'être au motif que le baptême constituait un fait dont la réalité historique n'était pas contestée. Ce fait revêtait par ailleurs, selon le droit canonique, un caractère "indélébile" interdisant de le considérer comme une information périmée. Insatisfait de cette réponse, le requérant avait alors porté plainte auprès du procureur de la République et la Commission, sollicitée par ce dernier de donner son avis, avait affiné son analyse juridique en précisant qu'à son sens, seul l'article 26 de la loi - aux termes duquel toute personne a le droit de s'opposer pour des raisons légitimes à ce que des informations nominatives la concernant fassent l'objet d'un traitement - aurait pu utilement être invoqué. Pour autant, précisait la Commission, l'interprétation des "motifs légitimes" relevait de Γ appréciation des tribunaux. Le plaignant n'ayant pas répondu aux convocations du procureur, l'affaire n'a pas été soumite à une juridiction. *

Au terme de cet exposé, forcément incomplet, on peut constater que la CNIL n'a pas, à ce jour, été saisie de dossiers lui permettant de rappeler que les Églises et groupements sont également tenus de respecter les dispositions de la loi relatives à la sécurité des traitements (article 29) et aux effets à l'égard des

La protection des données en France et les Églises

79

tiers du droit de rectification (les articles 37 et 38 mettent à la charge de tout organisme détenant des informations nominatives, l'obligation de corriger ou compléter d'office ces informations et de porter ces corrections à la connaissance des tiers qui auraient été destinataires des données d'origine). Mais le problème essentiel, qui n'a pu être tranché de manière vraiment satisfaisante, demeure l'application aux Églises et groupements, du droit d'opposition à figurer dans un traitement prévu par l'article 26 de la loi. A ce stade de l'expérience et de la réflexion, la discussion reste ouverte et les débats utiles. Certains regretteront peut-être que je n'ai pas évoqué le dossier des Mormons. Il m'eut fallu plus de temps qu'il ne m'en était imparti et il ne m'est pas apparu qu'il entrait vraiment dans le cadre du sujet à traiter. C'est en effet un dossier complexe qui pose notamment à mon sens, des questions de principe telles que celle de l'application des règles de protection des données aux personnes décédées et celle, peut-être propre à la France, de la délimitation entre les domaines respectifs de la loi relative aux archives et la loi du 6 janvier 1978 relative à l'informatique et aux libertés. Je rappelle brièvement que depuis une trentaine d'années, les Mormons ont réalisé un programme de microfilmage des registres d'État Civil et paroissiaux à l'échelle du monde entier. Cette action a été entreprise dans 40 pays européens dont la France par la Société Généalogique de Salt Lake City, agissant pour le compte de l'Église des Mormons. Ce sont aujourd'hui les États Civils de 14 milliards de morts qui sont entreposés, sur support informatique dans une grotte creusée à plus de 200 mètres au coeur des Montagnes Rocheuses. La finalité première de cette opération était religieuse, mais une finalité seconde s'y est ajoutée d'ordre médical. Ces activités ont suscité un vif débat en France. La CNIL a, dès 1982, examiné la compatibilité des activités de la Société Généalogique de l'Utah avec les dispositions de la loi française protectrices des données nominatives et obtenu en 1987 de nettes améliorations de l'accord conclu en 1960 entre les Archives de France et la Société Généalogique de l'Église de Jésus-Christ des Saints du dernier jour. Ainsi, par suite de son intervention, l'accord a été rendu public, les finalités du microfilmage ont été précisées ainsi que les destinataires des informations, les programmes informatiques ont été communiqués.

L a protection des données et les Églises en France

Par Jean Duffar, Paris I. Relations Église-État Les relations entre les Églises et l'État sont fondées sur la loi du 09.12.1905 concernant la séparation des Églises et de l'État dont l'article 1 dispose: "La République assure la liberté de conscience. Elle garantit le libre exercice des cultes sous les seules restrictions édictées ci-après dans l'ordre public". L'article 2 poursuit: "La République ne reconnaît, ne salarie ni ne subventions aucun culte". II. Droit à Tauto-gouvernement des communautés religieuses 1. Le desservant du lieu du culte (curé, pasteur, rabbin), c'est à dire le ministre du culte est chargé en principe du maintien de l'ordre à l'intérieur des édifices du culte: il fixe les heures d'ouverture et de fermeture, dispose du mobilier, fixe l'ordonnancement des cérémonies. L'autorité civile reconnaît le ministre du culte qui est désigné par l'autorité religieuse compétente Les tribunaux ordonneront éventuellement l'expulsion d'un ministre du culte qui s'emparerait d'un édifice ou qui s'y maintiendrait contre le gré des autorités religieuses compétentes. 2. La loi du 01.07.1901 relative au contrat d'association contient un titre III qui porte exclusivement sur les congrégations. Celles-ci sont libres et peuvent exister sans formalisme mais elles n'ont pas la personnalité juridique; la personnalité juridique est en revanche attribuée aux congrégations reconnues par un décret sur avis conforme du Conseil d'État. Les congrégations sont soumises en principe à certains contrôles du préfet: état des recettes et des dépenses, comptes financiers de l'année écoulée, et à l'inventaire des biens meubles et immeubles, liste des membres etc. 6 Robbers

82

Jean Duffar

3. A part ces interventions exceptionnelles du pouvoir étatique, les tribunaux respectent le principe de liberté d'organisation des cultes qui englobe les relations entre les autorités ecclésiales d'une part, le ministre du culte et les fidèles, d'autre part. Ces relations échappent par nature à l'appréciation des tribunaux. I I I . Signification constitutionnelle de "Communauté Religieuse" 4. Les textes constitutionnels ne contiennent pas de référence aux communautés religieuses. Voici les seules dispositions à valeur constitutionnelle qui consacrent la liberté de conscience et d'opinion. (a) L'article 10 de la Déclaration des Droits de l'Homme et du Citoyen du 26 août 1789 dispose: "Nul ne droit être inquiété pour ses opinions, même religieuses, pourvu que leur manifestation ne trouble pas l'ordre public établi par la loi". (b) L'alinéa 5 du Préambule de la Constitution du 4 octobre 1946 dispose: "Nul ne peut être lésé, dans son travail ou son emploi en raison de ses origines, de ses opinions ou de ses croyances". (c) L'article 2 de la Constitution du 4 octobre 1958 dispose que la France est une République laïque .... Elle assure l'égalité devant la loi de tous les citoyens sans distinction d'origine, de race ou de religion. Elle respecte toutes les croyances. Le Conseil Constitutionnel a déjà fait application de ces dispositions à valeur constitutionnelle.

IV. Financement des cultes 5. L'article 2 de la loi du 09.12.1905 dispose: "La République ne reconnaît, ne salarie, ni ne subventionne aucun culte". La loi a supprimé tous les budgets de l'État des Départements et des Communes, toutes les dépenses relatives à l'exercice des cultes. La loi a prévu la possibilité de rétribution des services d'aumônerie destinés à assurer le libre exercice des cultes dans les établissements publics tels que lycées, collèges, écoles, hospices, asiles et prisons. 6. Plus généralement, sont rémunérés les services qui sont rendus aux personnes publiques par des ministres du culte: services radiodiffusion, services religieux organisés pour des cérémonies publiques.

La protection des données et les Églises en France

83

7. Certains versements faits au profit d'oeuvres ou d'organismes d'intérêt général ayant un caractère philanthropique, éducatif ... humanitaire ... culturel sont pour une proportion de leur montant déductibles des bénéfices des entreprises (code général des impôts (CGI art. 238 bis 1) et du revenu des personnes physiques CGI art. 200)). V. Loi sur la protection des données Il existe une loi n° 78-17 du 6 janvier 1978 relative à l'informatique aux fichiers et aux libertés qui compte 48 articles.

VI. Soumission des Communautés Religieuses à la loi et informatique et liberté 8. Dans un régime de séparation des Églises et de l'État et d'égalité devant la loi les communautés religieuses sont en principe soumises à la loi. 9. Cependant, l'article 31 § 2 de la loi dite "Informatique et Liberté introduit une exception au principe de l'interdiction de traitement de données faisant apparaître les opinions religieuses. Cette exception intéresse notamment les Églises: "Toutefois, les Églises ou les groupements à caractère religieux philosophique, politique ou syndical peuvent tenir registre de leurs membres ou de leurs correspondants sous forme automatisée. Aucun contrôle ne peut être exercé de ce chef à leur encontre". Cette disposition signifie d'abord que les Églises peuvent mettre ou conserver en mémoire informatisée les opinions religieuses de leurs membres ou de leurs correspondants sans intervention de l'autorité publique. C'est une application particulière du principe de non immixtion dans les affaires internes des Églises. Ensuite, elles n'ont pas davantage besoin de recueillir l'accord exprès des membres de l'Église pour opérer un traitement automatisé à condition que l'enregistrement porte sur la seule opinion religieuse des membres. Une Église ne pourrait enregistrer les opinions politiques de ses fidèles de même qu'un parti politique ne pourrait enregistrer les opinions religieuses de ses membres, sauf avec l'accord exprès des fidèles et des membres. 10. (a) Si la mise en mémoire poursuit un caractère commercial - ce serait le cas d'une prospection pour faire une souscription de fonds - un tel traitement serait soumis à déclaration à la Commission Nationale Informatique et Liberté 6'

84

Jean Duffar

(C.N.I.L.). En revanche le fichier des personnes payant le denier du culte n'a pas à être déclaré. (b) Si un fichier est transmis d'une paroisse à une autre paroisse, l'accord des intéressés est nécessaire. 11. L'absence de tout contrôle des Églises élimine les "points de rencontre" entre Église et État. Au surplus, lorsque une situation paraît ambiguë (cf. supra), le contrôle éventuel n'est pas exercé par l'État mais par la C.N.I.L. qui est une autorité administrative indépendante. V I I . Loi de protection des données Il n'existe pas de loi de protection des données particulières aux communautés religieuses. V I I I . Article 8 du projet de directive L'article 8 du projet de Directive explicite l'article 6 de la Convention pour la Protection des personnes à l'égard du traitement automatisé des données à caractère personnel du 28 janvier 1981. L'article 8 de la Directive paraît s'inspirer des mêmes principes que l'article 31 de la loi française "informatique et liberté" η 78-17 du 6 janvier 1978 (cf. sufra). Il faut veiller à ce que l'autorité de contrôle soit réellement indépendante.

Data Protection and the Churches in Ireland By Anthony Kerr, Dublin* 1. The Basic Characteristics of the State-Church Relationship in Ireland Ireland is a predominantly Catholic country but is formlly non-sectarian in character. According to the 1991 Census, however, 91.6 % of the population are Roman Catholic1. The special position of the Catholic church was recognised by Article 44.1.2° of the 1937 Constitution but this clause was removed following a referendum in 19722. It was felt to be offensive to non-Catholics and its removal was designed to allay the fears of the Protestant population of Northern Ireland about the nature of Irish society3. Article 44 goes on to provide that the State guarantees neither to endow any religion nor to impose any disabilities or make any discrimination on the ground of religious profession, belief or status4. It has been convincingly argued that these provisions ensure State neutrality towards any particular religion5. All the Churches are unestablished6. The Roman Catholic Church, however, has had a profound influence on certain issues of public policy - education, censorship, contraception, homosexu* I would like to thank both my colleague Professor Robert Clark and Austin Vaughan of the Office of the Data Protection Commissioner for insights into, and information as to the operation of, the 1988 Act. 1 These figures do not include Northern Ireland. 2 Fifth Amendment of the Constitution Act 1972. The Supreme Court had already expressed the view that the subsections that were to be deleted had no juridical significance: Quinn's Supermarket Ltd. ν Attorney General (1972) I.R. 1, 23 - 24. 3 See Hogan "Law and Religion: Church-State Relations in Ireland from Independence to the Present Day" (1987) 35 Am. J. Comp. Law 47, 67. See also I logon "Legal Aspects of Church/Stale Relations in Ireland" (1988) 7 St. Louis University Public Law Rev. 275. 4 See generally Casey , Constitutional Law in Ireland (2nd ed., 1992) chap. 19. 5 See Casey , op. cit., at p. 554. 6 Prior to the Irish Church Act 1869, the United Church of England and Ireland was established by law. On and after January 1, 1871, the Irish portion was disestablished and it ceased to be a corporation with the Sovereign recognised as its head.

Anthony Kerr

86

ality and abortion, for example7. A series of legislative measures in the 1920s and 1930s incorporated much of the Catholic moral code into Irish law. The Church's influence appears to be declining somewhat in recent years - witness the passage of family planning legislation against the advice of the Bishops but it would be wrong to suppose that this influence is no longer significant. The Church's opposition to the introduction of divorce undoubtedly played a large part in the defeat in 1986 of the constitutional amendment to introduce divorce8.

2. Basic Range of the Right of Self-Government of Religious Communities The legal status of the various Churches and the religious orders is that of a voluntary and unincorporated association united on the basis of agreement9. Consequently religious bodies are not regarded as a matter of law as separate and independent legal entities. Their property is held by trustees or in the individual name of the Bishop, parish priest, etc. There is no specific statutory regulation of the internal affairs of religious bodies and it is unclear whether the Irish courts would be prepared to interfere with the internal activities of such bodies by examining the extent to which the terms of the contract between the members of a church or a religious order are unreasonable10.

3. Constitutional Meaning of Religious Communities The Irish courts have yet to consider what meaning should be ascribed to the word "religion" in Article 44 of the Constitution. Professor Casey has commented11 that, if the word has the meaning it bore in 1937 "it would presumably cover only traditional theistic religion" but as he goes on to point out "in modern Irish society there are small groups which do not cleave to this pattern". Professor Casey concludes that the Irish courts would probably follow 7

See generally Whyte, Church and State in Modern Ireland (2nd ed., 1980). See Hogan, loc. cit. at p. 88. 9 Per Barry J. in O'Keeffe ν Cullen (1873) I.R. 7 C.L. 319, 339. See also Sullivan P. in State (Colquhoun) ν D'Arcy (1936) I.R. 641, 650. 10 See, for instance, O'Dea ν O'Briain (1992) I.L.R.M. 364. 11 Op. cit. at p. 558. 8

Data Protection and the Churches in I l

87

the approach adopted by the United States Supreme Court in Wisconsin ν Yoder 12 which draws a distinction between a religious faith and a personal philosophical choice.

4. Financial System In Ireland there is no church tax and the State does not directly contribute to the financing of churches and religious bodies. Their finance derives directly from parishioner donations or bequests and revenue from church owned property.

5. State Regulation of the Law of Personal Data Protection The relevant legislation is the Data Protection Act 198813 which, in addition to imposing certain obligations on persons who keep automated personal data, entitles individuals to establish the existence of automated personal data, to have access to such data and to have inaccurate data rectified or erased. The Act also enables the Council of Europe's Data Protection Convention to be ratified, thus ensuring the free flow of personal data between Ireland and other countries having similar laws. Before examining the provisions of the 1988 Act, a few definitions are necessary. "Data" is defined in section 1 of the Act as "information in a form in which it can be processed". Consequently information inputted onto the main memory of a computer or stored on a diskette is "data" because it is capable of being processed automatically, whereas a typed document or an audio cassette tape is not. "Personal data" is defined as "data relating to a living individual who can be identified either from the data or from the data in conjunction with other information in the possession of the data controller". A "data controller" means a person who, either alone or with others, "controls the contents and use of personal data" and a "data processor" means a person "who processes personal data on behalf of a data controller but does not include an employee of a data controller who processes such data in the course of his employment". By defining 12

(1972) 406 U.S. 205.

13

On which see Clark , Data Protection Law in Ireland (1990).

88

Anthony Kerr

data as information which exists in a form in which it can be processed, the Act's ambit depends on what is meant by "processing" which is defined as meaning "performing automatically logical or arithmetical operations on data and includes a) extracting any information constituting the data, and b) in relation to a data processor, the use by a data controller of data equipment in the possession of the data processor and any other services provided by him for a data controller, but does not include any operation performed solely for the purpose of preparing the text of documents." Section 2 of the Act imposes certain obligations, based on the provisions of the Convention, on all data controllers. The data, or information constituting the data, must have been fairly obtained. It should be accurate and kept up to date. It should be kept only for one or more specified and lawful purposes, should not be used or disclosed in any manner incompatible with that purpose, should be adequate, relevant and not excessive in relation to that purpose and should not be kept for longer than is necessary. Furthermore appropriate security measures should be taken against unauthorised access to, or alteration, disclosure or destruction of, the data and against their accidental loss or destruction. Section 4 confers a right of access by individuals as regards personal data relating to themselves. If so requested, data controllers must supply individuals with a copy of the information constituting such data kept by them. The section, however, has a series of procedural devices which are intended to dissuade data subjects from making frivolous or bogus access requests. Section 6 confers a right of rectification and erasure and section 7 imposes a duty of care on data controllers and data processors as regards the collection of personal data, or information intended for inclusion in such data, and their dealing with such data. Section 9 makes provision for the appointment of a Data Protection Commissioner whose principal areas of responsibility are the enforcement of the data protection principles, the regulation of trans-border data flows, the encouragement and approval of codes of practice and the establishment and maintenance of a register of data processors and certain data controllers.

Data Protection and the Churches in I l

89

Section 16 sets out three main groups of data controllers who must register, namely: (a) the public sector, (b) financial institutions, insurance companies, direct marketing, credit reference and debt collecting agencies and (c) data controllers who keep sensitive personal data, that is, relating to racial origin, political opinions, religious or other beliefs, physical or mental health, sexual life and criminal convictions. It should be noted that section 17 (3) provides that the Commissioner shall not accept an application for registration from a data controller who keeps any such sensitive personal data unless he is of the opinion that appropriate safeguards for the protection of the privacy of the data subjects concerned are being, and will continue to be, provided.

6. Religious Communities Religious communities are in no way excluded from the provisions of the legislation. According to the Fourth Annual Report of the Data Protection Commissioner14, eighteen registrations 15 constitute the "Religious" category. These break down as fourteen priests, canons and parishes; the Little Sisters of the Poor (an order of nuns which runs residential homes for the elderly); the Bishop of Meath; the Assembly of the Baha'is; and the Knights of St. Columbanus. In addition, included in the "Health" category of registered data controllers are the Franciscan Sisters of Divine Motherhood, an order of nuns which run homes for the mentally handicapped. In their case and that of the Little Sisters of the Poor, the residents' medical records would be the sensitive personal data which requires the Order to register. Typically the purpose of the data is stated to be the maintenance of parish records and the parish register and parish fund raising. The description of the data invariably includes names and addresses of parishioners; their marital status; their religion; their involvement in church activities; the dates of baptism, confirmation, first communion and marriage; their contributions to parish funds; and the method of such contribution. Occasionally the description might include reference to a person's health, such as lists of parishioners who are ill or housebound who require visits from priests.

14 15

1992 (PI. 9810). Out of a total of 1.440 registrations.

90

Anthony Kerr

7. Personal Data Protection Law of the Religious Communities There is no such law in Ireland.

8. Specific Provisions within State Data Protection Law There are no specific provisions for data relevant to religion in the legislation, save for the requirement in section 16 that data controllers who keep personal data relating to religious or other beliefs must register under the Act. If a person keeps on computer any specific reference to the religious beliefs of even one living person, then registration will be required. So, for instance, a list including records of baptism/communion/confirmation would require registration as would a list containing references to the religious persuasions or denominations of individuals. A list of individuals, however, with their public titles indicative of religious belief (e.g. PP, SJ, Canon, Rabbi etc.) would not necessarily require registration. This would depend on the context and purpose for which the information was being held. Similarly a listing highlighting some individuals as members of special groups in, say, a parish might require registration if the item indicates the individual's religious beliefs.

Conclusion It would appear that the greater religious communities in Ireland would have no difficulty in accepting a state ruled personal data protection law based on the draft of the EC directive. It has to be said, however, that the topic is not one to which a great deal of consideration has been given by those communities.

Data Protection Law and the Churches in Italy By Silvio Ferrari, Milan 1. The Italian legal system concerning data protection is very poor because Italy has no law on data protection; for this very reason, the Strasbourg Convention of January 28, 1981 has not yet come into force in my country1. There is only a law concerning the data bank of the Ministry of the Interior (i.e. the police data bank) which contains two relevant provisions. According to article 8 of this law, any natural or legal person (including the Churches) detaining a data bank is obliged to notify it to the Ministry of the Interior: up to now, this is the only general prescription applying in the field of personal data protection. According to article 7 of the same law, the collection of data concerning citizens' racial origin, religious faith and political opinions is forbidden (but this prescription applies only to the data bank of the Ministry of the Interior) 2. Last March a commission of the Italian Chamber of Deputies started debating a draft on personal data protection3. The draft has the same range of application of the Directive, regarding both profit and non-profit associations, and, like the Directive, contains an article which requests the data subject's written consent for the processing of data which could reveal racial or ethnic origins, religious or philosophical beliefs, political opinions or membership in political, trade union, religious and philosophical associations4: but, unlike the Directive, 1 The Italian Parliament has already ratified the Convention: see "Ratifica ed esecuzione della convenzione η. 108 sulla protezione delle persone rispetto al trattamento automatizzato di dati dix carattere personale, adottata a Strasburgo i l 28 gennaio 1981", 21 febbraio 1989, n. 98 (Gazzetta Ufficiale della Repubblica Italiana, n. 66, March 20, 1989). But, according to its art. 4, the Convention cannot come into force in a State until domestic provisions intended to protect personal data are approved by that State (see R. Lattanti, La tutela dei dati personali dopo la ratifica della Convenzione europea sulle banche dati, in II diritto dell'informazione e dell'informatica, 1990, pp. 220 40). 2 "Nuovo ordinamento dell'Amministrazione della pubblica sicurezza", 1 aprile 1981, il. 121 (Gazzetta Ufficiale della Repubblica Italiana, n. 100, Aprii 10, 1981). 3 Camera dei Deputati. X I Legislatura. Bollettino della Giunta e delle Commissioni Parlamentari, 9 marzo 1993. Il Commissione permanente (Giustizia), pp. 24 - 43. 4 Art. 5: "Personal data apt to reveal racial and ethnic origin, religious or philosophical convictions, political opinions, membership in political parties, trade unions, associations or organizations

92

Silvio Ferrari

the drait does not contain any provision which allows non-profit associations of political, philosophical, religious or trade union character to process data concerning the members of the associations without their written consent. From this point of view, the Italian drait puts a much heavier burden on non-profit associations than the European Directive and might seriously hamper their activity. Scattered in different laws, there are prescriptions which - even if they do not deal directly with the processing of personal data - are worthwhile remembering because they protect individuals against inquires concerning -inter aliatheir religious belief: so, for example, employers are not allowed to investigate political, trade union or religious opinions of their workers5. Moreover, even if it is not explicitly forbidden (in Italy we have no provision like art. 136 of the Weimar Constitution or art. 16 of the Spanish Constitution), data concerning religious beliefs and Church membership are omitted in census forms and in identification documents, such as certificates of domicile, etc. Generally speaking, the right not to reveal both religious beliefs and Church membership is considered to be a part of the right of religious liberty which is guaranteed by the Italian Constitution not only to citizens but to everybody6. Concluding these first remarks, it has to be said that the awareness of problems concerning the protection of individuals in relation to the protection of personal data is not very high in Italy7. That is particularly true in Church circles: not only Church laws ignore the problem of personal data protection but very few people inside the Churches seem to be aware of what is going on at European and Italian level. 2. The neglecting of the data protection problem in Church places is particularly surprising if the recent changements in the field of Church-State relations are taken into account.

for religious, philosophical, political or trade union character or activities performed because of the membership in these associations, and personal data concerning health and sexual life can be processed only with the data subject's written consent". 5 "Norme sulla tutela della libertà e dignità dei lavoratxori, della libertà sindacale e dell'attività sindacale nei luoghi di lavoro e norme sul collocamento", 20 maggio 1970, n. 300, art. 8 (Gazzetta Ufficiale della Repubblica Italiana, n. 131, 27 maggio 1970). 6

See F. Finocchiaro , Diritto ecclesiastico, Bologna, Zanichelli, 1990, p. 118 ff. See on this point G. Ciacci , Problemi e iniziative in tema dix tutela dei dati personali, con particolare riguardo ai dati sanitari, in Politica del diritto, 1991, n. 4, p. 681 ff. 7

Data Protection Law and the Churches in Italy

93

During the last ten years the Italian State has stipulated a concordat with the Catholic Church and 6 agreements with minor religious denominations8. On the basis of these agreements, the Churches have a large degree of autonomy, i.e. they can discipline their own internal affairs through Church made laws (provided they do not oppose fundamental rules of the Italian legal system): but autonomy is recognized only to the Churches, not to educational, charitable, medical institutions run by them. According to the Italian law, a hospital owned and run by a religious order is a hospital and not a religious institution, so that it is submitted - with few exceptions - to State provisions governing medical institutions. From this point of view provisions exempting data processing carried out by Churches could not apply to such establishments even it they are owned and run by Churches. But what is more important is the fact that Church-State relations in Italy are rapidly evolving toward a system where the State is ready to support Churches provided this support is openly requested by Church members: for example, the State is ready to give money or facilities for the teaching of religion in State schools if students ask for such a teaching when registering at the beginning of the school year; the State is ready to transfer a percentage of income tax to Churches in proportion to the requests put forth by their members. We have entered a system where - if you wish State support for your Church - you have to ask for it and, at least in some cases, that might amount to a disclosure of your religious belief or Church membership. Possibilities of conflict are increasing between the need to reveal religious belief in order to get State support and the right not to reveal religious belief in order to avoid any chance of discrimination: that calls, first, for a careful distinction among data concerning religious belief, Church membership and Church support which - being different things - should get a different degree of protection; secondly, for a redefinition of the right of privacy as a right not only to deny personal data but also to control data which are voluntarily given, so that no improper use is made of them9. 8 The concordat with the Catholic Church has been concluded on February 18, 1984; afterwards agreements with Valdensians (1984), Pentecostals (1986), Adventists (1986), Jews (1987), Baptists (1993) and Lutherans (1993) have been concluded. For the text of the concordat and the agreements see Quaderni di diritto e politica ecclesiastica, 1984 ff. 9 See G. Alpa and M. Bessone (eds.), Banche dati telematica e diritti della persona, Padova, Cedam, 1984; V. Zeno Zencovich (ed.), Le banche dati in Italia. Realtà normativa e progetti di regolamentazione, Napoli, Jovene, 1985; S. Rodotà , Privacy e costruzione della sfera privata. Ipotesi e prospettive, in Politica del diritto, 1991, n. 4, pp. 521 - 46; A. Anzon, Banca dei dati, in Enciclopedia giuridica, v. IV, Roma, Istituto della Enciclopedia Italiana, s.d., pp. 1 - 5.

94

Silvio Ferrari

3. A good example of these problems is the Italian system of financing of religious denominations10. In Italy the 0,8 % of income tax is determined by law to be allocated either to religious purposes or to other social interest purposes. The tax-payer can designate on his tax return whether that percentage has to be attributed to a Church of his choice for religious purposes or to the State for social interest purposes. The name of the Churches admitted to take part in the financing system (i.e. five of the Churches which have concluded an agreement with the State: Jews and Baptists refrained from making use of the system) is printed on the tax return form that each tax-payer has to fill and the choice is made by signing under the name of the chosen Church. The whole system is run by the State which collects tax return forms and money from tax-payers; once determined how much of the 0,8 % of income tax has to be allocated for religious purposes and which percentage of it has to be given to each Church, the State transfers the corresponding money to Churches. Churches do not get the names of tax-payers who have allocated to them a percentage of 0,8 % of income tax but just their number. It is evident that, in such a system, tax-payers who wish to help finance a Church have to declare their choice, but that does not mean this financing system is infringing upon the privacy right of citizens and it will be affected by the approval of the Directive. First of all, tax-payers are not obliged to sign either for the State or for Churches: they can refuse to sign at all. Their decision is voluntary and is expression of a free choice which the State should respect: there is no point in giving protection to people who do not want to be protected11. Moreover the signature put under the name of the chosen Church in the return form could be considered like an expression of the written consent requested by article 8 of the Directive as everybody is aware that tax return forms are processed. Secondly, the tax-payer's choice to allocate money to a Church does not reveal necessarily the tax-payer's religious belief and so does not fall under the prohibition of article 8 of the Directive. It may happen (and in fact it happens) 10 About the Italian system of State financial support for Churches see P. Moneta , Le financement public des églises en Italie, in European Consortium for Church-State Research, Church and State in Europe, State Financial Support. Religion and the School. Proceedings of the meeting of Milan-Parma, October 2 0 - 2 1 , 1989, Milano, Giuffrè, 1992, pp. 41 - 56. 11

See F. Finocchiaro , Diritto ecclesiastico, Bologna, Zanichelli, 1990, p. 146.

Data Protection Law and the Churches in Italy

95

that some believers allocate their percentage of income tax to the State and not to their Church, because they disagree with the idea of State financing of their Church or, on the contrary, it happens that people who have no religious belief decide in favour of a Church because they trust that particular Church activity in favour of the poor or third world people, etc. (and they do not trust State activity in the same field). It would be advisable to distinguish between a religious believer and a supporter of a Church: not always the two things go together. Third, the data contained in tax return forms are secret and cannot be disclosed to third parties, which is in line with the last part of article 8, letter b) of the Directive. 4. Processing systems at diocesan level are a second field where the protection of personal data is a significative topic for Churches. In Italy about 90 dioceses of the Catholic Church possess a processing system. They work according to a standard which supplies four different application softwares for chancery, administration, teaching of religion, legal and natural persons. Under the last heading we find the files concerning Church personnel: a file for priests, another for members of religious orders residing inside the Diocese borders, a third for teachers of religion, etc. The same happens at a parochial level: many parishes have files concerning members of parochial boards and associations and some have already stored on disks data once kept in parish books (baptisms, confirmations, marriages, etc.). Religious orders too have files of their members and the same applies to catholic associations. Here some careful distinctions are appropriate. First of all many of the data processed by Dioceses concern Church membership and not religious beliefs: so somebody could say they are outside the scope of the Directive. It is possible to object that membership of a Church is, at least in some cases, a strong and reliable indication of a religious belief: for example, we could presume that a person listed as a Catholic priest in the Diocesan file holds a Catholic religious belief. If the assumption is correct, then that file could not be disclosed to a third party without the data subject's consent (art. 8, number 2, letter b) of the Directive) 12. 12 The processing of these data is exempted from data subject's written consent according to art. 8 number 2, letter b) of the Directive. But, as a similar provision is lacking in the draft law now under discussion in Italy and as the draft forbids also the processing of data concerning Church membership, written consent might become compulsory on the ground of the Italian law. That would be,

96

Silvio Ferrari

That would mean, for example, that Church authorities would be compelled to ask for permission before listing a priest's name in the Diocesan directory: which might be too far-reaching as people have the right to know the name of individuals holding responsible positions in the Church or in Church associations. In such a case, the data subject's consent should always be presumed and the priest who does not like to have his name listed in the diocesan directory should take the initiative and inform Church authorities of his decision. On the contrary, a layman member of a religious association, who does not hold any particular position in it, should have the right to be informed and requested of his consent before his name is inserted in a directory, year-book or any kind of list open to the public The same problems return once more in the field of religious teaching. In Italy teachers of Catholic religion in State schools have to be approved by the bishop, who releases a "nulla osta" without which they cannot teach. Every year the number of teachers needed in a school is reported by the school headmaster to the religious teaching office of the Diocese, where a file is kept of teachers who qualified for religious teaching. The diocesan teaching office gives the school headmaster a list of teachers who have got the "nulla osta" and among them teachers of Catholic religion are chosen and appointed by the school headmaster. It is easy to see these files reveal religious beliefs of individuals as teachers of Catholic religion are of Catholic faith and "nulla osta" are retired if their style of life is not in line with Catholic doctrine (as prescribed in canons 804 and 805 of the Code of Canon law); and these files are, at least in part, disclosed by religious authorities to a third party, i.e. school authorities. In this case article 8, number 2, letter a) of the Directive requires the data subject's consent for the disclosure. The approval of the Directive would not really hamper the functioning of the religious teaching system it has been described: one more signature by the teacher, authorizing the diocesan office to disclose the data to school authorities, will be enough. But what strikes as slightly absurd is the fact that we are once more protecting a person who does not want to be protected: the teacher's will is that his personal data are disclosed to school authorities so that he can get a job. In this case, disclosure of data is exactly what the teacher asks for: in my opinion, a useless burden imposed on Churches (as well as political and trade union associations) which should be free to process data concerning their members (at least) for inner use.

Data Protection Law and the Churches in Italy

97

and so it is a little inconsistent that he is obliged to give a special permission to diocesan offices so that they can do what the teacher is asking for just from the beginning. Again the data subject's consent should be presumed and the disclosure of his data to the school authorities (not to other third parties) should be permitted unless the data subject makes clear his opposition. In conclusion, as shown by these examples, the notion of "sensitive data" (such as data concerning religious convictions) cannot be too rigorous and should give large room to interpretation as the real "sensitiveness" is essentially a matter either of the context of which the data are a part or of the use which is made of the data or of both things together. The disclosure of religious data concerning members of a large denomination might be absolutely harmless while the same disclosure might raise problems if concerning a religious minority. For this reason, while it seems advisable to maintain the right of the data subject to prevent the disclosure of his personal data, a larger recourse to the presumption of consent could help in adapting the directive to the number of different situations it is called to regulate.

7 Robbers

Rapport luxembourgeois sur la protection des données informatiques et les Eglises dans les Etats membres de la Communauté européenne Par Alexis Pauly, Maastricht Préliminaires A. Nous suivrons le questionnaire établi. Le Luxembourg est petit, les problèmes sont moins nombreux qu'en Allemagne, même si parfois la solution des questions est délicate, il n'est surtout pas aisé d'accéder à la documentation et les litiges sont souvent des cas très personnels. Une certaine discrétion s'impose. B. Le droit communautaire n'a eu guère de liens avec le droit civil ecclésiastique jusqu'ici. Citons la prudence du juge communautaire lorsqu'il est confronté à de pareils cas. Ainsi, la Cour de Luxembourg a été confrontée dans l'arrêt Van Duyn à la licéité de la clause d'ordre public opposée à un membre de l'église de Scientologie voulant exercer son droit à la libre circulation. Madame Prais, de son côté, a revendiqué le droit de ne pas passer un concours un jour de festivité juive. Le Père van Rosmalen, missionnaire, a invoqué le droit communautaire pour faire établir sa qualité de travailleur et revendiquer une prestation de vieillesse. Pour Monsieur Steymann, membre d'une "secte" religieuse (mouvement religieux), il fallut clarifier son statut dans un État membre en matière de droits sociaux. Indirectement, les nombreux arrêts sur le "Sunday trading" ont également une place ici. De même, l'affaire Grogan sur la publicité de l'avortement est significative. Les juges de la Cour de Justice sont confrontés aux questions religieuses, mais refusent de les traiter dans cette optique. Pour eux il s'agit de travailleurs, de prestataires de services ou de marchandises, certes ils sont soucieux d'observer la garantie des principes généraux du droit et des droits fondamentaux communs aux États membres, ainsi que des droits de l'homme chaque fois qu'il s'agit d'une affaire qui touche aussi le droit communautaire. 7*

100

Alexis Pauly

Par ailleurs, des règlements agricoles, des directives en matière fiscale ont dû prendre en considération des particularités religieuses (alimentation rituelle, vin de messe, façon d'abattage des voeux, exemption fiscale). C'est dans cette optique que nous approchons l'étude de la proposition modifiée de la directive du Conseil relative à la protection des personnes physiques à l'égard du traitement des données à caractère personnel et à la libre circulation de ces données [Com (92/422 final - SYN287)].

1. Les sources juridiques des rapports Églises-État A. Pour l'Église catholique romaine, le concordat de 1801 entre Bonaparte et le Pape Pie VII n'a jamais été formellement aboli au Luxembourg qui constituait à l'époque le département français des forêts. Même si les milieux catholiques contestent sa validité depuis le 19ème siècle, il faut considérer, à notre avis, qu'il reste le cadre des relations entre l'Église catholique et l'État. Peu importe de savoir quels textes du concordat ou des lois organiques sont encore en vigueur, il situe les deux parties et fixe certaines règles du jeu. Ensuite, la Constitution luxembourgeoise de 1848, telle qu'elle a été modifiée par la suite, qui a été considérée comme une mauvaise copie de la Constitution belge de 1831 est plus restrictive en matière de libertés publiques et constitue le cadre constitutionnel des cultes (Article 19 de la Constitution dans sa version de 1868, thèse des catholiques ultramontains) qui n'exclut cependant pas le concordat. Par ailleurs, des lois spéciales ont été adoptées sur l'érection de l'évêché ou encore sur le serment à prêter par l'archevêque au moment de son entrée en fonction. Enfin, peut-être de façon plus insidieuse mais aussi efficace, le droit commun s'applique. Ceci est le cas à chaque fois l'Église recourt à des institutions de droit privé, associations sans but lucratif, fondations d'utilité publique ou encore sociétés commerciales. B. Pour les autres confessions "reconnues", les normes relatives aux juifs, aux protestants en général et aux protestants réformés, s'appuient sur la législation concordataire. Certaines dispositions ont été adoptées ultérieurement. Il va de soi que ces dénominations religieuses jouissent des garanties constitutionnelles et peuvent profiter de la législation de droit commun également.

La protection des données informatiques et les Églises en Luxembourg

101

C. Les cultes "non reconnus" et les nouveaux mouvements religieux. Ces institutions de droit ou de fait bénéficient de la liberté des cultes ou de la liberté d'association. Les principales difficultés rencontrées par ces mouvements sont l'absence de financement public et l'observation de la législation pénale (protection des mineurs, etc.). 2. Du droit dfautonomie des communautés religieuses Le système concordataire hérité de la période française risquerait de limiter sérieusement le pouvoir d'autonomie des communautés religieuses s'il était appliqué à la lettre, ce qui d'ailleurs n'a même pas été le cas en France au cours du 19ème siècle. La Constitution de 1848 dans sa version actuelle souligne de façon assez forte la liberté et l'autonomie des cultes, qu'ils aient un statut légalement reconnu ou non. La distinction faite en droit local alsacien et mosellan sur la notion de "culte reconnu" ou "culte non reconnu" n'est pas transposable en droit luxembourgeois. Citons les articles pertinents dans la version actuelle de la Constitution, tout en remarquant que l'actuelle Chambre est constituante. Art. 19 - La liberté des cultes, celle de leur exercice public, ainsi que la liberté de manifester ses opinions religieuses sont garanties, sauf la répression des délits commis à l'occasion de l'usage de ces libertés. Art. 20 - Nul ne peut être contraint de concourir d'une manière quelconque aux actes et aux cérémonies d'un culte, ni d'en observer les jours de repos. Art. 21 - Le mariage civil devra toujours précéder la bénédiction nuptiale. Art. 22 - L'intervention de l'État dans la nomination et l'installation des chefs des cultes, le mode de nomination et de révocation des autres ministres des cultes, la faculté pour les uns et les autres de correspondre avec leurs supérieurs et de publier leurs actes, ainsi que les rapports de l'Église avec l'État, font l'objet de conventions à soumettre à la Chambre des Députés pour les dispositions qui nécessitent son intervention. On notera que l'article 21 de la Constitution luxembourgeoise est plus restrictif que son pendant dans la Constitution belge. Quant à l'article 22, dont la rédaction est pour le moins obscure, il n'a été en fait appliqué que pour la convention assez récente avec l'Église protestante ré-

102

Alexis Pauly

formée. On peut le considérer aussi comme base juridique de la réception en droit public luxembourgeois de la législation concordataire. In concreto , le problème majeur se pose avec l'exigence de la nationalité luxembourgeoise des ministres du culte. La dispense de nationalité doit se faire par une loi spéciale.

3. Sens l'constitutionnel11 des communautés religieuses Le droit constitutionnel luxembourgeois ne connaît pas de religion "officielle", certaines dénominations religieuses se sont vu attribuer des droits par le concordat de Bonaparte, par des lois postérieures ou des conventions particulières. Les institutions sociales ou scolaires de nos jours, appartenant à des Églises ou des organisations ecclésiales, adoptent généralement des structures de droit commun, ne serait-ce que pour profiter des subventions publiques. Les congrégations religieuses de confession catholique, reconnues par l'État, ont recours le plus souvent à des institutions de droit privé pour la gestion de leurs oeuvres, notamment pour des raisons de séparation des patrimoines. Pour leur patrimoine propre, elles sont soumises à une tutelle administrative.

4. Le financement des Églises Il n'existe pas d'impôt ecclésiastique luxembourgeois. Les institutions ecclésiales prévues par le système concordataire peuvent recevoir des donations selon les règles fixées par cette législation (autorisations...). Les Églises semblent recourir bien volontiers à des structures de droit privé qui permettent une gestion plus discrète (sociétés commerciales, associations sans but lucratif, fondations d'utilité publique). Les ministres du culte de l'Église catholique romaine, de l'Église protestante, de l'Église protestante réformée et de la Communauté juive sont rétribués par le budget de l'État. Dans la pratique les ministres du culte catholique peuvent également être des laïcs! Les communes doivent combler le déficit des fabriques d'Église. Par ailleurs, l'État - voire les communes - peut aider les confessions "reconnues ou non", par des subventions (ministères des Affaires culturelles, des Travaux publics, Budgets communaux).

La protection des données informatiques et les Églises en Luxembourg

103

Les dépôts dans des banques luxembourgeoises de dénominations religieuses étrangères sont garantis par le secret bancaire luxembourgeois .

5. Le cadre légal de la protection des données informatiques Il est constitué par la loi du 31 mars 1979 réglementant l'utilisation des données nominatives dans les traitements informatiques, modifiée par: 1. loi du 19 novembre 1987 portant a) approbation de la Convention pour la protection des personnes à l'égard du traitement automatique des données à caractère personnel, faite à Strasbourg, le 28 janvier 1981. b) modification de la loi du 31 mars 1979 réglementant l'utilisation des données nominatives dans les traitements informatiques. 2. loi du 30 septembre 1992 modifiant la loi du 31 mars 1979 réglementant l'utilisation des données nominatives dans les traitements informatiques. 3. loi du 1er octobre 1992 modifiant la loi du 31 mars 1979 réglementant l'utilisation des données nominatives dans les traitements informatiques. 4. règlement grand-ducal du 2 octobre 1992 relatif à la création et à l'exploitation d'une banque de données nominatives de police générale. Mémorial A-74 du 2 octobre 1992, p. 2247." 5. règlement grand-ducal du 2 octobre 1992 réglementant l'utilisation des données nominatives médicales dans les traitements informatiques. Mémorial A-74 du 2 octobre 1992, p. 2250" Texte coordonné du 2 octobre 1992. Mémorial A-N° 74 - 2 octobre 1992, p. 2242.

6. Le champ d'application de cette législation Les Églises tombent sans aucun doute dans le champ d'application de la législation susmentionnée. On citera les dispositions les plus importantes à cet égard.

104

Alexis Pauly

Article 3. 1. la loi est applicable à toutes les banques de données nominatives installées ou utilisées sur le territoire du Grand-Duché de Luxembourg. 2. Sont exclues du champ d'application de la présente loi: a) les banques de données qui en vertu d'une loi ou d'un règlement sont accessibles au public; b) celles qui contiennent exclusivement des données en rapport avec le propriétaire de la banque; c) celles qui sont établies pour le compte des institutions de droit international public . 3. Les prescriptions de la présente loi sont applicables aux banques de données implantées sur le territoire luxembourgeois, même si les données sont uniquement utilisées à l'étranger. Si une banque de données, implantée sur un territoire étranger, est accessible au Grand- Duché de Luxembourg au moyen d'un terminal, les prescriptions de la présente loi doivent être observées par l'utilisateur de ce terminal. Article 14. La collecte de données opérée par tout moyen frauduleux, déloyal ou illicite est interdite. Article 15. Il est interdit de collecter et d'enregistrer dans des banques de données. a) les données relatives aux opinions ou activités politiques, syndicales, philosophiques ou religieuses des personnes; b) les données concernant l'intimité de la vie privée (loi du 19 novembre 1978); c) les données à caractère personnel révélant l'origine raciale.

Il n'est pas interdit à une association de droit ou de fait de tenir le répertoire de ses membres sous forme d'une banque de données. De même les appartenances syndicales peuvent être collectées ou enregistrées dans des banques de données en cas de demande expresse des intéressés. Ces données ne peuvent être communiquées à un tiers. Faut-il considérer le

La protection des données informatiques et les Églises en Luxembourg

105

Saint-Siège comme une institution de droit international public au regard de l'article 3, paragraphe 2 sous-lettre c, auquel cas il serait exempté de la législation? L'argumentation me semble peu solide du point de vue juridique et pernicieuse du point de vue politique. En effet, l'article 15 lettre a interdit la collecte et l'enregistrement des données ... religieuses. Mais l'article 15 prévoit qu'il n'est pas interdit à une association de droit ou de fait (par exemple une institution ecclésiale) de tenir le répertoire de ses membres sous forme d'une banque de données. En l'absence d'impôt ecclésiastique, la sortie "officielle" d'une Église perd de son importance, mais une solution satisfaisante ne semble pas avoir été trouvée. Quant à l'article 14, il pourrait viser des dénominations religieuses qui collectionnent les données personnelles des individus du monde entier pour les faire baptiser à leur insu, aux États-Unis notamment.

7. La protection légale des données personnelles établie par les communautés religieuses elles-mêmes Nous n'avons pas connaissance de telles normes luxembourgeoises. Des réflexions d'ordre déontologique semblent se mettre en route. Un problème majeur pourrait être celui des banques de données existant dans le cadre d'instituts religieux de droit pontifical ayant leur siège en dehors du Luxembourg.

8. Problèmes spécifiques Nous renvoyons aux réponses données sous le point 6. Les statistiques datant d'avant la loi de 1979 sont disponibles. Les dénominations religieuses publient régulièrement des statistiques sur le nombre de leurs adhérents, mais les résultats sont peu fiables.

106

Alexis Pauly

9. Points de rencontre entre l'État et les Églises en matière de protection des données informatiques Au vu de l'absence d'impôt ecclésiastique il n'existe pas de problèmes luxembourgeoises à cet égard en relation avec les données informatiques. La législation sur le secret médical en matière de données informatiques est trop récente pour voir surgir les problèmes concrets. Nous n'avons pas pu savoir si certaines cliniques privées - ou publiques - demandent l'appartenance religieuse des patients et si elles enregistrent ces données dans un système informatisé. Les communes comme les autres autorités publiques n'ont pas le droit d'enregistrer l'appartenance cultuelle de leurs habitants. Pour le moment, les livres paroissiaux semblent exister seulement sur un support papier. Aurait-on le droit de mettre dans une banque de données les livres paroissiaux datant d'avant la Révolution française et confisqués par les lois révolutionnaires?

Datenschutzgesetzgebung und die Kirchen in den Niederlanden Von Sophie C. van Bijsterveld, Tilburg* I· Einleitung Anfang der siebziger Jahre ist in den Niederlanden das Interesse an der Datenschutzgesetzgebung stark gewachsen1. Initiativen zu einer solchen Gesetzgebung führten zunächst zu keinen Ergebnissen. Die Totalrevision der Verfassung, angefangen im Jahre 1976 und vollendet im Jahre 1983, bedeutete für den rechtlichen Schutz der Privatsphäre einen starken weiteren Impuls2. Zum ersten Mal wurde im Jahre 1983 eine Garantie in diesem speziellen Bereich aufgenommen, damit die klassischen Schutzbereiche des Persönlichkeitsrechtes ergänzend. Schon vor dem Inkrafttreten der neuen Verfassung und auch außerhalb des strikten Bereichs der Verfassung wurde in der Rechtsprechung der zugrundeliegende Wert des Persönlichkeitsrechtes explizit berücksichtigt3. Dies geschah auch mit Hinsicht auf die internationalen Regelungen und Entwicklungen in anderen Ländern, die hier ihren Einfluß geltend machten4. Seit dem Inkrafttreten der Verfassung ist der Datenschutz in eine Stromschnelle geraten. Neue Gesetzgebungsprojekte sind initiiert worden und schon existierende Gesetzgebung wurde angepaßt.

* Dem Übersetzer Lie. Frans Beersmans sei hiermit für seine geschätzte Mitarbeit gedankt. 1 Für einen Überblick der ersten Initiativen Kamerstukken II, 1984 - 1985, 19 095, Nr. 3, S. 14- 15. 2 Dokumentation zum Datenschutzartikel in Algehele grondwetsherziening, eerste lezing, dl. Ia Grondrechten (Naar een nieuwe grondwet, 15), 's-Gravenhage 1979. Id., dl. Ib Grondrechten (Naar een nieuwe grondwet, 18), 's-Gravenhage 1981. Algehele grondwetsherziening, Tweede lezing (eerste gedeelte) (Naar een nieuwe grondwet, 31), 's-Gravenhage 1987. 3 Jurisprudenz in L.F.M. Verhey, Art. 10, in: Akkermans/Koekkoek, De Grondwet, S. 223 - 250. 4 Insb. HR 9 januari 1987, NJ 1987, 928; dieses Recht war damals noch nicht in Kraft getreten (vgl. Par. III).

108

Sophie C. van Bijsterveld

Die Entwicklungen lassen die Kirchen nicht unberührt. Im direkten Verhältnis zum Staat ergeben sich Änderungen in der Organisation der kirchlichen Datenregistrierung 5. Die staatlichen Vorschriften haben auch ihre Auswirkungen im innerkirchlichen und weiteren gesellschaftlichen Verkehr. Grundsätzlich ergeben sich hier aus juristischer Sicht zwei Fragen. Die erste Frage ist, welche Freiheit und welche Möglichkeiten die Kirchen für die Erfüllung ihrer Arbeit und ihres Auftrages haben, über personenbezogene Daten zu verfügen. Die zweite Frage ist, welcher juristische Status der personenbezogenen Angabe "Religionszugehörigkeit" außerhalb der Kirchen und der konfessionellen Einrichtungen zugemessen worden ist. In diesem Beitrag werden die beiden obengenannten Fragen im Licht des Verhältnisses zwischen Staat und Kirche zur Diskussion gestellt. Dazu werden zuerst die Grundzüge des niederländischen staatskirchenrechtlichen Systems dargestellt (II). Darauf wird die Entwicklung und die Struktur der Datenschutzgesetzgebung analysiert im speziellen Hinblick auf die Kirchen (III). Betrachtet werden dann die Konsequenzen der Gesetzgebung für die kirchliche Arbeit und für den Status von "Religionszugehörigkeit" als personenbezogener Angabe (IV). Von staatskirchenrechtlicher Sicht aus wird auch der Vorschlag der EGKommission für eine Richtlinie des Rates zum Datenschutz und zum freien Datenverkehr6 bewertet (V). Zum Schluß folgt eine Evaluation (VI). I I . Kirche und Staat Die Bewertung der nationalen Datenschutzgesetzgebung in Bezug auf die Kirchen, wie auch einer EG-Richtlinie zum Datenschutz und freien Datenverkehr, muß letztlich im Licht des staatskirchenrechtlichen Systems geschehen, ein System, das als eine Trennung zwischen Staat und Kirche charakterisiert werden kann. Diese Trennung zwischen Staat und Kirche basiert auf der Religionsfreiheit (Art. 6 Verf.) und dem Gleichheitsgrundsatz (Art. 1 Verf.) in Zusammenhang mit der historischen Entwicklung. Die Trennung ist verfassungsmäßig nicht explizit formuliert worden7. 5

Für den Anfang dieser Änderungen, S.C. den Dekker-van Bijsterveld, De verhouding tussen kerk en Staat in het licht van de grondrechten, Zwolle 1988, S. 267 - 270. 6 C O M (92) 422 final, Geänderter Vorschlag der EG-Kommission für eine Richtlinie des Rates zum Schutz natürlicher Personen bei der Verarbeitung personenbezogener Daten und zum freien Datenverkehr. 7 Über das Verhältnis zwischen Staat und Kirchen in den Niederlanden, S.C. den Dekker-van Bijsterveld, o.e., (N. 6).

Datenschutzgesetzgebung und die Kirchen in den Niederlanden

109

Wesentliche Elemente der Trennung sind Organisationsfreiheit der Kirche und finanzielle Unabhängigkeit vom Staat. Dies bedeutet nicht, daß es auf diesen Gebieten keine Beziehungen zwischen Staat und Kirche gibt oder geben soll. Im organisatorischen Bereich sind gesetzliche Garantien zur weiteren Konkretisierung der Organisationsfreiheit erforderlich. Daneben gibt es Einschränkungen dieser Freiheit, berechtigte und umstrittene. Auch im finanziellen Bereich gibt es Verbindungen. Wie auch immer die Trennung zwischen Staat und Kirche im Licht der Verfassung und der historischen Entwicklung näherer Konkretisierung bedarf, jedenfalls muß festgehalten werden, daß die Trennung sich als eine positive Trennung verstehen läßt, als eine Trennung, die in den Garantien der Freiheitsrechte verwurzelt ist. Die Trennung zwischen Staat und Kirche ist also nicht etwas Kirchenfeindliches oder Negatives. Es gibt keine privilegierte Kirche. Alle Kirchen haben im Prinzip denselben Status dem Staat gegenüber. Als juristische Personen sind sie Kategorien des Zivilrechts. Die kirchliche Autonomie ist expliziert im Zivilgesetzbuch, das bestimmt, daß die Kirchen "regiert werden von ihrem eigenen Statut, insofern es nicht gegen das Gesetz verstößt". Die Bestimmung ist eine prinzipielle Anerkennung der kirchlichen Organisationsfreiheit und wird von weiteren Bestimmungen unterstützt. Das kirchliche Statut soll gemäß dem Zivilgesetzbuch nicht gegen das Gesetz verstoßen. Es läßt sich fragen, ob die Schrankenklausel alle Gesetze umfaßt oder nur die fundamentalen8. Aus dem Schrankenvorbehalt der Verfassung9 ergibt sich jedenfalls, daß die Einschränkungen nur durch ein formelles Gesetz, ein parlamentarisches Gesetz, gemacht werden können, nicht durch nachgeordnete Gesetzgebung. Diese Kompetenzbedingung bestimmt natürlich die Interpretation des Zivilgesetzbuches mit. Außerdem sind Einschränkungen der Freiheitsrechte immer zu beurteilen im Licht der garantierten Freiheit. Das gilt auch für die Organisationsfreiheit der Kirche. Rechtspersönlichkeit haben nicht nur die Kirchen, sondern auch ihre selbständige Teile und Körperschaften, in denen sie vereint sind. Dies läßt die Möglichkeit offen, Anstalten im sozialen und caritativen Bereich kirchlich, das heißt als selbständige Teile der Kirche, zu organisieren. Obwohl es tatsächlich 8 Hierzu J.J.M. Maeijer, Rechtspersoon, godsdienst en levensovertuiging, Mededelingen der Koninklijke Akademie der Wetenschappen, Afdeling Letterkunde, Amsterdam 1986, S. 10; und S.C. den Dekker-van Bijsterveld, o.e. (N. 6), S. 250 ff. 9 Art. 6 Abs. 1, Verfassung: "Jeder hat das Recht, seine Religion oder Weltanschauung einzeln oder in Gemeinschaft mit anderen frei zu bekennen, unbeschadet der Verantwortung jedes einzelnen vor dem Gesetz."

110

Sophie C. van Bijsterveld

diese Anstalten gibt, ist die Realität doch, daß diese durchaus als normale Vereine oder Stiftungen konstituiert sind - mit einer konfessionellen Identität. Letzteres kann ebenfalls der Fall sein, wenn diese Anstalten infolge ihrer Statuten in Verwaltung oder Organisation von der Kirche direkt beeinflußt werden. Es handelt sich hier um Anstalten wie Schulen10, Krankenhäuser, Altersheime, Medieninstitute und Sozialeinrichtungen. Wo es Gesetzgebung gibt auf den Gebieten, auf denen die obengenannten Anstalten tätig sind, bezieht diese sich ebenfalls auf die konfessionellen Anstalten, aber mit Anerkennung ihrer auf die Religionsfreiheit gegründeten Identität. Das heißt, daß allgemeine oder besondere Gesetzesbestimmungen erforderlich sind, um diese Identität zu schützen. Das gilt für ihre Stellung dem Staat, den Klienten und dem Personal gegenüber. Dieses Prinzip ist unumstritten, doch gibt es hier - mehr als in Bezug auf die Kirchen - unterschiedliche Auffassungen über die Weise und das Maß der weiteren Gestaltung der Freiheit. Insbesondere Gleichbehandlungsgesetzgebung oder Demokratisierungsgesetzgebung tendieren zu einer zu beschränkten Auffassung dieser Freiheit 11. Wie schon gesagt, ist finanzielle Unabhängigkeit der Kirche ein wesentliches Element des niederländischen Staatskirchenrechtssystems. Die finanziellen Beziehungen, die es gibt, finden meistens ihren Ursprung in der Erfüllung von allgemeinen, nicht auf die Kirchen bezogenen Staatsaufgaben. Das ist der Fall im Rahmen des Denkmalschutzes, Subventionierung sozialer oder gesellschaftlicher Aktivitäten, Steuerabzüge usw. Konfessionelle Anstalten, tätig im sozialen und caritativen Bereich, sind aufgenommen in die allgemeinen - oft komplexen - Finanzierungssysteme12. Das gilt auch für die Schulen. Wie die staatliche Verantwortung für den Schutz der Freiheitsrechte Konsequenzen hat für die Gestaltung des Rechtes im Bereich der Kirchenorganisation, so hat sie auch Konsequenzen im direkten finanziellen Bereich. Obwohl in den Niederlanden keine Kirchensteuer erhoben wird und die alten traditionellen Gehaltsverpflichtungen des Staates für kirchliche Amtsträger im Jahre 1983 abgelöst worden sind, gibt es doch finanzielle Verantwortlichkeiten des Staates gegenüber den Kirchen. Insbesondere ist hier an die geistliche Betreuung in Justiz- und Militäranstalten zu denken. Diese Verantwortlichkeit, die der Staat 10

Schulen haben eine besondere Stellung gemäß Art. 23 Verfassung. Auf diese Stellung kann hier nicht weiter eingegangen werden. 11 Vgl. S.C. van Bijsterveld, Kerk en Staat. Vrijheid en verantwoordelijkheid, in: H. Schaeffer e.a. (Hrsg.), Handboek Godsdienstin Nederland, Amersfoort 1992, S. 297. 12 Eine gesetzliche Garantie hinsichtlich der geistlichen Betreuung in diesen Anstalten ist auch in Aussicht gestellt.

Datenschutzgesetzgebung und die Kirchen in den Niederlanden

111

auch prinzipiell anerkannt hat13, entspricht den modernen Grundrechtsauffassungen, die in der Garantie der klassischen Grundrechte auch eine soziale Komponente erkennen, die unter Umständen Staatsleistungen erfordern kann14. Im letzten Jahrzehnt hat es verschiedene Änderungen im Verhältnis zwischen Staat und Kirche in den Niederlanden gegeben. Nicht alle diese Änderungen sind schon ganz durchgeführt. Die Initiierung dieser Änderungen fällt mit der Revision der Verfassung von 1983 zusammen, und hängt teilweise direkt damit zusammen. Obwohl diese Änderungen mehr oder weniger substantieller Art sind, haben sich die Grundprinzipien des Staatskirchenrechts nicht geändert15. Die Ablösung traditioneller Formen darf also nicht als ein Schritt in die Richtung einer Lösung jener Beziehungen betrachtet werden. Es soll nur bedeuten, daß die Beziehungen aufs neue gestaltet werden sollen auf eine zeitgemäße Weise. Es ist wichtig, dies festzustellen, und für die Beurteilung der Entwicklungen hinsichtlich der Datenschutzgesetzgebung ist es ebenfalls relevant. Zwei dieser Änderungen seien jetzt kurz erwähnt. 1987 ist das Recht der Kirche auf Auskünfte über das Einkommen der Mitglieder im Rahmen des Einkommenssteuergesetzes abgeschafft worden16. Hierfür hat es eine Vielzahl von Argumenten gegeben, darunter Gleichbehandlung der Kirchen und Trennung von Staat und Kirche, sowie der Schutz der Privatsphäre17. Faktisch war die Ausübung dieses Rechtes fast außer Gebrauch gekommen. Eine einschneidendere Änderung für die Kirchen ergibt sich aus der Neugestaltung des Systems der öffentlichen Bevölkerungsregistrierung 18. Von jeher war Religion eine Angabe auf jeder Einwohnerkarteikarte des kommunalen Melderegisters und es war den Kirchen ein Auskunftsrecht garantiert. Im Jahre 1968 wurde die Registrierung auf nicht-religiöse Weltanschauung ausgedehnt. In diesem Jahre wurde auch eine Einschränkung der bisher garantierten Auskünfte "für die geistliche Betreuung" festgelegt 19. Den späteren Entwicklungen 13 Kamerstukken II, 1990 - 1991, 20 868, Nr. 3 (Kabinetsstandpunkt, den 21. März 1991); in Zusammenhang mit, UCV 47, den 22. Juni 1992, Handelingen II, 1991 - 1992. 14 Kamerstukken II, 1976 - 1977, 13 873, Nr. 7, S. 8; M.C.B. Burkens, Algemene leerstukken van grondrechten naar Nederlands constitutioneel recht, Zwolle 1989, S. 25. 15 Dasselbe gilt grundsätzlich auch für die Revision selbst. 16 Gesetz vom 3. Juni 1987, Stb. 294 (mit Übergangsfrist). 17 Kamerstukken II, 1985 - 1986, 19 459, Nr. 3, S. 3. 18 Kamerstukken II, 1988 - 1989, 21 123, Nrs. 1 - 3 ff. (Gemeentelijke Basisadministratie Persoonsgegevens). Der Gesetzentwurf ist jetzt der Ersten Kammer des Parlaments vorgelegt worden. 19

Gesetz vom 21. März 1968, Stb. 244.

112

Sophie C. van Bijsterveld

vorgreifend wurde ab 1982 die Registrierung der Religionszugehörigkeit fakultativ20. Im zukünftigen - automatisierten - System der Bevölkerungsregistrierung (GB A) wird "Religionszugehörigkeit" gar nicht mehr registriert. Um die großen Probleme für die Kirchen zu beseitigen, ist ein Modus gefunden worden, ihnen einigermaßen entgegenzukommen. Einmalig werden die jetzt zur Verfügung stehenden Daten einer speziell für diesen Zweck errichteten interkirchlichen Stiftung (SILA) übertragen. Zukünftige Änderungen hinsichtlich der betreffenden Personen werden der SILA ständig übermittelt, unter gewissen Datenschutz- und Kostenbedingungen21. Die Entwicklungen hinsichtlich der GB A und die Entstehungsgeschichte des allgemeinen Datenschutzgesetzes greifen teilweise ineinander. Die Umrisse der GBA, inklusive der SILA, wurden im Laufe der Behandlung des Datenschutzgesetzentwurfs schon langsam deutlich22. Bei der endgültigen Streichung der öffentlichen Registrierung der Religionszugehörigkeit23 haben Datenschutzargumente, wie auch die Trennung zwischen Staat und Kirche, eine ausgeprägte Rolle gespielt.

I I I . Die Datenschutzgesetzgebung Die zentrale und allgemeinste Regelung der Datenschutzgesetzgebung wird durch das Datenschutzgesetz gebildet24. Dieses Gesetz ist zur Durchführung der Verfassung erlassen worden, die in Art. 10 Abs. 1, bestimmt, daß jeder das Recht auf Wahrung seiner Privatsphäre hat, unbeschadet der Einschränkungen durch Gesetz oder kraft eines Gesetzes. Der zweite und dritte Absatz bestimmen, daß ein Gesetz den Schutz der Privatsphäre regelt in Zusammenhang mit der Speicherung und Weitergabe persönlicher Daten, dem Anspruch von Personen auf Einblick in die über sie gesammelten Daten, deren Verwendung und die Benachrichtigung der Betroffenen. Diese Garantie stammt aus dem Jahre 2 0 21

Beschluß vom 16. Februar 1982, Stb. 79.

Schon Kamerstukken II, 1984 - 1985, 18 600 Hoofdstuk VII, Nr. 23; Kamerstukken II, 19 512. Weiter, Par. IV. 2 2 Zum Datenschutz im Rahmen der GBA s. E.R. Brouwer, GBA-Bescherming van de persoonlijke levenssfeer, in: E.R. Brouwer e.a., Juridische aspecten van het GBA-Project, Amsterdam 1992, S. 61 - 94. 2 3 Wie auch schon bei der Fakultativstellung i m Jahre 1982. 2 4 Wet persoonsregistraties (Gesetz vom 28. Dezember 1988, Stb. 665).

Datenschutzgesetzgebung und die Kirchen in den Niederlanden

113

1983. Art. 10 Verf. ist 1988 in Kraft getreten, für einzelne Anwendungsbereiche des Artikels erst später. Von Anfang an war klar, daß das Gesetz auch den privaten Bereich umfassen sollte. Weniger klar war aber der Inhalt der von der Verfassung benutzten Begriffe "persönliche Daten", "Einblick", "Verwendung", "Benachrichtigung" und selbst "Privatsphäre". Die Regierung hat den Inhalt der Begriffe auch nicht fixieren wollen, im Hinblick auf die zukünftige Gesetzgebung wie auch die jurisprudentiellen und sonstigen Entwicklungen25. So wurde ein offenes System, eine offene Garantie geboten, die durch Gesetzgebung und Jurisprudenz weiter zu entwickeln wäre 26. Bemerkenswert sind die Hinweise auf die Vertragsartikel (Art. 8 EKMR und Art. 17 IKBP 27 ) während des Prozesses der Verfassungsreform. Der damals in Vorbereitung befindliche Straßburgsche Vertrag zum Schutz des Menschen bei der automatischen Verarbeitung personenbezogener Daten war noch nicht erwähnt28. Mehr noch als die Verfassungsgeschichte hat dieser Vertrag erheblichen Einfluß auf die Gesetzgebungsgeschichte des Datenschutzgesetzes gehabt. Das Datenschutzgesetz wollte nicht nur eine Durchführung der Verfassung sein, sondern zugleich auch die Bedingungen zur Ratifizierung des Straßburgschen Vertrags erfüllen 29. Die Vertragsbestimmungen haben ihren Einfluß auf die Formulierung des Gesetzes tatsächlich gelten lassen. Auch in der Feststellung des Wirkungsbereichs hinsichtlich der Kirchen ist dies der Fall. Sowohl die mündliche als die schriftliche Behandlung des Datenschutzgesetzentwurfs im Parlament ist nicht besonders ausführlich gewesen. Das Datenschutzgesetz hat seit dem Vorschlag bis zur Feststellung im Jahre 1988 in den eigentlichen materiellen Bestimmungen doch einige wesentliche Änderungen erfahren, die gerade den Bereich der Kirchen betreffen. Das Gesetz ist integral auf die Kirchen anwendbar. Der Erstentwurf Schloß Datensammlungen der Kir25 Insb. "Privatsphäre". Kamerstukken II, 1975 - 1976, 13 872, Nr. 3, S. 40; L.F.M. Verhey, o.e., (N. 4), S. 226, 235 ff. Einige Begriffe sind bei der Revision gar nicht zur Sprache gekommen. 2 6 Auch, G. Overkleeft-Verburg, Het recht op eerbiediging van de persoonlijke levenssfeer (artikel 1.10), in: A.K. Koekkoek e.a. (Hrsg.), Grondrechten, Commentaar op hoofdstuk 1 van de herziene Grondwet, Nijmegen 1982, S. 229. 2 7 Art. 8 Europäische Konvention zum Schutz der Menschenrechte und Grundfreiheiten; Art. 17 Internationale Konvention über bürgerliche und politische Rechte. Vgl. Kamerstukken II, 1975 1976, 13 872, Nr. 3, S. 40 und Kamerstukken II, 1976 - 1977, 13 872, Nr. 7, S. 36. 2 8 Vertrag vom 28. Januar 1981; in der Folge "der Straßburgsche Vertrag" oder "Datenvertrag" genannt. 2 9 Insb. Kamerstukken II, 1984 - 1985, 19 095, Nr. 3, S. 15 ff. Auch ist in Zusammenhang mit der Konzipierung des Gesetzentwurfes oft auf ausländischen Erfahrungen hingewiesen.

8 Robbers

114

Sophie C. van Bijsterveld

chen und ihrer selbständigen Teile von der Wirkung des Gesetzes hinsichtlich ihrer Mitglieder aus30. Die Regierung lenkte aber aufgrund der Kritik des Staatsrates31 ein, indem sie diese Bestimmung strich, aber mit einer neuen Versicherung, daß die Durchführungsbestimmungen über sensible Daten, darunter auch Religion, die Freiheit der Kirchen, ihre Angehörigen zu registrieren, unverletzt lassen. Es hat später noch einen bescheidenen Versuch gegeben, die Kirchen von der Wirkung des Gesetzes auszunehmen32, aber zu dieser Zeit war klar, daß sie dem Gesetz unterworfen werden. Die Annahme eines Änderungsantrags sorgte dafür, daß diese neue Versicherung den Kirchen gegenüber gestrichen wurde33. Das Resultat ist, daß in dem Gesetz nur einige Kategorien von Datensammlungen ausgenommen sind, meistens mit einem privaten, öffentlichen oder polizeilichen Charakter.

Das Datenschutzgesetz

Die Anwendbarkeit auf die Kirchen bedeutet, daß das Anlegen ihrer personenbezogenen Datensammlungen34, das Aufnehmen von Daten in die Datensammlungen und die Nutzung der Daten an die staatlichen Normierungen gebunden sind35. Das gilt auch für die Übermittlung von Daten an Dritte. Daneben müssen sie die gesetzlich formulierten Rechte der Betroffenen beachten. Das Gesetz sieht auch die Kontrolle von Datensammlungen vor. Die Art und Weise der Kontrolle ist einigermaßen differenziert. Dabei ist jetzt schon festzuhalten, daß besondere Arten von Einrichtungen, die sich im gesellschaftlichen Verkehr bewegen wie Schulen und sonstige Anstalten (wie auch die öffentlichen Behörden) einer strengeren Kontrolle unterworfen sind, und daß einige der materiellen Bestimmungen für sie verschärft gelten. Das Gesetz wurde als Rahmengesetz und die Normierungen als unbestimmt bezeichnet36. Davon abgesehen, ob man sich mit dieser Charakterisierung ein3 0

Art. 2 Abs. 3, des Erstentwurfes; Kamerstukken II, 1984 - 1985, 19 095, A, S. 1. Hierunten, Par. IV. 3 2 Kamerstukken II, 1986 - 1987, 19 095, Nr. 14. Auch in die parlamentarischen Diskussionen ist die Stellung der Kirchen oft zur Sprache gekommen. 3 3 Kamerstukken II, 1986 - 1987, 19 095, Nr. 15. 3 4 Für dieses Begriff, hierunten Par. IV. 35 Gerade die Basisbestimmungen hinsichtlich dieser Punkte sind dem Staßburgschen Datenvertrag sehr ähnlich (Art. 5 - 7). 36 C.W. van der Pot , A.M. Donner, L. Prakke, Handboek van het Nederlandse Staatsrecht, Zwolle 1989, S. 322 - 324. 3 1

Datenschutzgesetzgebung und die Kirchen in den Niederlanden

115

verstanden erklärt, muß anerkannt werden, daß das Gesetz zusammen mit den Durchführungsbestimmungen eine detaillierte und komplexe Regelung bildet. Es gibt drei relevante Verwaltungsverordnungen. Die erste zählt die Einrichtungen auf, die einer strengeren Normierung unterworfen sind. Die zweite, der Beschluß Normierte Freistellung, nimmt einige gängige Datensammlungen von gewissen gesetzlichen Verpflichtungen aus; und der Beschluß Sensible Daten führt für die Aufnahme sogenannter sensibler Daten in eine Datensammlung spezielle Vorschriften ein 37 . Infolge Art. 4 des Gesetzes wird eine Datensammlung nur angelegt für einen bestimmten Zweck, zu dem ein berechtigtes Interesse des Verantwortlichen Anlaß gibt. Der Zweck darf gemäß Art. 4 Abs. 2, nicht dem Gesetz, der öffentlichen Ordnung oder den guten Sitten zuwiderlaufen. Eine Zweckbindung gibt es nicht nur für das Anlegen einer Datensammlung, sondern auch für die Aufnahme der Daten in eine Sammlung. Sie sollen rechtmäßig aufgenommen sein und dem Zweck der Datensammlung gemäß sein. Zweckgebunden ist drittens die Nutzung der personenbezogenen Daten. Nur für Zwecke, die mit dem Zweck der Datensammlung selbst übereinstimmen, ist die Nutzung der personenbezogenen Daten zulässig. Übermittlung der Daten aus einer Datensammlung ist auch zweckgebunden normiert. Die Übermittlung an Dritte ist nur erlaubt, insoweit es sich ergibt aus dem Zweck der Registrierung, gesetzlich gefordert wird oder mit Zustimmung der Betroffenen stattfindet (Art. 11 Abs. 1). Die Zustimmung erfolgt im Prinzip schriftlich. Zustimmung wird nicht verlangt für Übermittlung auf Bitten zur Verwendung für wissenschaftliche oder statistische Zwecke oder aus "gewichtigen und zwingenden Gründen", insoweit der Privatsphäre dadurch nicht unverhältnismäßig geschadet wird (Art. 11 Abs. 2). Auch sonst ist bestimmt, daß Übermittlung innerhalb der eigenen Organisation nur an Personen geschieht, die ihrem Auftrag gemäß die Daten empfangen dürfen (Art. 6 Abs. 2). Der Verantwortliche trägt Sorge dafür, daß die Daten korrekt und vollständig sind (Art. 5 Abs. 2). Für die verschiedenen Arten von Datensammlungen gelten hinsichtlich der Betroffenen auch dieselben Rechte. So müssen die Betroffenen von der Aufnahme ihrer Daten in eine Datensammlung im Prinzip benachrichtigt worden. Auch auf einen entsprechenden Wunsch hin wird Auskunft gegeben. Es gibt 3 7 Beschluß vom 19. Dezember 1989, Stb. 569; Beschluß vom 2. Januar 1990, Stb. 16; Beschluß vom 19. Februar 1993, Stb. 158.

8*

116

Sophie C. van Bijsterveld

Rechte zur Verbesserung und Streichung der Daten38. Auch das juristische Verfahren ist geregelt. Die Überwachung des Gesetzes ist im Prinzip in Händen des Zivilgerichts. Für öffentliche Stellen und für durch allgemeine Verwaltungsverordnung zu bestimmende Einrichtungen ist das Anlegen von Datensammlungen und die Aufnahme von Daten in eine Sammlung an strengere Vorschriften gebunden. Sowohl das Anlegen als die Aufnahme müssen notwendig sein. Übermittlung an öffentliche Behörden ist geregelt und - ohne Zustimmung der Betroffenen gestattet, insoweit dies für die Erfüllung des öffentlichen Auftrags nötig ist und der Privatsphäre nicht unverhältnismäßig geschadet wird (Art. 18). Dies ist auch wichtig für konfessionelle Schulen, Krankenhäuser, Altersheime, Pflegeanstalten usw. Bis jetzt vielleicht "vage", aber doch unverkennbar schafft das Gesetz Verpflichtungen. Das ist der Fall für die Kirchen und mehr noch für die (konfessionellen) Anstalten. Daß das Gesetz Verpflichtungen schafft, wird noch deutlicher, wenn wir die Kontrolle betrachten. Datensammlungen müssen im Prinzip bei der vom Gesetz eingerichteten Registrierungskammer angemeldet werden. Gemäß Art. 24 müssen die von der allgemeinen Verwaltungsverordnung geforderten Angaben über die Datensammlung mitgeteilt werden. Die obengenannten Anstalten haben statt dessen die Verpflichtung, ein Reglement festzustellen und dies der Registrierungskammer vorzulegen. Das Gesetz bestimmt, was mindestens geregelt sein soll (Art. 19). Die Registrierungskammer hat außerdem weitgehende Befugnisse, die für alle Arten von Datensammlungen gelten. So werden auf ihre Bitte hin Daten sowie alle Auskünfte und Informationen erteilt. Die Kammer hat Zutritt zu allen Räumen, wo sich (Teile von) Datensammlungen befinden. Auch darf sie von Amts wegen oder auf Verlangen Untersuchungen durchführen über die Weise, in der das Gesetz durchgeführt wird 39 .

3 8 In Ausnahmefällen ist das nicht nötig, z.B. für wissenschaftliche Forschung und Staüstik. Verweigerung kann auch aus anderen Gründen stattfinden. 3 9 Aufgrund von Art.46 Abs. 1, des Datenschutzgesetzes hat die Registrierungskammer inzwischen von Amts wegen und auf Verlangen eine Untersuchung zur Rechtmäßigkeit des Aufbauens der Mitgliederverwaltung durch die SILA durchgeführt. Das Resultat dieser Untersuchung war, daß das Verfahren sorgfältig ist und den Anforderungen des Gesetzes genügt, wie in dem Abschlußbericht "De inrichting van een interkerkelijke ledenadministratie" (Rijswijk, juni 1993) nachzulesen ist.

Datenschutzgesetzgebung und die Kirchen in den Niederlanden

117

Die Verwaltungsverordnungen

Für beide Arten von Datensammlungen - nämlich für die Anmelde- oder aber Reglementspflichtigen - sieht das Gesetz Ausnahmemöglichkeiten von der Anmelde- bzw. Reglementsverpflichtung vor. Diese Ausnahmen sind jetzt in dem Beschluß Normierte Freistellung konkretisiert. Es handelt sich hier aber nicht um wesentliche Ausnahmen. Der Zweck der Ausnahmemöglichkeiten liegt darin, daß wirkliche "Durchschnittsregistrierungen" nicht angemeldet oder reglementiert zu werden brauchen. Die Kontrollmöglichkeiten der Registrierungskammer werden im übrigen beibehalten. Der Beschluß ist nach der Art der Registrierung aufgebaut. So kennt es personenbezogene Registrierungen hinsichtlich u.a. Gehalt, Pension, Abonnements, Personal. Das wichtigste ist aber der Artikel speziell hinsichtlich der Kirchen. Anmeldung der Datensammlungen hinsichtlich ihrer (Geburts-) Mitglieder oder Begünstiger kann unterlassen werden, wenn nur einige faktische Daten wie Name und Adresse usw. aufgenommen werden, Daten hinsichtlich der Art von Mitgliedschaft und Funktion innerhalb der Organisation, Daten im Hinblick auf die Beiträge. Daneben können auch andere Daten aufgenommen werden, deren Aufnahme "vom kirchlichen Statut gefordert" wird. Vor allem diese letzte Bestimmung ist natürlich interessant. Gemäß diesem Artikel werden die Daten, abgesehen von einigen sehr elementaren Zwecken, nur benutzt für Aktivitäten, die die Organisation gemäß ihrem Statut ausübt. Spätestens zwei Jahre nach Beendigung der Mitgliedschaft oder Begünstigung werden die Daten aus der Datensammlung entfernt 40. Problematischer als der Beschluß Normierte Freistellung ist der Beschluß Sensible Daten, der aufgrund von Art. 7 Datenschutzgesetz erlassen wurde. Obwohl das Gesetz eine Verwaltungsverordnung innerhalb eines Jahres verlangt hat, hat es länger als drei Jahre gedauert, bis der Beschluß gefaßt wurde. Die Kommentare und Gutachten zu dem ersten Konzept haben zu mehr oder weniger wesentlichen Änderungen geführt, aber die Struktur der Ordnung ist nicht wesentlich geändert worden. Der Beschluß bezieht sich gemäß Art. 7 des Gesetzes auf personenbezogene Daten, welche jemandes Religion, Weltanschauung, politische Einstellung, Sexualität oder intimes Lebensverhalten betreffen, wie auch auf personenbezogene Daten von medizinischer, psychologischer, strafrechtlicher oder diszipli4 0

Möglichkeiten gibt es sonst unter Art. 16 (Fünfjahresfrist), 17 (Archivbestimmung).

118

Sophie C. van Bijsterveld

narrechtlicher Art. Die Hauptregel ist, daß es nicht zulässig ist, Daten dieser Art in eine Datensammlung aufzunehmen, außer wenn von diesem Beschluß gestattet. Wie der Beschluß Normierte Freistellung ist dieser Beschluß stark kompartimentiert aufgebaut. Der Beschluß bezieht sich auf alle einzelnen Daten. Die Systematik ist, daß für jede Art von Daten festgestellt wird, wer unter welchen Umständen die Daten aufnehmen darf. Die Daten selbst stehen also zentral. Daneben gibt es noch eine Restkategorie von erlaubten Registrierungen, für die ein allgemeiner Abwägungsrahmen gebildet wird 41 . Dieser Beschluß beschäftigt sich nur mit der Aufnahme der sensiblen Daten. Weiterhin muß festgehalten werden, daß die Bestimmungen des Gesetzes auch für diese Registrierungen unvermindert Geltung behalten42. Gemäß Art. 2 dürfen Daten hinsichtlich der Religion oder Weltanschauung einer Person aufgenommen werden in: "a. Datensammlungen geführt von oder für Kirchen, deren selbständige Teile oder andere Vereine auf weltanschaulicher Basis hinsichtlich der dazu gehörenden Personen; b. Datensammlungen, geführt von oder für Einrichtungen auf religiöser oder weltanschaulicher Basis, insoweit dies im Hinblick auf den Zweck der Einrichtung und zur Verwirklichung ihrer Zielsetzung nötig ist, oder c. andere Datensammlungen, insoweit dies nötig ist im Hinblick auf die geistliche Betreuung der Betroffenen." Ausdrücklich ist gestattet, daß personenbezogene Datensammlungen wie gemeint unter a) auch die Familienmitglieder betreffen dürfen, außer wenn diese dagegen schriftlich Beschwerde geführt haben. Schriftliche Beschwerden können auch von den Personen gemeint unter c) geführt werden, in welchem Fall Registrierung auch nicht zulässig ist. Unbeschadet der anderen Artikel bestimmt Art. 8, daß sensible Daten auch in Datensammlungen aufgenommen werden dürfen u.a. insoweit: "a. dies nötig ist zur Erfüllung einer völkerrechtlichen oder vom Gesetz verlangten Verpflichtung;

4 1

Es handelt sich hier hauptsächlich um unvorhergesehene Registrierungen und Registrierungen, für die spezifische Regelungen kaum zu geben sind. 4 2 Gemäß Art. 7 Abs. 3, Datenschutzgesetz soll innerhalb drei Jahren ein Entwurf vorliegen, der diese Materie gesetzlich regelt.

Datenschutzgesetzgebung und die Kirchen in den Niederlanden

119

b. dies geschieht im Hinblick auf einen von dem Betroffenen verlangten rechtmäßigen Beschluß oder Leistung; c. dies geschieht mit schriftlicher Zustimmung des Betroffenen und nötig ist für den Zweck der Datensammlung43; d. dies nötig ist im Hinblick auf ein wichtiges Interesse des Betroffenen und er dagegen keine schriftliche Beschwerde eingereicht hat; e. die Datensammlungen nur für wissenschaftliche Forschung oder Statistik angelegt sind und für eine bestimmte wissenschaftliche Untersuchung oder eine bestimmte Statistik nötig sind; f. dies nötig ist im Hinblick auf gewichtige Interessen des Verantwortlichen und der Privatsphäre des Betroffenen nicht unverhältnismäßig geschadet wird." Wo es sich um andere "sensible" Daten als Religion und Weltanschauung handelt, muß es für die Kirchen im Prinzip dieser Artikel sein, der Registrierungen gestattet.

IV. Konsequenzen der Datenschutzgesetzgebung für die Kirchen Kirchenregistrierungen

Es ist bemerkenswert, wie sich die Stellung der Kirchen im Prozeß vom Erstentwurf des Datenschutzgesetzes bis zum definitiven Gesetz geändert hat. Die Motivierung der Regierung, die Kirchen von dem Gesetz auszunehmen, war auf die Organisationsfreiheit im Bereich der eigenen Mitglieder begründet. Das eigentlich einzige Argument, die Kirchen in den Wirkungskreis des Gesetzes einzubeziehen, war das Faktum, daß der Straßburgsche Datenvertrag "Religion" als eine sensible Angabe betrachtet44. Die von der Regierung vorgeschlagene Alternative, als Absatz in dem Artikel hinsichtlich sensibler Daten den Kirchen die Freiheit zu gewähren, ihre 4 3

Art. 8, zweiter Absatz, lautet: "Im i m ersten Absatz unter, c, gemeinten Fall kann die Zustimmung sich nur auf eine bestimmte Aufnahme oder auf eine bestimmte Kategorie von Aufnahmen in eine bestimmte Datensammlung beziehen und muß diese im Schreiben genau umschrieben werden. Die Erlaubnis kann jederzeit schriftlich zurückgezogen werden." 4 4 Über das Argument des Staatsrates, daß nicht einzusehen wäre, daß die (zukünftige) Datenschutzgesetzgebung die Religionsfreiheit oder das Funktionieren der Kirchen ihrem Wesen gemäß einschränken könnte, sollte man doch hinweggehen. Kamerstukken II, 1984 - 1985, 19 095, B, S.

11.

120

Sophie C. van Bijsterveld

Mitgliederregistrierungen zu führen, hat viele Diskussionen ausgelöst45. Endgültig wurde es abgelehnt mit dem Argument, daß es außerdem auch möglich wäre, die Kirchen zu berücksichtigen. Das Resultat ist eine Datenschutzgesetzgebung, die obwohl sie in den konkreten Verwaltungsverordnungen die Kirchen speziell beachtet und ihnen gewissermaßen entgegenkommt, doch die kirchliche Datenführung stark reglementiert. Die kompartimentierte Struktur der Verwaltungsverordnungen wurde in Bezug auf die Kirchen der vielfältigen Wirklichkeit der kirchlichen Arbeit und Datenverwendung nicht gut gerecht. Man kann also schon sagen, daß das Wegfallen der anfangs vorgesehenen Garantie, die auch im Bereich des Datenschutzes an die kirchliche Autonomie erinnerte, hier doch seinen Einfluß nachteilig geltend macht. Dazu muß beachtet werden, daß der Beschluß Sensible Daten im allgemeinen das Verbot verhängt, die als sensibel betrachteten Daten zu führen, und dann nur ausnahmsweise Erlaubnisse einräumt46. Für die pastorale Arbeit dürfte die Datenschutzgesetzgebung vielleicht noch die meisten Hindernisse ergeben. Genau in diesem Bereich besteht das Bedürfnis, über personenbezogene Daten zu verfügen. Die Art und Weise der pastoralen Arbeit bringt auch mit sich, daß die betreffenden Daten sich nicht einfach und im allgemeinen Sinne kategorisieren und einteilen lassen. "Sensibel" oder nicht, es ist klar, daß es sich um vertrauliche Daten handeln kann. In den meisten Fällen wäre es aber berechtigt, sich auf den Standpunkt zu stellen, daß diese Registrierungen nicht unter die Wirkung des Gesetzes fallen. Art. 1 des Gesetzes definiert nämlich eine Datensammlung als: "eine zusammenhängende Sammlung sich auf mehrere Personen beziehender Daten, die auf automatisiertem Wege geführt oder im Hinblick auf eine zweckmäßige Verwendung dieser Daten systematisch angelegt worden ist". Jedenfalls wenn es nur um persönliche Nutzung geht, gilt das Gesetz ebenfalls nicht. Auch die parlamentarischen Diskussionen über den Begriff Datensammlung lassen Interpretationsfragen offen. Von Seiten der Regierung wurde noch hinzugefügt, daß "einfache Akten und Aktensammlungen, die nur alphabetisch-le4 5 U.a. Kamerstukken II, 1985 - 1986, 19 095, Nr. 5, S. 12, 21, 22; Kamerstukken II, 1986 1987, 19 095, Nr. 6, S. 25, 46, 48; Kamerstukken II, 1986 - 1987, 19 095, Nr. 8, S. 6 - 7, 8; Kamerstukken II, 1986 - 1987, 19 095, Nr. 9, S. 11 - 12, 13; Kamerstukken I, 1987 - 1988, 19 095, Nr. 2a, S. 8 - 9; Kamerstukken I, 1987 - 1988, Nr. 2b, S. 25 - 26. 4 6 Ein Konstrukt, dem man öfter begegnet; vgl. das Allgemeine Gleichbehandlungsgesetz.

Datenschutzgesetzgebung und die Kirchen in den Niederlanden

121

xikographisch zugänglich gemacht worden sind, nicht als personenbezogene Datensammlungen im Sinne dieses Gesetzes betrachtet werden können"47. Also sind "wenig strukturierte und nicht systematisch zugänglich gemachte konventionelle Sammlungen" nicht dem Gesetz unterworfen. Weiter sind die "Umstände des Falles" relevant. Viele Registrierungen sind ohne weiteres als Datensammlung im Sinne des Gesetzes zu betrachten. Es hat den Anschein, daß es im kirchlichen Bereich doch tatsächlich Schwierigkeiten gibt, die verlangten Registrierungen zu führen, jedenfalls aufgrund des expliziten Zugeständnisses von Art. 2 Beschluß Sensible Daten. Es kann sich hier handeln um Registrierungen anderer "sensibler" Daten als Religion. Man denke z.B. an medizinische oder psychologische Angaben in Registrierungen (zukünftiger) Amtsträger. Es ist zweifelhaft, ob Art. 8 Beschluß Sensible Daten hier behilflich sein kann. Auch Registrierungen der Familienmitglieder oder Dritte könnten problematisch sein. Art. 2 Beschluß Sensible Daten spricht von Familienmitgliederregistrierungen, aber auf eine beschränkte Weise. Angaben über Familienmitglieder ergeben sich außerdem in Registrierungen, die die Kirche als (zukünftiger) Arbeitgeber führt. Dritte können registriert sein in Registrierungen kirchlicher Handlungen wie Taufe (Paten). Obwohl das Gesetz selbst diese Registrierungen nicht behindert, könnte es in Verbindung mit dem Beschluß Sensible Daten Probleme geben im Falle einer gewünschten Entfernung dieser Angaben. Auch wenn man fürs erste sich auf den Standpunkt stellt, daß die jetzt von den Kirchen geführten Registrierungen erlaubt sind, muß doch anerkannt werden, daß es für Kirchenregistrierungen Unsicherheiten gibt. Ohne explizite Garantie muß auf generelle Abwägungsklauseln zurückgegriffen werden. Abgesehen von vom kirchlichen Statut vorgeschriebenen Registrierungen gibt es sinnvolle oder zulässige Registrierungen. Dem Buchstaben des Gesetzes gemäß werden diese nicht die Kriterien des Beschlusses Normierte Freistellung erfüllen. Die großen Kirchen haben gewisse Maßnahmen getroffen, oft in ganz verschiedener Form. Nach dem Inkrafttreten des Gesetzes hat die Bischofskonferenz der katholischen Kirche ein Modellreglement personenbezogener Registrierungen für die örtlichen Gemeinden festgesetzt. Die (reformierten) Gereformeerde Kerken in Nederland haben für die zentrale Verwaltung freiwillig festgestellte Reglements für die Personalregistrierungen. Sonst gibt es die ei4 7

Kamerstukken II, 1984 - 1985, 19 095, Nr. 3, S. 17.

122

Sophie C. van Bijsterveld

gentlichen kirchenörtlichen Bestimmungen hinsichtlich personenbezogener Registrierungen. Für die katholische Kirche gibt es den Codex. Die (reformierte) Nederlandse Hervormde Kerk hat eine kirchliche Ordonnanz über Registrierungen - festgesetzt vor dem Inkrafttreten des Gesetzes, wie auch die (reformierte) Gereformeerde Kerken in Nederland. Bei der Registrierungskammer sind keine Registrierungen angemeldet worden48. Sonstige Registrierungen

Für die Beantwortung der zweiten Frage, die Frage nach den Registrierungsmöglichkeiten der personenbezogenen Angabe "Religionszugehörigkeit" außerhalb der Kirchen und konfessionellen Anstalten und der geistlichen Betreuung, muß auf die Restkategorie des Art. 8 Beschluß Sensible Daten zurückgegriffen werden, der in den Teilen a - f des ersten Absatzes den allgemeinen Abwägungsrahmen gibt. Die Erläuterung gibt einige Beispiele49, aber ansonsten ist die Interpretation reichlich unsicher. Auch muß auf das Allgemeine Gleichbehandlungsgesetz hingewiesen werden, das eine Ungleichbehandlung (etwas anderes als Diskriminierung) auch aufgrund von Religion ausschließt, wenn es sich um nichtkonfessionelle Einrichtungen handelt. Dies bedeutet, daß das Fragen nach der Religionszugehörigkeit an sich schon problematisch sein kann, angesichts der Beweislast im Falle einer negativen Entscheidung für den Betroffenen. Es muß zugleich gefolgert werden, daß in diesen Fällen keine Ausnahmemöglichkeiten von Anmeldungs- bzw. Reglementspflichten bestehen. Staat und Kirche

Schon bei den ersten Vorschlägen für ein neues System der Bevölkerungsregistrierung war klar, daß dieses System für die Registrierung der Kirchenangehörigkeit große Konsequenzen haben würde. Die Übermittlung der Angaben an die Kirchen selbst stand zur Diskussion. Auch die Kosten und Datenschutzbedingungen standen zur Diskussion. Klarheit über die Kosten gibt es noch nicht. 4 8 Vgl. den erst kürzlich erschienenen Jahresbericht der Registrierungskammer, Registratiekamer, Jaarverslag 1989-1991, Rijswijk. 4 9

Einem Arbeitgeber ist es erlaubt z.B. in Bezug auf die Erfüllung religiöser Verpflichtungen Religion zu registrieren (Art. 1 Abs. 1, unter a: Verpflichtung sich als "guter Arbeitgeber" zu benehmen). Konfessionellen Schulen ist es dagegen wiederum nicht ohne weiteres erlaubt, die abweichende Religionsmitgliedschaft der Schüler zu registrieren (Stb. 1993, 158, S. 25 - 26, S. 15). Vgl. auch Art. 2 Abs. 1, unter b, des Beschlusses.

Datenschutzgesetzgebung und die Kirchen in den Niederlanden

123

Für die Datenschutzaspekte kann auf das Datenschutzgesetz hingewiesen werden. Es ist bemerkenswert, wieviel Energie die Diskussion über die Datenschutzaspekte in diesem Bereich beansprucht hat, obwohl sich schon zu dieser Zeit die Normen über die Benachrichtigung der Betroffenen im Rahmen des Datenschutzgesetzentwurfs herauskristallisiert hatten. Bis zu zweimal sind Anträge von der Zweiten Kammer des Parlaments angenommen worden, mit dem Zweck, dem SILA und den Kommunalbehörden über das Datenschutzgesetz hinausgehende Normen und Bedingungen zu stellen. Beide Anträge sind vom Minister abgelehnt worden50. Das SILA-Konstrukt muß auch im Zusammenhang mit dem Gefühl der Sensibilität der Kirchenzugehörigkeit und der kirchlichen Datenregistrierung gesehen werden. Durch Vermittlung der Angaben an eine interkirchliche Stiftung bleibt die genaue Kirchenzugehörigkeit der Bürger den öffentlichen Behörden unbekannt51. Nicht alle Kirchen haben endgültig beschlossen, an dem SILASystem zu partizipieren 52. Diese Gegebenheit hat weiter in den parlamentarischen Diskussionen eine Rolle gespielt, in dem befürchtet wurde, daß faktisch die Chance, die Religionszugehörigkeit eines "SILA- Teilnehmers" zu schätzen, sich erhöht. Es sei noch bemerkt, daß die Streichung der Religionszugehörigkeit auf der Einwohnerkarteikarte der Bevölkerungsregistrierung in der Praxis Probleme ergeben hat bei der Übermittlung der Angaben an die kirchlichen Stellen im Hinblick auf die geistliche Betreuung in den militärischen Anstalten, insbesondere der Armee. Diese lassen sich demnächst wahrscheinlich lösen.

V. Der geänderte Vorschlag für eine EG-Richtiinie zum Datenschutz und zum freien Datenverkehr Außer der Tatsache, daß sich die Kompetenz der EG, eine Datenschutzrichtlinie im Bereich der Kirchen festzusetzen, an sich bezweifeln läßt53, gibt es 5 0 Kamerstukken II, 1986 - 1987, 19 512, Nr. 8, 9; und Kamerstukken II, 1987 - 1988, 19 512, Nr. 10, S. 9. 51 Sonst würde der Staat eigentlich die Religionsangehörigkeit selbst registrieren. 52 Auf die Hintergrunde kann hier nicht eingegangen werden. 5 3 Man denke, noch abgesehen von der in der Richtlinie selbst vorgesehenen Anwendbarkeitsbegrenzung auf dem Gemeinschaftsrecht unterliegende Tätigkeiten (Art. 3 Abs. 2), an das Subsidia-

124

Sophie C. van Bijsterveld

Probleme hinsichtlich der Anwendung einer EG-Datenschutzrichtlinie in der jetzigen Fassung auf die Kirchen. Die Probleme sind zweierlei. Zum ersten muß befürchet werden, daß ohne eine explizite Ausschließung der Kirchen von der Geltung der EG-Richtlinie bzw. eine spezifische Garantie hinsichtlich Kirchenregistrierungen, bei der Implementierung der Richtlinie in der niederländischen Rechtsordnung die kirchlichen Interessen nicht auf akzeptable Weise berücksichtigt zu werden drohen. Die Erfahrung mit dem Straßburgschen Datenvertrag erinnert daran, daß - selbst wenn dies aufgrund des Vertrags nicht nötig war - Regelungen getroffen worden sind, die aus nationaler staatskirchenrechtlicher Sicht nicht ganz befriedigend sind. Jedenfalls hat das Argument des internationalen Rechts - auch wenn es nicht zwingend war - den Ausschlag gegeben. Die seitdem auch an den Tag gelegte große Empfindlichkeit für kirchliche Datenregistrierung im Rahmen des Datenschutzgesetzes und der Verwaltungsverordnungen, wie auch die ganze Diskussion hinsichtlich der SILA im Rahmen des GBA-Gesetzes kann diese Befürchtung nur bestätigen. Ohnehin wird die Richtlinie selbst dazu weiter Veranlassung geben durch Aufnahme eines speziellen Abwägungsartikels im Hinblick auf die in Art. 10 EKMR garantierten Interessen der Meinungsfreiheit, unter gleichzeitiger Vernachlässigung der expliziten Berücksichtigung des Art. 9 EKMR. Es gibt noch ein zweites Problem. Das betrifft den Inhalt der Richtlinie selbst. Die Erweiterung der Wirkung auf den privaten Bereich und die sehr weiten Definitionen der zentralen Begriffe 54, wie u.a. Datensammlung, sind in ihren Konsequenzen kaum zu übersehen. In den Niederlanden sind die Kirchen dem Datenschutzgesetz unterworfen. Obwohl ihnen gewissermaßen entgegengekommen wurde, ist die Gesamtheit der Datenschutzgesetzgebung für sie nicht unproblematisch. Die Implementierung der Richtlinie mit einer Verschärfung der allgemeinen Normen hätte auf geräuschlose Weise Konsequenzen für sie. Wegen der Struktur des Datenschutzgesetzes würden ohne explizite Bestimmung in der Richtlinie selbst Ausnahmemöglichkeiten kaum im Frage kommen. Wenn auch Art. 8 des Vorschlages der EG-Richtlinie nicht schärfer als die eigenen Regelungen hinsichtlich sensibler Daten zu sein scheint, muß doch geritätsprinzip und die Respektierung des Art. 9 EKMR; hierauf kann i m diesen Rahmen nicht näher eingegangen werden. 5 4 Hierzu im allgemeinen, J. Berkvens, M. Schauss, Tweede akte van de privacyrichtlijn, in: Computerrecht 1992, S. 232 - 240, insb. S. 237 ff.

Datenschutzgesetzgebung und die Kirchen in den Niederlanden

125

dacht werden an Art. 7 (Grundlagen der Datenbehandlung), Art. 10 - 15 (Rechte der Betroffenen), und Art. 30 (Kontrollbefugnisse der Registrierungskammer). Wenn auch spezifische Bereiche, wie der engere Bereich der geistlichen Betreuung, nicht unter die EG-Regelungskompetenz fallen, muß damit gerechnet werden, daß diese Bereiche einfach durch die Erweiterung der Begriffsbestimmungen im Zusammenhang mit der Systematik der existierenden Gesetzgebung im nationalen Rahmen integriert werden. Negative Konsequenzen würden sich auch für die Registrierungsmöglichkeiten von anderen Personen als den Mitglieder selbst, wie z.B. die Familienmitglieder, ergeben. Das gilt auch für gewünschte Entfernung der Daten55.

VI. Zum Schluß Schutz der Privatsphäre ist ein großes Gut. Das Recht, unbefangen man selbst zu sein56, ist essentiell für eine freie und offene Gesellschaft. Essentiell ist auch die Verantwortlichkeit, sich gegen Praktiken zu wehren, die dieses Recht untergraben. In der Konkretisierung dieses Rechtes muß aber darauf geachtet werden, daß kein Übereifer an den Tag gelegt wird durch die Schaffung von Regelungen, die in ihrem Wirkungsbereich fast unbeschränkt, in ihrem Charakter bürokratisch, kaum durchführbar und kaum zu handhaben sind. Das gilt für den nationalen Gesetzgeber wie auch für den europäischen. In der Schaffung der Datenschutzregelungen sind die Kompetenzen des Gesetzgebers genau zu beachten. Dies entspricht nicht nur der Sache selbst, sondern auch den gerechtfertigten - und juristisch anerkannten - Interessen zur Registrierung personenbezogener Daten, auch wo es die Kirchen betrifft. Das gilt für die Schaffung einer EG-Richtlinie an sich, wie auch für die Implementierung im nationalen niederländischen Recht. Aus dem oben Dargestellten ergibt sich, daß es, um den kirchlichen Interessen gerecht zu werden, erwünscht ist,

5 5 Inzwischen ist die Frage über die Anwendbarkeit einer Datenschutzrichtlinie auf die Kirchen in der Zweiten Kammer des Parlaments angerührt worden; ohne endgültige Deutlichkeit. Die Tendenz war die Anwendbarkeit i m Lichte der Notwendigkeit für das Funktionieren des internen Marktes zu betrachten. Kamerstrukken II, 1992-1993, 22800 VI, Nr. 43; Kamerstrukken II, 19931994, 23 400 VI, Nr. 9. 5 6 Wie von der Regierung während des Prozesses der Verfassungsrevision formuliert; Kamerstukken II, 1975 - 1976, 13 872, Nr. 3, S. 41.

126

Sophie C. van Bijsterveld

die Kirchen vom Regelungsbereich der EG- Richtlinie auszunehmen bzw. eine spezifische Garantie hinsichtlich von Kirchenregistrierungen aufzunehmen. Religionsfreiheit und Trennung zwischen Staat und Kirche in der niederländischen Rechtsordnung bedeuten, daß nicht tief in die innerkirchliche Organisation eingegriffen werden soll. Diese Prinzipien haben auch im Bereich des Datenschutzes ihren materiellen Grund. Die Kirchen sind nicht ohne weiteres zu vergleichen mit auf irgendeinem spezifischen Gebiet tätigen Anstalten. Als Arbeitgeber sind sie nicht ohne weiteres mit anderen Arbeitgebern zu vergleichen. Mitgliedschaft der Kirche, mit ihren Geburtsmitgliedern, Taufmitgliedern, und vielen anderen Arten der Zugehörigkeit, ist nicht dasselbe wie die Mitgliedschaft eines Vereins. Pfarramtsausbildungen sind nicht von der Kirche zu trennen, in der der Student später tätig sein wird. Eine ausgeglichene und gerechte Gesetzgebung auch im Bereich des Datenschutzes berücksichtigt diese Eigenheiten. Klarheit und Offenheit hinsichtlich dieser Materie ist notwendig. Es scheint weiter - jedenfalls in der niederländischen Rechtssphäre - eine Tendenz zur Überakzentuierung von Religion als "sensible" Angabe zu geben57. Hiervon ist nicht nur im Bereich der Datenschutzgesetzgebung die Rede. Die Folge ist, daß Religion auf den strikten inneren Kreis der Kirche verbannt wird. Wie sehr natürlich auch Mißbrauch von Angaben verhindert werden soll, scheint diese Tendenz die gesellschaftliche Realität der Religion und die Existenz unterschiedlicher Religionen und religiöser Strömungen zu verkennen. Man kann sich fragen, ob ein solches Vorgehen den geistlichen und immateriellen Werten, die die Religionen darstellen und in der Gesellschaft gegenwärtig halten, gerecht wird.

5 7 Oder als nicht relevant: das CBS (Zentrales Statistisches Amt) hat aufgehört, kirchliche Statistiken zu publizieren. Nur unter der Bedingung, daß die Kirchen selbst den Auftrag dazu geben und die Kosten tragen, wäre es zur Fortsetzung bereit. Die Kosten stehen für die Kirchen ganz außer Frage.

European Data Protection and Churches in Portugal By Jorge Bacelar Gouveia, Lisbon I. Introduction 1. Scope of the Subject

I. The principal motive for the congress is connected to the need to consider together the system to be established by the future community directive on this matter, which will have particular impact as far as religious data is concerned. However, it is clear that the subject cannot be analysed exclusively within these limits, but should rather be approached on a broader base in terms of the more general points which will condition that system. On one hand, the standpoint of the religious phenomenon in relation to political power, both in terms of discovering exactly what kind of relationship exists, and also, above all, an examination of the level of religious freedom which must be conserved1·2. On the other hand, the current situation regarding the protection provided by each of the legal provisions for computerized (and specially personal) data, gives the growing need to establish detailed norms. The aim of arriving at a common approach, uniting all Member States of the European Community and based particularly on their constitutional traditions, should also be clearly stated. The comparison of the systems of each of these States will allow common references to be identified. This is made clear by the fact that the majority are included in the same kind of Public and Private Law

1 Although the problem of the legal - constitutional relevance of the religious phenomenon should not be confined to religious freedom, the latter is in fact of fundamental importance since it implies State orientation as far as religious belief is concerned. 2 This matter is attracting the growing attention of most constitutional lawyers given the need for the Constitution itself, with all its inherent guarantees, to establish legal controls over the protection of personal data.

128

Jorge Bacelar Gouveia

systems, and by the fact that there has been a gradual approximation over the last few years in terms of the points which previously caused divergence3. II. Our consideration on the proposed subject, from the point of view of Portuguese Law, will relate the three fundamental notions: - State-Church relations - personal data protection - religious personal data protection in particular The first two require detailed appreciation, intended to provide general information on the current legal norms in Portugal. The third has both a descriptive and a problematic character, since besides a study on the details of religious personal data protection, questions arise as to its efficiency and reliability, bearing in mind the community directive project. III. Nevertheless, the broad approach implicit in the first two parts should not, however, detract from the fact that they serve as an introduction to the third. Firstly, it is not our intention to perform an exhaustive study of State-Church relations in Portugal, but rather to highlight the main points, so as to provide a background for a study of religious data in terms of the absolute separation which exists today and the wide religious freedom which is guaranteed. In addition, as far as personal data protection is concerned, we do not propose a detailed analysis of the norms in Portugal which would take up considerable space, but to describe the basis of this regulating system with the aim of highlighting its particular effects on the protection of religious data. IV. The study will follow a legal approach, based on the interpretation and systematization of existing rules. Since it deals with information on the provision of the Portuguese legal system, it is important to show, above all, its normative significance, both in terms of Constitutional and Infraconstitutional Law. But this does not imply that considerations of legislative policy or sociological points may be presented in terms of definitive comprehension of the matters in question. Legislative policy is relevant as far as the community directive is concerned, since as this is still under discussion it is obvious that it will benefit 3 It should be said that this development owes much to the efforts made in terms of EC policy towards the harmonisation of legislation in different member states.

European Data Protection and Churches in Portugal

129

from other contributions, taken from the experience already gained by certain states4. Sociological factors are important in showing the way society reacts to the religious phenomenon, which will partly explain the range of normative solutions5.

2. Development of the Presentation

I. In accordance with the different points to be discussed, this presentation will be made up of three parts, culminating in the conclusions reached regarding each one. The first two aim at providing an overview of State-Church relations and of personal data protection in Portugal. The third deals specifically with problems concerning personal data protection of a religious nature. II. The first of the three parts will deal with relationship established, or capable of being established, between State and Church. The approach will be that of the state, and will aim to discover whether the state is confessional, secular or pro-secular, together with considerations of a sociological nature aimed at discovering how far religious freedom is guaranteed, and the legal and legalconstitutional relevance of different religions. Before analysis of the terms governing State-Church relations in Portugal, one should first consider what relationships are theoretically possible between the religious phenomenon and the State. This overview will help to understand the peculiarities of the actual situation from a conceptual point of view. The next stage provides a brief description of the development in Portuguese constitutional law since the beginning of our constitutional period, and its connection with State-Church relations. It will be necessary to relate different periods and phases of development to various kinds of relationship. Naturally, special emphasis will be given to the current provisions regarding religion established in the CRP, the respective legislation, which represents an improved position. 4 In this case the comparison between different national regimes may become a guiding criterion for community legislative policy, given the need to avoid conflict between the different forms of legislation in different member states. 5 Although the relevance of sociological considerations to the law or to the effectiveness of the law is debatable, such considerations are undeniably of interest in terms of information on the approach to the religious phenomenon in different States.

9 Robbers

130

Jorge Bacelar Gouveia

Taking into account the copious collection of normative texts, which begins with the CSSRP, the particular status of the Roman Catholic Church will also be explained, justified by its implantation in society in comparison with other religious beliefs. III. The next part will discuss another controversy, that of legal protection of personal data under the terms of current Portuguese law. There are no significant historical precedents to be discussed here6. Firstly, the various fundamental rights provided by the CRP in this matter should be examined, showing an unparalleled pioneer spirit 7. There are constitutional rights of various kinds intended to defend the individual in terms of data processing. Following this, it is important to refer to the essential points of the legal regime which has led to the infraconstitutional regulation of matters left by the CRP to the discretion of the legislator, or which provide complementary or more detailed information. IV. The final part will deal directly with the legal problems raised by religious data protection. The prior explanation will facilitate this analysis. The most important point to establish is what the CRP especially provides on this matter. This is, on one hand, the express prohibition of computerised religious personal data, and on the other hand, constitutional permission for merely statistical computer processing of such data. It is also convenient to consider from a critical point of view the regime concerning religious data protection which appears in the community directive project, to highlight some of its difficulties and to stress the points where this coincides with and contradicts Portuguese Law. V. Finally, so as to provide an overview of the different points under study, we will present the conclusions which have been reached in each part8.

6 This is understandable, given the recent nature of legal problems concerning computers, especially in terms of the dangers of violating fundamental rights. 7 In terms of significant constitutional texts, this matter only appears in France, Spain, Holland, Brazil and Germany. On some of these foreign constitutional references, see Jorge Bacelar Gouveia , Os direitos fundamentals à protecçâo dos dados pessoais informatizados, in Revista da Ordern dos Advogados, 1991, III, p. 702, note 10. 8 These will also serve as a summary of the different matters.

European Data Protection and Churches in Portugal

131

Whenever it is important to the understanding of the regime, the principal constitutional provisions will be transcribed9.

I I . The State-Church Relationship 3. Theoretical Models for the State-Church Relationship

I. The religious phenomenon is undeniably one of the components of human nature; it can be seen, with varying degrees of intensity, throughout history, all over the world. It would not be an exaggeration to state that it will always remain an important factor in human activity, relevant in particular to virtually all the sciences, to the Law (in all its different sections) and to Sociology, not to mention Politics and Philosophy10. With reference to the Law, one of the aspects of religion is the way in which relations are established with the State. This is governed by Constitutional Law, which provides the legal structure for each community. Different forms of this 9

The following abbreviations will be used: CPP - Codi go Penal Português of 1982 - decree-law 400/82 29th September, with subsequent alterations. CRP - Constituiçâo da Republica Portuguesa, approved on the 2nd April 1976 and revised by laws 1/82 30th September, 1/89 8th July and 1/92 25th November. CSSRP - Concordat between Holy See and Portuguese Republic signed in the Vatican on 7th May 1940 and altered by an Additional Protocol in 1975. CI822 - Constituiçâo de 23 de Setembro de 1822. Cl826 - Carta Constitucional de 29 de Abril de 1826. C l 838 - Constituiçâo de 4 de Abril de 1838 C1911 - Constituiçâo de 21 de Agosto de 1911. Cl933 - Constituiçâo de 11 de Abril de 1933. D U D H - Declaraçâo Universal dos Direitos do Homem - approved on the 10th December 1948. LAREP - Lei da Assistência Religiosa nos Estabelecimentos Prisionais - decree-law 79/83 9th February. L A R E T M - Lei da Assistência Religiosa nos Estabelecimentos Tutelares de Menores - decreelaw 345/85 23rd August. LARFA - Lei da Assistência Religiosa nas Forças Armadas - decree-law 93/91, 26th February. LASH - Lei da Assistência Religiosa nos Hospitals - regulamentary decree 58/80 10th October, altered by regulamentary decree 22/90 3rd August. LED AR - Lei da Eleiçâo dos Deputados à Assembleia da Republica - law 14/79 16th May. LLR - Lei da Liberdade Religiosa - law 4/71 21st August. LOC - Lei sobre Objecçâo de Consciência - law 7/92 12th ay. LPDPI - Lei de Protecçâo de Dados Pessoais Informatizados, law 10/91 29th April. LPGRC - Lei dos Principios Gérais da Reestruturaçâo Curricular - decre-law 286/89 29th August. 10 See Jorge Miranda, Manual de Direito Constitucional, IV, 2nd ed., Coimbra, 1993, p. 356. 9'

132

Jorge Bacelar Gouveia

relationship may be observed by means of historical or comparatives analysis, which lead us to the following models: identification, indifference and conflict. These models correspond, respectively, to the confessional state, the secular state and the secularising state11. II. The confessional state is defined by the existence of a State Religion, imposed upon the political community. Its laws, like those of the society as a whole, are based on the criteria imposed by the religious beliefs adopted. Within the model of the confessional state, however, there are two versions, depending on the predominance of either religious power or political power itself. In the first case, this is called theocracy; in the second, Caesaropapism. III. The secular state, unlike the confessional state, does not incorporate any religion. Nevertheless, although there is no identification, there may be StateChurch relations, either of union or of separation. As far as relations of union are concerned, that is, where there is an official religion in the state, it is important to distinguish whether the union implies the superiority of one form of power over the other (clericalism, when religious power is superior to political power, and regalism in the opposite case), or whether there is relative autonomy in the relations between one form of power and the other. As far as separation is concerned, one might distinguish relative separation, where one particular religion is given privileges or special treatment, from absolute separation, in which all religious beliefs are treated equally. IV. The secularising state adopts a position of opposition to the religious phenomenon, and normally aims to reduce or remove its various manifestations. The legal activity of the state, which often appears similar to absolute separation, aims to weaken the social intervention of religious beliefs and to establish its own direct monopoly. This, however, may occur in one of two different forms. Either the opposition is mitigated, leading to a passive secularising state, or the opposite is taken

11 On these different models, see (among others), Ramon Comas, El Estado y las Iglesias por separado, Barcelona, 1971; Marcello Caetano , Manual de Direito Administrative, I, 10th ed., Coimbra, 1972, pp. 403 onwards; R. da Costa Meireles , Igreja e Estado, in Polis, III, Lisbon, 1985, pp. 396 onwards; Pier Giovanni Caron , Corso di Storia dei Rapporti fra Stato e Chiesa, Milan, 1985; Carlos Corrai , Sistemas actuais de relaçôes entre Igreja e Estado, in Brotéria, 1987, pp. 145 onwards; Jorge Miranda , Manual..., IV, cit., pp. 355 onwards.

European Data Protection and Churches in Portugal

133

to the extreme, leading to a militant secularising state, atheistic, with no religious beliefs whatsoever.

4. Periods of Development in State-Church Relations through the History of Constitutional Law

I. As is the case of any other State, the last two centuries brought considerable change in the relations between political power and the religious phenomenon in Portugal, as can be observed through the History of our Constitutional Law. This can be analysed by means of the way in which previous constitutions dealt with the subject, since as the constitution is the text which provides structure for the State, it holds the normative decision on the matter12. An observation of our five constitutions, contrasted with the above mentioned models, shows three very distinct periods of development13: 1) Secular State in union with the Roman Catholic Church (the State religion); 2) Passive secularising State; 3) Secular State with relative separation, giving privileged treatment to the Roman Catholic Church. II. The first period corresponds to the time in which our first three constitutional texts were in force - those of 1822, 1826 and 1838. All of these were monarchical. The C182214 proclaims that the "Religion of the Portuguese Nation is the Roman Catholic and Apostolic Religion"15. There are, however, more religious references. The part dealing with fundamental rights establishes a special mechanism for dealing with abuse of freedom of the press on religious mat12 On the development of State-Church relations through the History of Portuguese Constitutional Law, see (among others) Antonio Leite , A religiäo no Direito Constitucional Português, in Estudos sobre a Constituiçâo, II, Lisbon, 1977, pp. 279 onwards; Jorge Miranda, Manual..., IV, cit., pp. 359 onwards. 13 On this point, although within the context of religious freedom, see Jorge Miranda , Manual..., IV, cit., pp. 359 and 360. 14 During the preparation of the Foundations of the Constitution, approved on the 9th March 1821, the religious phenomenon had appeared in two important aspects, which would be confirmed in the definitive constitutional text: punishment for the abuse of freedom of the press on religious matters (clause 10) and the Roman Catholic and Apostolic faith as the official religion of the Portuguese Nation (clause 17). 15

Cf. art. 25, 1st part, CI822.

134

Jorge Bacelar Gouveia

ters 16, allows private freedom of religion in the case of foreigners 17, and establishes the catechism as one of the duties to be observed in schools18. It also states that one of the duties of the "Portuguese citizen is to venerate Religion"19. And it goes on to mention that priests do not have passive electoral capacity20; that bishops and parsons do not have active electoral capacity in their respective dioceses or parishes21; that in each locality, the parson will take part in the electoral census process22; churches are designated polling stations and parsons are to participate in the electoral process23; loyalty to the Roman Catholic Church is one of the essential elements in the oath sworn by Members of Parliament on taking office, in the oath sworn by the King before his succession, in that sworn by the heir to the throne on his fourteenth birthday, and in that sworn by the Councillors of State before taking office 24; the appeal to Divinity appears in the official formula pronounced by the King when sanctioning a Law 25 ; the participation of the King in ecclesiastical appointments and the need for his consent to the respective documents26, powers which, however, were not conferred in the delegation of executive power in Brazil 27; power conferred to the Council of State in the proposal of people for the bishoprics to the King 28 . The CI826 reiterates that "The Roman Catholic and Apostolic Religion shall constitute the Religion of the Kingdom"29. As far as the organisation of State organisms is concerned, it is important to mention the following: the appeal to Divinity in the official formula of the King when approving laws30; priests and those who live in monastic communities do not have electoral capacity31; the King as head of the executive has the power to appoint bishops and to give his 16 17 18 19 2 0 21 2 2 2 3 2 4 25 2 6 2 7 2 8 2 9 3 0 31

Cf. Cf. Cf. Cf. Cf. Cf. Cf.

art. art. art. art. art. art. art.

8, 2nd part, CI822. 25,2nd part,C1822. 237, CI822. 19, C1822. 33, §5, CI822. 35, §§ 2 and 3, CI822. 43, C1822.

Cf. Cf. Cf. Cf. Cf. Cf. Cf. Cf. Cf.

arts. 46 onwards, CI822. arts. 78, 126, 135 and 166 respectively, C1822. art. 113, C1822. art. 132, § V and XII, C1822. art. 132, §§ I and VIII, CI822. art. 168, CI822. art. 6, 1st part, C I 826. art. 61, C1826. art. 65, § 4, CI826.

European Data Protection and Churches in Portugal

135

consent to ecclesiastical documents32; loyalty to the Roman Catholic Church is one of the essential elements in oath sworn by the King, the heir to the throne and the Councillors of State33; later, by means of an amendment, the patriarch of Lisbon and the archbishops and bishops of mainland Portugal became life members of the House of Peers34. In the part concerning fundamental rights, foreigners are allowed private freedom of religion, to be practised "in places for that purpose without the exterior appearance of a Temple"35, and it is guaranteed that "No one shall be persecuted for Religious motives, as long as he respects the religion of the State and does not offend Public Morals" 36. The CI838 reaffirms that "The Religion of the State is the Roman Catholic Apostolic Religion"37. In terms of fundamental rights, the guarantee that "Noone shall be persecuted for Religious motives, as long as he respects the religion of the State"38 continues, but religious freedom for foreigners, even in private, disappears. With regard to the organisation of State organisms, the following should be mentioned: the reference to Divinity in the official formula for approving laws used by the King 39 ; exclusion from voting rights for clergymen in the holy orders 40; archbishops, vicars and parsons may not be elected in their respective dioceses and parishes41; archbishops and bishops with dioceses in the Realm or in the overseas provinces may be elected to the Senate42; the power conferred to the King in appointing bishops and in giving consent to ecclesiastical documents43; loyalty to the Roman Catholic Church as an essential point in the oath sworn by the King on his succession and in that sworn by the heir to the throne on his eighteenth birthday 44. III. The second period is marked by the C1911, the first Republican constitution. The general atmosphere, on the contrary to what had gone before, was one of profound opposition to the Catholic faith, which together with the institution 3 2 3 3 3 4 35 36 37 38 39 4 0 41 4 2 4 3 4 4

Cf. Cf. Cf. Cf.

art. 75, §§ 2 and 14, respectively, C1826. respectively arts. 76, 79 and 109, C1826. art. 6, § 2 of the Acto Adicional, 24th July 1885. art. 6, 2nd part, CI826.

Cf. Cf. Cf. Cf. Cf. Cf.

art. art. art. art. art. art.

145, § 4, C1826. 3, C1838. 11, C1838. 70, C1838. 73, § 1, CI838. 75, §§ IV and V, CI838.

Cf. art. 77, § III, CI838. Cf. art. 82, §§ IV and X I I , CI838. Cf. arts. 87 and 89 respectively, CI838.

136

Jorge Bacelar Gouveia

of monarchy was considered one of the causes of the decadence in Portugal. In fact, one of the specific themes of the victorious Republican programme was social secularisation. The C1911 makes no reference to religion in the introduction, which contrasts sharply with previous constitutional texts, although the principle of secular separation would be decreed on 22nd April 1911 by the provisional government. This tendency continues in the part on fundamental rights, in which the affirmation of religious freedom is presented in a clearly anti-religious form. On one hand, it guarantees freedom of belief and of conscience45, political and civil equality for all faiths 46, prohibits persecution and exemption from rights or duties on religious grounds47 and guarantees religious freedom in places intended for the purpose and in public cemeteries, of a secular nature48. On the other hand, religious neutrality is established in public schools and in those regulated by the State49, and maintains in force all legislation referring to the extinction and dissolution of the Jesuits, religious congregations and monastic orders 50. IV. The third period covers the authoritarian regime introduced by the C1933, characterised by the separation between the State and the Church, but with preferential treatment for the Catholic faith. The C1933 dedicates its Section X especially to "Relations between the State and the Roman Catholic Church and other faiths", and for the first time explicitly mentions in constitutional terms the separation between the State and the Roman Catholic Church and other faiths 51, freedom to practise any religion both in public and in private 52, the fact that the State is prohibited from assigning temples, buildings or objects of faith belonging to a religion to any other use53, and the secular character of public cemeteries, with freedom of religious devotion54. The part on fundamental rights stipulates freedom and inviolability of religious beliefs and practices55. 4 5 4 6 4 7 4 8 4 9 5 0 51 5 2 5 3 5 4 5 5

Cf. Cf. Cf. Cf. Cf. Cf. Cf. Cf. Cf. Cf. Cf.

art. art. art. art. art. art. art. art. art. art. art.

3, § 4, C1911. 3, § 5, C1911. 3, §§ 6 and 7, C1911. 3, §§8 and 9, C1911. 3, § 10, C1911. 3, § 12, C1911. 46, C1933. 45, 1st part, CI933. 47, C1933. 48, C1933. 8, § 3, C1933.

European Data Protection and Churches in Portugal

137

The C1933 remained in force for forty-one years, and although it always fitted into the idea of separation between State and Church, it showed three different approaches to the concept of preferential treatment for the Catholic faith 56. The first period, up to 1940 - 1951, takes up the underlying pledge of the first version of the C1933, shown in two fundamental aspects. Firstly, it began to remove the vestiges of secularisation, particularly in education, teaching and culture, by making it unnecessary to obtain permission for religious instruction in private schools57, and by the declaration that public education was to be independent of any religious faith, "although this should not be rejected"58. Secondly, all religious faiths were given the right to establish themselves freely, in accordance with their hierarchies and regulations, and the State recognised them as legal entities59. The second period, from 1951 to 1971, is marked by the CSSRP and by the constitutional revision of 1951. The CSSRP establishes the legal status of the Roman Catholic Church in Portugal, thus consolidating its legal position and granting it important rights60. The constitutional revision of 1951 considers the Catholic faith as "the religion of the Portuguese Nation"61 and determines a different regime for the Catholic faith in comparison to others, as follows 62: a) while relations between the Roman Catholic Church and the State would be regulated by means of concordats and other agreements with the Holy See, relations with other religions were to remain dependant on the law, which would govern the "exterior manifestations" of the respective faiths; b) although the legal status of Catholic associations and organisations would continue to be recognized ope legis , that of associations and organisations of other religious doctrines might be recognised; c) the prohibition on "spreading doctrines which are contrary to the established order" 63 was associated with non Catholic faiths. The third period, from 1971 to 1974, relates to the constitutional revision of 1971 and to the LLR. The constitutional revision of 1971 limits the freedom to practise and to organise religious activities to those "whose doctrines do not 5 6 5 7 5 8 5 9 6 0 61 6 2 6 3

On Cf. Cf. Cf. Cf. Cf. Cf. Cf.

this, see Jorge Miranda , Manual..., IV, cit., pp. 363 and 364. art. 43, § 4, C1933. art. 43, § 3, C1933. art. 45, 2nd part, C1933. infra n° 7. art. 45, C1933, as drawn up in Law 2048, 11th June 1951. art. 46, C1933, as drawn up in Law 2048, 11th June 1951. art. 46, C1933, as drawn up in Law 2048, 11th June 1951.

138

Jorge Bacelar Gouveia

contradict the fundamental principles of constitutional order" 64, describes Catholicism as "the traditional religion of the Portuguese Nation"65 and places the matter of religious freedom at the legislative discretion of the National Assembly66. The LLR adopts an identical approach to all forms of religious faith, "with the provision of the differences imposed by their different extents of representation"67 and establishes a somewhat restrictive system of recognition for non Catholic religions 68. 5. Absolute Separation between State and Church, and Religious Freedom in the Prevailing Constitutional Law

I. The prevailing Constitutional Law, as contained in essence in the CRP, completes the development of the past, despite one or two steps backwards. The religious phenomenon appears as one of its most important points69, with two fundamental dimensions: - firstly in terms of the characterisation of the Portuguese State - secondly in the specific area of fundamental rights II. In terms of the characterisation of the Portuguese State, there are three allusions to Portugal as a secular State, with absolute separation between the State and Religious beliefs. There is a solemn affirmation of Republican principle in the introduction to the CRP, which states that "Portugal is a sovereign republic" 70. This implies, among other things, a secular dimension on the part of the state71. In addition, despite the inclusion in the section on fundamental rights to education and teaching, there is a further reiteration of the separation between churches and religious communities and the State 72 - 73 , the State is prohibited 6 4

Cf. art. 45, Law 3/71, 16th August. Cf. art. 46, Law 3/71, 16th August. 6 6 Cf. art. 8, §§ 2 and 93 d), Law 3/71, 16th August. 6 7 Cf. base II, n° 2, LLR. 6 8 Cf. base IX onwards, LLR. 6 9 On religion in the CRP, see Antonio Leite , op. cit., loc. cit., pp. 286 onwards; J.J. Gomes Canotilho and Vital Moreira , Fundamentos da Constituiçâo, Coimbra, 1991, p. 89, and Constituiçâo da Repiiblica Portuguesa anotada, 3rd edition, Coimbra, 1933, pp. 60, 242 onwards and 1065; Jorge Miranda , Manual..., IV, cit., pp. 364 onwards. 7 0 Cf. art. 1, CRP. 7 1 See J.J. Gomes Canotilho and Vital Moreira y Fundamentos..., cit., p. 89, and Constituiçâo..., cit., p. 60. Marcelo Rebelo de Sousa, on the other hand, autonomises the principle of separation between churches and the State from the Republican principle (Introduçâo à Constituiçâo da Republica Portuguesa e legislaçâo complementar, Lisbon, 1992, pp. 49 and 56). 6 5

7 2

Cf. art. 41, n° 4, 1st part, CRP.

European Data Protection and Churches in Portugal

139

from holding the right to programme education and culture according to religious orientation74, and public education is prohibited from being doctrinal 75 ' 76 . As far as constitutional revision is concerned, one of the limits to it is defined as being "the separation of Churches from the State"77, implying that, at the risk of subverting its very nature, a constitutional revision may not establish any other regime of State-Church relations except that of absolute separation. III. With regard to fundamental rights, the centre-stage is occupied by the broad, effective establishment of religious freedom in Article 41 of the CRP78»79, which includes at least two levels: an individual level and an institutional level80.

7 3

On this principle, see J.J. Gomes Canotilho and VitalMoreira, Constituiçâo..., cit., p. 244. Cf. art. 43, n° 2, CRP. 7 5 Cf. art. 43, n° 3, CRP. 7 6 On art. 43 of the CRP, see Antonio Leite , op. cit., loc. cit., pp. 288 onwards; Soar es Martinez , Comentârios à Constituiçâo Portuguesa, Lisbon, 1978, pp. 65 and 66; Isaltino Morais , José Mârio F. de Almeida and Ricardo Leite Pinto , Constituiçâo da Republica Portuguesa anotada e comentada, Lisbon, 1983, pp. 91 and 92; Jorge Miranda , Direitos Fundamentais - Liberdade religiosa e Liberdade de Aprender e Ensinar, in Direito e Justiça, 1987/88, pp. 50 onwards, and Manual..., IV, cit., pp. 383 onwards; J.L Pereira Coutinho , José Manuel Meirim , Mârio Torres and Miguel Lobo Antunes , Constituiçâo da Republica Portuguesa, Lisbon, 1989, pp. 83 and 84; J.J. Gomes Canotilho and Vital Μο rei ra } Constituiçâo..., cit., pp. 248 onwards. 7 7 J.J. Gomes Canotilho and Vital Moreira , Constituiçâo..., cit., p. 1065. 7 8 Currently with the following text: 7 4

Article 41 Freedom of conscience, religion and worship "1. Freedom of conscience, religion and worship is inviolable. 2. No-one may be persecuted, exempted from rights, obligations and civic duties, as a result of his religious convictions or practices. 3. No-one may be questioned by any form of authority concerning any of his religious convictions or practices, except in the case of the collection of statistical data which is not individually identifiable, neither he be prejudiced against for refusing to answer. 4. Churches and other religious communities are separate from the State, and are free to organise themselves and in the exercise of their functions and of their worship. 5. The freedom to teach any religion within the respective faith, together with the use of their own media to pursue their activities, shall be guaranteed. 6. The right to conci enti ous objection shall be guaranteed under the terms of the law." 7 9 On art. 41 of the CRP, see Antonio Leite , op. cit., loc. cit., pp. 286 onwards; Soares Martinez , op. cit., pp. 61 onwards; Isaltino Morais , José Mârio F. de Almeida, Ricardo L Leite Pinto , op. cit., pp. 88 onwards; J.L. Pereira Coutinho , José Manuel Meirim , Mârio Torres and Miguel Lobo Antunes , op. cit., pp. 80 onwards; J.J. Gomes Canotilho and Vital Moreira , Constituiçâo..., cit., pp. 242 onwards; Jorge Miranda , Manual..., IV, cit., pp. 365 onwards. 80 This distinction is made in an allusion to other dimensions by Jorge Miranda , Manual..., IV, cit., p. 366.

140

Jorge Bacelar Gouveia

On a merely individual level, the CRP assumes freedom of religious manifestation, individually or in group, in public or in private, in teaching, in practise, in devotion and in rites81, and says that no-one may be persecuted or exempt from rights, obligations or civil duties because of his religious convictions or practices82. It also states that no-one may be questioned about his religious convictions or practices, by any form of authority, except in the case of statistical data in which the data is not identifiable to any individual, and that a person may be not be prejudiced against in any way should he refuse to answer83. The right to conscientious objection is also established84. On the institutional level, the CRP confers certain notable rights, such as the freedom of churches from any state interference in their internal organisation and in the exercise of their functions and their devotion85, the guarantee of the freedom to teach any religion, within the respective faith 86 and the guarantee that each religious faith may use its own media forms to carry out its activities87.

6. Other Aspects of the Relevance of the Religious Phenomenon in Current Infraconstitutional Law

I. In terms of infraconstitutional legislation, there is a group of documents which provide development and detail to the regime established by the Constitution of separation between State and Church, and religious freedom. II. The main law to be considered which is still partially in force, is the LLR, with 21 points divided into 4 parts: "Fundamental principles", "Content and range of Religious Freedom", "Concerning the Regime of Religious Faith" and "Concerning Religious Secrecy". The fundamental principles and rules concerning the content and range of religious freedom are designed to clarify the object and content of this fundamental right, as are the norms concerning internal freedom for religious faiths and religious secrecy. 81 8 2 83 8 4 8 5 8 6 8 7

Cf. art. 18, DUDH. Cf. art. 41, n° 2, CRP. Cf. Cf. Cf. Cf. Cf.

art. art. art. art. art.

41, 41, 41, 41, 41,

n° 3, CRP. n° 6, CRP. n° 4, CRP. n° 5, 1st part, CRP. n° 5, 2nd part, CRP.

European Data Protection and Churches in Portugal

141

Other norms, however should today be considered invalid88. Those concerning religious majority at 18 years old 89 and concerning recognition of religions by government authorisation90 have been repealed, and the norm which allows only the recognised faiths to build or establish temples or places of worship is unconstitutional91. III. On a secondary basis, other laws establish legal regimes on religious grounds regarding concientious objection in relation to compulsory military service, imprisonment and elections. Although the CRP considers military service to be compulsory92, it allows for the right to conscientious objection on religious grounds93. The LOC clarifies this rule with the following important points: a) a citizen who holds the conviction, for religious among other motives, that "he cannot use any form of violent or similar means, even in the interest of national or personal defence" 94, is considered a conscientious objector; b) the right to conscientious objection "includes exemption from military service, in peacetime and in wartime, and necessarily implies the duty to provide civic service in accordance with the status of the individual"95; c) the status of conscientious objector is conferred by the Comissäo Nacional de Objecçâo de Consciência, composed of a judge appointed by the Conselho Superior de Magistratura, who presides, a citizen of recognised merits, appointed by the Provedor de Justiça, and the director of the Gabinete do Serviço Civico dos Objectores de Consciência96. Appeals concerning its decisions may be made to the Tribunal Administrativo de Circulo de Lisboa97. From a penal point of view, the CPP of 1982 identifies a group of punishable crimes based on acts against religious beliefs 98, which fall into two categories: firstly, public offence to religious beliefs - outrage for religious motives99, and 88 89 9 0 9 1 9 2 9 3 9 4 95 9 6 97 9 8

In this sense, see Jorge Miranda , Manual..., IV, cit., pp. 374 and 375. Cf. base V I I , n° 3, LLR. Cf. bases IX and X, LLR. Cf. base X V I I , LLR. Cf. art. 276, n° 2, CRP. Cf. arts. 41, n° 6 and 276, n° 4, CRP. Cf. art. 2, LOC. Cf. art. 1, n°2, LOC. Cf. art. 28, n° 2, LOC. Cf. arts. 25 and 27, LOC. Cf. Jorge Miranda, Manual..., IV, cit., p. 376.

9 9 Cf. art. 220, n° 1, CPP: "Whoever slanders or offends another, publicly, in a low, vile or gross manner, because of his religious functions or beliefs, shall be punished with a prison sentence of up to one year and a penalty of up to 100 days".

142

Jorge Bacelar Gouveia

secondly, acts related to religious worship - religious coercion 100, impediment or interruption of worship 101, outrage against religious worship 102 and slander or offence against a minister of any religion 103. Electoral legislation prohibits the election, in the local area of activity 104 , of ministers of any religion or faith with jurisdictional powers 105. This measure would appear to be unconstitutional, as it violates the principles of separation between State and Church. Just as the State may not show favouritism towards any religion, by giving it privileges, it should not, by the same token, remove, from a certain category of its members, rights granted to all citizens in general 106. 7. The Special Legal Status of the Roman Catholic Church

I. From the brief description above of the constitutional regime governing State-Church relations, the existence of a secular state and the broad acceptance of religious freedom can clearly be seen. But this does not mean that the various religions enjoy the same sociological importance. In 1981 a nationwide census was held 107 , and the questionnaire included a question on religion. The results, concerning the resident population of over 12 100 Cf. art. 221, n° 1, CPP: "Whoever, by means of violence or threat of serious harm, forces another to participate or not to participate in religious worship, shall be punished with a prison sentence of up 6 months or a penalty of up to 50 days". 101 Cf. art. 222, n° 1, CPP: "Whoever, by means of violence or threat of serious harm, prevents or interferes with the legitimate exercise of worship of any religion shall be punished with a prison sentence of up to one year and a penalty of up to 100 days". 102 Cf. art. 223, n° 1, CPP: "Whoever, publicly slanders or vilifies an act of religious worship shall be punished with a prison sentence of up to one year and a penalty of up to 100 days". 103 Cf. art. 224, n° 1, CPP: "Slander or offence against a minister of any religion in the legitimate exercise of his ministry shall be punished with the penalty provided for slander and offence, increased by one third in its maximum and minimum limits". 1 0 4 Cf. art. 6, n° 1, in fine, LED AR, which provides that "Ministers of any religion or faith with powers of jurisdiction may not be candidates in the locality where they exercise their activity". 105 On this subject, doctrine, see the position of Jorge Miranda (Manual..., IV, cit., p. 377), on non-unconstitutionality, since this innelligibility would be justified by sociological or constitutional reasons, and by the understanding that the exclusion of priests from activity in political parties is in fact an important safeguard for religious freedom itself, and in jurisprudence, ac. n° 602/89 of the Tribunal Constitucional of the 7th December 1989, in Diario da Republica, 2nd series, 6th April 1990. 106 It is clear that the problem of a knowing i f a certain religion allows one of its priests to become a candidate for a political position is a matter for the international organisation and regulation of each religion, and has nothing to do with the State. 107 In 1991 the X I I I General Census of the Population was carried out, but as yet, despite the fact that most of the data has been published, no information is available on religious matters.

European Data Protection and Churches in Portugal

143

years old, were as follows: 1) Population which answered the questionnaire 6.721.889; 2) Roman Catholic population - 6.352.705; 3) Orthodox population - 2.564; 4) Protestant population - 39.122; 5) Population with other Christian beliefs - 59.985; 6) Jewish population - 5.493; 7) Islamic population - 4.335; 8) Population with other religious beliefs - 3.899; 9) Population with no religious beliefs - 253.786108. This shows the remarkable hegemony of the Roman Catholic Church and also justifies mention of the respective status under Portuguese Law. The fundamental text here is the CSSRP, an international convention still in force, although there are other documents which complement the directives which emanate from it. The Catholic Church in Portugal is organised into 20 dioceses, divided into 3 ecclesiastical provinces of Braga, Évora and Lisboa. Without counting the territories of Macau and East Timor, there are 4.318 parishes. There are 20 bishops, 12 auxiliary bishops and 3.435 priests 109. Various social services either belong to or are directed by the Church, including 26 hospitals, 42 mobile clinics and dispensaries, 295 homes for the aged people, chronically sick or handicapped, 187 orphanages and other care centres for children, 210 creches, 16 consulting services for families and other centres for the defence of life and of the family, 26 centres for education or special education, 795 social centres, 3.897 brotherhoods and sisterhoods and 339 charitable institutions110. II. The CSSRP111 begins with the promise made by the Portuguese State to recognise the Catholic Church as a legal entity, not under national law but under International Law. This makes it possible to establish international legal relations, an example of which is the CSSRP itself, an international treaty 112. This recognition is not confined to the institution as a whole, but allows the Roman Catholic Church to organise itself freely in an international sense, which in turn allows the associations or organisations it established to be recognised as legal entities in their own right113. The inevitable corollary to this is the freedom to negotiate conferred upon the associations and organisations,

108

Cf. X I I General Census of the Population - Definitive Results, Lisbon, 1984, p. 291. Cf. Anuârio Católico de Portugal 1991-1994, Lisbon, 1992, p. 41. 110 Cf. Anuârio..., cit., pp. 41 and 42. 111 On the CSSRP in Portuguese Law, see Jorge Miranda , A Concordata e a Ordern Consti tucional Portuguesa, in Direito e Justiça, 1991, pp. 155 onwards, and Manual..., IV, cit., pp. 368 onwards. 112 Cf. art. I, CSSRP. 113 Cf. art. II, CSSRP. 109

144

Jorge Bacelar Gouveia

which may freely acquire and dispose of goods under the same terms of civil Legislation114. The treaty expressly recognises the freedom of the Roman Catholic Church in exercising its authority and in communication between its members115. In addition, it assures the free practice of worship 116 in public or in private, providing the clergy with State protection during their ministry 117 or the use of the habit 118 . They may not be questioned about facts which are to their knowledge119, and should not assume obligations which are incompatible with their status120. In this way, military obligations are fulfilled by means of religious assistance to the armed forces 121. The third point to be considered is the legal and civil relevance of the Catholic marriage. The general principle is that a Catholic marriage has effects under Civil Law through entry in the Registry Office 122. Catholic marriages are governed by Canon Law 123 , and questions concerning nullity are at the discretion of the appropriate ecclesiastical courts 124. Social practice, in accordance with data for 1990, would seem to confirm this, since 72,5 % of the 71.654 marriages celebrated in that year were catholic125. A further point is that the Roman Catholic Church is accepted as the owner of goods which are in the possession of the State126 but which previously belonged to the Church, given the guarantee in relation to expropriation 127. In addition, the Church is exempted from all taxation128, and may receive collections from the faithful so as to achieve its objectives129. It may establish its own pri-

114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129

Cf. Cf. Cf. Cf. Cf.

art. art. art. art. art.

IV, CSSRP. II, CSSRP. X V I , CSSRP. XI, CSSRP. X V , CSSRP.

Cf. Cf. Cf. Cf. Cf. Cf. Cf. Cf. Cf. Cf. Cf.

art. XII, CSSRP. ait. X I I I , CSSRP. art. X I V , CSSRP. art. X X I I , CSSRP. art. X X I V , CSSRP. art. X X V , CSSRP. Anuârio..., cit., p. 42, note 5. art. VI, CSSRP. art. VII, CSSRP. art. V I I I , CSSRP. art. V, CSSRP.

European Data Protection and Churches in Portugal

145

vate schools, and religious education and the founding of seminaries and ecclesiastical cultural establishments do not require State authorisation130. III. Subsequent internal laws regulate other aspects of the status of the Roman Catholic Church, such as religious assistance and religious instruction in public education. In terms of religious assistance, the Portuguese State recognises catholic religious assistance in prisons, child care centres, hospitals and the armed forces, under the LAREP, LARETM, LASH and LARFA respectively. In all cases the incumbent ministers are freely appointed by the appropriate ecclesiastical authorities, which decide on the direction of their activities and on the contracting of such ministers by the State. Their mission is considered to be a spiritual public service, and thus eligible for public funding. As far as education is concerned, the LPGRC provides the curriculum of basic and secondary education with a subject called Moral Education and the Catholic Religion, an alternative to another subject called Personal and Social Development131. IV. There has been much discussion of the constitutional validity of the norms specifically aimed at the Roman Catholic Church, as a result of their alleged violation of the concept of absolute separation, with equal treatment, between the State and the religious faiths, and also of religious freedom itself. 7.7 Gomes Canotilho and Vital Moreira clearly agree that there are violations, referring specifically to certain provisions in the CSSRP concerning tax matters, recognition as a legal entity and of protection for the clergy, and to the various laws on religious assistance and the teaching of Catholic morals and religion in public schools. In their opinion, these points constitute a benefit or privilege granted to one particular religion in violation of the secular character of the Portuguese State132. Jorge Miranda , on the other hand, feels this is not unconstitutional, given the approach followed by the organisms which check constitutional validity. In his point of view, the Constitution allows different forms of treatment for different faiths, as long as this is not discriminatory. The essential point is that the rule of freedom, in all its forms, must be valid for all faiths, irrespective of the number of followers, and that all religious organisations should enjoy the same 130 131

Cf. art. X X , CSSRP. Cf. art. 7, n° 4, LPGRC.

10 Robbers

Jorge Bacelar Gouveia

146

constitutional and legalrights. But that principle does not impede specific rules directed to the Roman Catholic Church, given its historical and sociological impact, as long as these rules correspond to criteria of objectivity, necessity and suitability"133. These laws may, however, be open to criticism if they prejudice other religions. "They are not open to criticism just because they provide for teaching and religious assistance, since in practical terms silence makes the anti-religious position redundant, but because they do not also provide for teaching and assistance on the part of other religions" 134. As a result, he considers that "they should not be considered actively unconstitutional" but rather "they are or may be partly unconstitutional by omission, and thus the mechanism provided for by article 238 of the Constitution may be put in motion 135 . We would go a little further, and suggest that there is not even unconstitutionality by omission. The fact that legislation exists which is especially directed to the Roman Catholic Church can be explained by its quality as an institution, which makes it possible to establish a legislative dialogue with the State. Naturally, no such legislation exists in relation to other religions since their dispersion and relatively weak internal organisation have not yet allowed it. In any case, the Roman Catholic Church should not be penalised for its efforts and dynamism in defending the teaching and assistance to which it has a right, in the same conditions as any other religion.

I I I . Legal Protection of Computerised Personal Data 8. Fundamental Rights to Computerised Personal Data Protection

I. Nowadays, it is quite normal to use computers in all areas of human life 136 . The benefits offered by computers are so great that it is difficult to imagine doing certain tasks without their help. The computer revolution thus marks a milestone in the new era of the development of Humanity, and its im-

132

Constituiçâo..., cit., pp. 244 and 245. Manual..., IV, cit., p. 370. 134 Manual..., IV, cit., p. 375. 135 Manual..., IV, cit., p. 376. 136 A.F. Marques de Carvalho , Informatica, in Polis - Enciclopédia Verbo da Sociedade e do Estado, III, Lisbon, 1985, pp. 554 onwards. 133

European Data Protection and Churches in Portugal

147

plantation in human culture has led to studies in the field of Social Sciences, given a new factor which conditions both individual and group behaviour137. The Law also became quickly aware of this question. With the vertiginous succession of technical improvements which have been making computers more powerful and more available, it became impossible to leave them outside the law. Cases of injustice and insecurity gradually began to grow, making it necessary to introduce measures to correct and stabilise the situation. The subject has branched off in different areas138, as part of a development which is still continuing. The most important concerns in relation to computers are undoubtedly those of Constitutional Law, regarding the preservation of the freedom and privacy of the individual. The establishment of new fundamental rights in this area appears fully justified given the danger which increased memory and processing capacity, and data interface facilities, represent to the above mentioned values139. An observation of certain foreign constitutional terms 140 and of International Law 141 leads to the conclusion that we have definitely opted for the generalisation of such protection, and that the theory of their harmlessness, defended mainly by those with related commercial interests, has not prevailed. This lobby argues firstly that computers themselves are not dangerous, but rather the intentions of their users, and secondly that they are in fact an advan137 Not so much as a means of science, as is the case with physics and mathematics, but as the object of science, to be observed and studied. 138 The implications of the computer phenomenon are so vast that it may even lead to a new branch of the law. On this subject, see the position of Isabel Reis Garcia , Do Direito da informatica a um anteprojecto de lei de protecçâo de dados pessoais, in Revista da Ordern dos Advogados, 1989, pp. 979 and 980. 139 This danger is clearly underlined by Soar es Martinez (op. cit., p. 51), who writes: "The special reservations regarding computers seem to be based on three kinds of circumstances. The possibilities they offer in terms of centralising data concerning one individual; the tendency towards greater permanence on the part of the records; and the specific errors attributable to computers". 140 See the overview given by José Antonio Barreiros, Informatica, liberdades e privacidade, in Estudos sobre a Constituiçâo, I, Lisbon, 1977, pp. 121 and 122; José Augusto Garcia Marques , Parecer da Procuradoria Geral da Republica, in Boletim do Ministério da Justiça, n° 294, 1980, pp. 129 onwards; M. J anuârio Gomes, Ο problema da salvaguarda da privacidade antes e depois do computador, in Boletim do Ministério da Justiça, n° 319, 1982, pp. 39 onwards. 141 On an international level, a convention for the protection of people in relation to the computerised processing of personal data was signed on 28th January 1981, under the auspices of the Council of Europe. This has not yet been ratified by Portugal. Concerning this convention, see José Augusto Garcia Marques , A Lei n° 10/91 de 29 de Abril: lei de protecçâo de dados pessoais face à informatica, in Colóquio, Informatica e Tribunais, Lisbon, 1991, pp. 381 and 382; Amàvel Raposo, A convençâo de protecçâo de dados do Conselho da Europa na expectativa da ratificaçâo portuguesa, in Colóquio, Informatica e Tribunais, Lisbon, 1991, p. 439; Maria Eduarda Gonçalves , The Legal nature of personal data protection, in Law and Computers, II, Milan, 1991, pp. 1061 onwards.

1

148

Jorge Bacelar Gouveia

tage in this question since they allow more sophisticated security mechanisms to be designed142. II. Fortunately, the current Portuguese Constitutional Law is no exception in terms of concerns regarding the protection of people from computer activity. Article 35 of the CRP is dedicated to the subject143, and has been successively improved by the constitutional revision of 1982 and 1989144 The original version of the article included only three clauses, more or less equivalent to the present clauses 1, 3 and 5. The first of these bestowed the right to access computerised data and its objectives, together with the possibility of insisting that it should be rectified and brought up to date. The second prohibited the computerisation of highly personal data, and the third prohibited the attribution of a single national number to each citizen. The constitutional revision of 1982 added two new clauses, similar to the present clauses 2 and 4. The first of these prevented third-party access to computerisedfiles, their respective interface and exit from the country, although the law may establish exceptions. With the other, the fundamental text expressly gave the law the responsibility of defining the concept of personal data. The revision also modified clauses 1 and 2, by broadening the sense of "computerised data" and by complimenting the concept of "highly personal data" with data referring to philosophical convictions and membership of political parties or trade unions. The point as to whether the data is classified as personal or not was specified by reference to whether or not the person concerned was identifiable. Like the revision of 1982, that of 1989 also brought some changes. The most important of these was the addition of a sixth clause, which autonomised the 142 Cf. José Augusto Garcia Marques, Parecer..., cit., loc. cit., pp. 123 and 124, and M. Januàrìo Gomes, op. cit., loc. cit., pp. 44 onwards. 143 On art. 35 of the CRP, see José Antonio Barreiros , op. cit., loc. cit., pp. 124 onwards; Soar es Martinez , op. cit., pp. 51 and 52; Isaltino Morais , José Mârio F. de Almeida and Ricardo Leite Pinto , op. cit., pp. 76 and 77; J.L Pereira Coutinho , José Manuel Meirim , Màrìo Torres and Miguel Lobo Antunes, op. cit., pp. 66 onwards; Parecer da Procuradoria Gérai da Republica de 10 de Maio de 1990, published in Diario da Republica, I I series, n° 289, 17th December 1990; Jorge Bacelar Gouveia , op. cit., loc. cit., pp. 709 onwards; Alberto Martins , Protecçâo de dados pessoais informatizados na Constituiçâo da Republica Portuguese in Colóquio Informatica e Tribunais, Lisbon, 1991, pp. 427 onwards; J.J. Gomes Canotilho and Vital Moreira, Constituiçâo..., cit., pp. 215 onwards. 1 4 4 The third constitutional revision of 1992, brought about by Law 1/92 25th November, only refers to the probable incorporation of the Treaty of European Union into the Portuguese legal system. On the alterations made by the constitutional revisions of 1982 and 1989 to art. 35 of the

European Data Protection and Churches in Portugal

149

matter of the exit of data from the country, which reduced the effectiveness of the previous provisions. The other alterations were mere details: clause 1 began to allow legal restrictions on State secrets and judicial confidentiality; clause 4 broadened the responsibility of the law in defining the concept of data bases and data banks, and in regulation the respective conditions of access, set up and use145. III. The study of fundamental rights to personal data protection in general, under the terms in which they are constitutionally guaranteed146, should differentiate the various holders of these rights, the object of these rights and the regime to which they are subject. As far as the holders of the rights are concerned, two questions may be brought up, given that it is accepted that the reference made by the text of the CRP to "citizen" does not lead the doubts as to the target being physical people who hold Portuguese citizenship. Concerning the first question, the current constitutional principle of equal rights147 provides that foreigners should bene-

CRP, see Jorge Bacelar Gouveia , op. cit., loc. cit., pp. 703 onwards; José Augusto Garcia Marques , A Lei n° 10/91..., cit., loc. cit., pp. 384 onwards. 145 Given the alterations made by the constitutional revisions of 1982 and 1989, and given the fact that the 1992 revision made no changes, article 35 remains as follows: Article 35 The Use of Computers "1. A l l citizens have the right to know about data in computerised files or records which concern them, together with the objectives of the latter, and may require the rectification and updating of such data. This does not affect the provisions of the law regarding State secrets and Judicial secrets. 2. It is prohibited to access computerised files and records to discover personal data related to third parties, and to interface such data, except under the terms established by the law. 3. Computers may not be used in the processing of data referring to philosophical or political convictions, membership of political parties or trade unions, religious beliefs or private life, except in the case of the processing of statistical data which is not individually identifiable. 4. The law defines the concept of personal data for the purposes of computerised records, together with data bases and data banks and their respective conditions of access, setup and use by public and private entities. 5. The attribution of a single national number to the citizens is prohibited. 6. The law defines the regime applicable to the exit of data from the country, and establishes adequate forms of protection for personal data and other data to be safeguarded in the national interest." 146 In relation to this point, one might also consider the terms in which legal entities in general are bound to these rights. The answer ought to be their general binding. On this point, see Jorge Bacelar Gouveia , op. cit., loc. cit., pp. 712 and 713. 147 On this constitutional principle, see J J. Gomes Canotilho , Direito Constitucional, 5th ed., Coimbra, 1991, pp. 567 onwards; J J. Gomes Canotilho and Vital Moreira, Constituiçâo..., cit., pp. 134 and 135; Jorge Miranda , Manual de Direito Constitucional, III, 2nd ed., Coimbra, 1988, pp. 135 onwards, and Manual..., IV, cit., pp. 196 onwards.

150

Jorge Bacelar Gouveia

fit from the same rights (including fundamental rights) as the Portuguese148. This means that these categories of people are also eligible, since we are not dealing with the exceptions related to political rights or public duties of a technical nature, or other rights available only to the Portuguese149. The answer to the other question is more difficult, since at first glance it would seem unsuitable to attribute fundamental rights, aimed at the protection of privacy, to collective entities. Nevertheless, other fundamental rights of a similar nature have already been attributed to such entities, such as those related to the inviolable confidentiality of correspondence and of premises, and in the case at hand it would seem totally justified to attribute such rights to such entities, thus applying to the other side of the constitutional principle of universality 150 ' 151 . Clarification of the sense of the expression "personal data", the object of these rights comes almost entirely from the CRP itself, which refers simultaneously to "personal data in computerised files and registers" 152 and to "statistical data which is not individually identifiable" 153. We can therefore divide it into three parts 154: firstly, a collection of information or knowledge which describes a certain reality, fact or situation; secondly, this information or data refers to people, and not to non-human things, and must be identified or identifiable with those people155; finally, these rights only make sense when directed towards data which is subject to computerisation, and not when subject to other working methods, tools or processes156. The inclusion of these fundamental rights in chapter I of title II of part I of the CRP, dedicated to "Personal rights, liberties and guarantees", together with the clearly preceptive nature of the norms which attribute these rights, deter-

148 149 150

Cf. art. 15, n° 1, CRP. Cf. art. 15, n°2, CRP.

Cf. art. 12, n°2, CRP. On this constitutional principle, see José Carlos Vieira de And rade, Os direitos fundamentals na Constituiçâo Portuguesa de 1976, Coimbra, 1983, pp. 175 onwards; J.J. Gomes Canotilho and Vital Moreira, Constituiçâo..., cit., pp. 122 onwards; Jorge Miranda, Manual..., IV, cit., pp. 196 onwards. 152 Cf. art. 35, n° 1, CRP. 153 Cf. art. 35, n°3,CRP. 15 4 Jorge Bacelar Gouveia, op. cit., loc. cit., pp. 714 and 715. 155 In the same sense, see J.J. Gomes Canotilho and Vital Moreira, Constituiçâo..., cit., p. 218. 156 One might feel, however, the need to extend this protection to manual files, since they may also threaten the fundamental personal liberties. 151

European Data Protection and Churches in Portugal

151

mines the application, on equal terms with the common regime of fundamental rights, of the specific regime of rights, liberties and guarantees157. IV. An observation of the fundamental rights to protection of personal data in particular highlights four kinds of rights, all different in terms of content. In other words, they are different in terms of the usefulness they provide to the holder of therights concerning the object in question. The four kinds of right are as follows 158: - the right to the control of personal data; - therights to the non-publication of personal data; - the right to the prohibition of the processing of highly personal data; - the guarantee of the non-attribution of a single national number. The first of these159 is divided into four forms of action regarding personal data: the power to know its content, the power to know the reason why it is being stored, the power to demand its rectification and the power to demand it be brought up to date. The second160 is divided into two different parts: the subjective part aims to prevent the divulgation of the content of the personal data to third parties, thus guaranteeing confidentiality; the objective part aims to prevent an exchange of information between different files so as to prevent the creation of a computerised global portrait about the person161. The third 162 deals purely and simply with the prohibition of the processing of certain kinds of data - the so-called "highly personal" data. The nomenclature here is rather limited in scope163. 157 On the characterisation of this regime, see Jorge Miranda , Ο regime dos direitos, liberdades e garantias, in Estudos sobre a Constituiçâo, III, Lisbon, 1979, pp. 41 onwards, and Manual..., IV, cit., pp. 275 onwards; José Carlos Vieira de Andrade , op. cit., pp. 210 onwards; J.J. Gomes Canotilho , op. cit., pp. 589 onwards. 158 Cf. Jorge Bacelar Gouveia , op. cit., loc. cit., pp. 717 onwards; J.J. Gomes Canotilho and Vital Moreira , Constituiçâo..., cit., pp. 216 onwards. 159 Provided for in n° 1 of art. 35 of the CRP. 160 Provided for in n° 2 of art. 35 of the CRP. 161 In fact the free interfacing of files can become extremely dangerous. On this point, see J.J . Gomes Canotilho and Vital Moreira , Constituiçâo..., cit., pp. 217 and 218: "This prohibitions aims to attenuate three of the greatest dangers which the use of computers implies to the citizen: a) the danger of concentration, given the possible connections between computerised files (tax, social security, police, etc.), would lead to centralisation and complete control over the citizens; b) police danger, since through interfacing the police would be able to obtain new, secret forms of control over the lives of the citizens; c) the danger of multiplication of files, i.e. the accumulation of information on an individual via an uncontrollable number of files ("wild files"). 162 Provided for by n° 3 of art. 35 of the CRP. 163

On this, Jorge Bacelar Gouveia, op. cit., loc. cit., pp. 725 and 726.

152

Jorge Bacelar Gouveia

The fourth, which is a guarantee164 aims to prevent the adoption of a common identification code, which would make access to information simpler 165. The simple national number is understood to mean a computerised code, which could show different sides of a person, in terms of the computerised processing of his personal information. V. The evaluation we may make in relation to the protection envisaged by the CRP as far as the use of computers is concerned is quite positive. It is sufficient to mention four of the more important points166. In the first place, the nomenclature used to describe the various fundamental rights in relation to the processing of personal data deserves our attention. The constitutional text could have ended up as a vague, titular regulamentation so typical of the ordinary legislator. On the contrary, there was a will to go further, to present a whole range of rights to be fundamental rights in the judicial system, which provides for a vast range of situations167. The precision and attention to detail achieved in drawing up theserights also deserves our applause. The constitutional concepts used are extremely concise, which only reinforces the guarantees offered to their beneficiaries, and thus minimises the dependence on legislative or jurisdictional interpretation 168. It should also be mentioned that the number of constitutional questions to be referred to the law was reduced to a minimum, and that in general the freedom of configuration on the part of the legislator is hardly apparent169.

164

Provided for by n° 5 of art. 35 of the CRP. The attribution of a single national number may bring not only political danger but also the risk of a loss of individuality. On this, Soares Martinez , (op. cit., p. 52) mentions: "It is understood that, brevitatis causa, there are numbers for each individual at school, in the military services, for tax purposes, etc. But these should not be used to contribute towards the erasure of personality. It is important that at all times each number corresponds to a name, to a birthplace, to marital status, and other personalised elements". 166 CRp i s t he most perfected constitutional document, in terms of the c a n e v e n say protection it provides to the individual in relation to the use of computers. 165

167

As we have seen when referring to each of these subjective positions in this area. Imprecise concepts automatically presuppose an evaluation on the part of those who interpret and apply the norm, obviously after it has been issued. On this matter, see (among others): J. Baptista Machado , Introduçâo ao Direito e ao Discurso Legitimador, Coimbra, 1983, pp. 113 and 114; Antonio Menezes Cordeiro , Da boa fé no Direito Civil, II, Coimbra, 1985, pp. 1176 onwards; Karl Englisch , Introduçâo ao Pensamento Juridico, 6th ed., Lisbon, 1988, pp. 208 onwards; Karl Larenz, Metodologia da Ciência do Direito, 2nd ed., Lisbon, 1989, pp. 140 and 141. 169 On this very point, regarding n° 4 of art. 35 of the CRP, J.J. Gomes Canotilho and Vital Moreira, Constituiçâo..., cit., p. 218. 168

European Data Protection and Churches in Portugal

153

Finally, the application of the particularly solid regime concerning rights, liberties and guarantees in general 170 reinforces the constitutional status of these fundamental rights. 9. The Infraconstitutional Regime for the Protection of Computerised Personal Data

I. The establishment of a considerable number of fundamental rights to protection of personal data in the CRP is complimented by the judicial regulations provided by Portuguese Law on the subject. In certain cases, article 35 of the CRP refers matters to infraconstitutional law for definition, as is the case with clause 5, which affirms that "the law defines the concept of personal data for the purposes of computerised records, as is the case with data bases and data banks and the respective conditions of access, set up and use on the part of public and private entities". In terms of the exit of data from the country, the CRP goes further and remits the whole of the respective regulation to the law. Clause 6 is clear when it says that "the law defines the regime to be applied to the exit of data from the country, and establishes adequate forms of protecting personal and other data to be safeguarded in the national interest." In other situations, legislative intervention is necessary in regulating the exercise of these fundamental rights, so as to avoid collision or so as to prevent abuse, or in order to avoid discipline in other areas where judicial attention is in need. II. This task was recently performed by the LPDPI - this law arrived fifteen years two late, given the constitutional requirement that it be drawn up 171 , particularly as far as the above mentioned first two cases are concerned, thus leading to the only decision on unconstitutionality by omission made so far by the Tribunal Constitucional, number 182/89172. This law is relatively long and complicated, and features 45 articles and nine chapters, entitled "General Dispositions", "Concerning the Comissäo Nacional de Protecçâo de Dados Pessoais Informatizados", "Concerning the automatised processing of personal data", "Concerning automatised files and personal data 170 Which we have just briefly highlighted. 171 On the various vicissitudes involved in the making of this law, see José Augusto Garcia Marques , A Lei 10/91..., cit., loc. cit., pp. 391 onwards.

154

Jorge Bacelar Gouveia

bases and data banks", "Concerning the collection and interface of personal data", "Concerning individual rights and guarantees", "Exits of data from the country", "Transgressions and Sanctions", and "Transitory and Final Dispositions" 173 . III. In connection with the exercise of legislative discretionary powers conferred by the Constitutional Legislator, some of the definitions imposed by the CRP should be mentioned: conditions of access, the set up and use of data bases and data banks by public and private entities, and the regime governing the exit of data from the country. Chapter I, "General Dispositions", provides definitions of the concepts of personal data, data base and data banks. Personal data is "any information relating to an identified or identifiable individual person, where identifiable is considered to mean a person whose identification would not involve unreasonable costs or time" 174 . A data base is "a collection of inter-related data, stored and structured in controlled form, intended to serve one or more computerised applications"175. A data bank is "a collection of data related or relatable to a certain subject"176. Chapter IV establishes the terms under which data bases and data banks are to be controlled. The respective set-up should include all elements on the person responsible for the file and on the file itself, depending on the opinion or authorisation of the Comissäo Nacional de Protecçâo de Dados Pessoais Informatizados, variable according to whether the subject is personal data or statistical data. In the former case, authorisation must be given under a special law 177 . Exits of data from the country are subject to the only article of Chapter VII and to an indirect regime. It is considered that the law in question is equally applicable in this case, although the Comissäo Nacional de Protecçâo de Dados Pessoais Informatizados may authorise such exits on condition that the receiving State assures equivalent forms of protection to those available under Portuguese Law. These cases may also be prohibited if there are "well-founded 172

Published in Diario da Republica, I series, n° 51, 29th March 1989. On this law in general, see Isabel Reis Garcia , Apreciaçâo na generalidade e na especialidade ao projecto-lei n° 318/V - Os direitos dos cidadäos face à informatica, in Revista da Ordern dos Advogados, 1991, II, pp. 591 onwards; José Augusto Garcia Marques , A Lei n° 10/91..., cit., loc. cit., pp. 407 onwards. 174 Cf. art. 2 a), LPDPI. 175 Cf. art. 2 e), LPDPI. 176 Cf. art. 2 f), LPDPI. 177 Cf. arts. 17 and 18, LPDPI. 173

European Data Protection and Churches in Portugal

155

reasons for believing that their transfer to another State is aimed at evading the prohibitions or conditions provided for by the Law, or to facilitate their unlawful use"178. IV. In addition to the strict confines of the CRP, it is important to mention the statute of the Comissäo Nacional de Protecçâo de Dados Pessoais Informatizados, rules on the automatised processing of personal data, rules concerning the collection and interface of personal data, the regulation of the exercise of the fundamental rights provided for in the CRP, and matters connected with transgressions and sanctions. The Comissäo Nacional de Protecçâo de Dados Pessoais Informatizados, which is made up of seven members, is in general terms responsible for the control of personal data processing, strictly within the boundaries established by the fundamental rights and by the law. It is a public body, working closely with the National Assembly. Its members are subject to a severe statute of duties and incompatibilities, and all entities must cooperate with the functioning of this organism179. As far as the automatised processing of personal data is concerned, one should mention the addition of other highly personal data which must not be computerised due to their personal nature - ethnic origin, criminal convictions, suspicion of illicit activities, state of health and financial and property situations180 - together with the need to comply with certain procedures in the collection of data. The data must not mislead, and must strictly serve its original purposes181. During the collection of the data, those who provide it should be informed of the nature of its collection, its forms and the responsible person or entity. Interfacing is prohibited, except in cases authorised by the Comissäo Nacional de Protecçâo de Dados Informatizados or in cases of public data. With regard to fundamental rights, the right to control over personal data is reiterated, and the information must be given in clear, uncoded terms, although

178 179 180 181

Cf. art. 33, LPDPI. Cf. arts. 5 onwards, LPDPI. Cf. art. 11, n° 1 b), LPDPI. Cf. art. 12, LPDPI.

Jorge Bacelar Gouveia

156

mechanisms may be introduced so as to avoid abuse182. Those responsible for computerised files are subject to strict professional secrecy183. Finally, it is considered a crime, subject to a prison sentence or variable penalty - 1 to 2 years or 120 to 240 days respectively - 1 8 4 to perform acts in contravention of the constitutional and legal regime governing the use of computers 185, such as the illegal use of data, obstructing access, illegal interfacing, false information, unauthorised access, tampering or destroying data and the violation of secrecy.

IV. Legal Protection of Computerised Religious Data 10. The Right to Prohibition of the Computerised Processing of Religious Personal Data

I. The CRP, in its regulations on fundamental rights to the protection of personal data, does not simply say that the holders of therights may have access to that data, that they may correct or update it or that they may prohibit its publication. Perhaps the greatest and most original step forward taken by this Constitution is the prohibition of computerised processing of certain kinds of personal data186. The motive for such an apparently drastic measure clearly shows the philosophy underlying the constitutional and legal importance of protecting personal data - the danger that computerised processing of such data constitutes a powerful weapon allowing the State to control the lives of its citizens. Nevertheless, the LPDPI allows the possibility of "computerised processing of personal data by an institution where the data is voluntarily provided by the people concerned, in the full knowledge of its objectives"187. II. Let us now turn to one of the areas of highly personal data, "data concerning (...) religious belief'. One needs to go further in the study of this point in 182

Cf. art. 28, LPDPI. Cf. art. 32, LPDPI. 1 8 4 Cf. art. 43, LPDPI. 185 Cf. arts. 34 onwards, LPDPI. 186 On this right, see Jorge Bacelar Gouveia , op. cit., loc. cit., pp. 725 onwards; J J. Gomes Canotilho and Vital Moreira, Constituiçâo..., cit., p. 218. 187 Cf. art. 11, n° 4, LPDPI. 183

European Data Protection and Churches in Portugal

157

order to discover the extent of the fundamental right in this particular area, to establish what lies behind the expressions used. It is also important to clarify what constitutes religious information, semi-religious information, and even religion itself. This will help determine exactly what is prohibited. III. One can never hope to definitely determine once and for all the normative sense of the object of this fundamental right by means of simple interpretation. The idea of "religious belief, a rather vague concept, allows certainty on only few points. There are certain data about which we could legitimately question, in terms of whether they should be included or not. The simplest and most certain aspect is to link "religious belief' to the fact of whether or not the people concerned are religious, if they practise their faith, and how often. This is therefore information as to the status of a believer, and the degree and level of participation in the respective religion. This sense is confirmed by the reference in the CRP to religious freedom: "No-one may be questioned by any form of authority as to his religious convictions or practice" 188 . However, this immediately causes two problems. Firstly, the line drawn between religious data and an idea deeply influenced by religious thought, e.g. a person's opinion on the death penalty or on a particular social problem, and secondly, the concept of religion itself has recently become very broad. IV. The content does not seem to cause so many problems as the object, although there may be some doubts about its scope. According to the literal sense of the CRP, this right prevents this data from being processed, and thus has a negative sense, obliging abstention. In turn, the absence of constitutional specification on the various kind of operation which the use of computers includes is aimed at prohibition any kind of processing of the data in question. This begins with the register itself, irrespective of any linkage or storage189. On the other hand, it would seem that this right is not applicable to manually processed personal data. This gives the right a highly specific nature, and sug-

188 189

Cf. art. 41, n° 2, 1st part, CRP. Jorge Bacelar Gouveia , op. cit., loc. cit., p. 726.

158

Jorge Bacelar Gouveia

gests that the related dangers do not arise (or at least not so easily) in the case of more conventional methods190. V. The LPDPI allows that the right loses force, if the person providing the data consents to this, has also raised doubts regarding constitutional validity 191 . At first sight, given the fact that fundamental rights provide a position of advantage to their holders, it would appear acceptable that these holders should be able to either exercise them or renounce them. After further analysis, however, it appears that since fundamental rights are public in their nature, they are inalienable and incapable of being renounced. One may, at the very most, not exercise them.

11. Constitutional Consent for the Computerised Processing of Statistical Religious Data

I. Although the CRP limits the computerisation of religious personal data, as showed above, it does not make it totally impossible to process all data related to religious matters. The final part of the principle discussed above should be borne in mind: "except in cases of the processing of statistical data which is not individually identifiable". This corresponds to another passage of the CRP, which says that no-one may be questioned about this information "except for the purposes of the collection of statistical data which is not individually identifiable" 192. The LPDPI adds that "the prohibition mentioned in the previous clause - that of the automatised processing of personal data referring to highly personal information - does not prevent the processing of data in the interests of research or statistics, as long as that data cannot be identified with the people concerned"193. This is an extremely important exception, on the contrary to what might be brought prima facie , since it presents at least two normative senses. Firstly, it provides a virtual definition of personal data, and secondly it implicitly allows computerised processing of the categories of data in question.

190

Jorge Bacelar Gouveia , op. cit., loc. cit., p. 726. Raising a doubt, but providing no answer, José Augusto Garcia Marques , A Lei n° 10/91..., cit., loc. cit., pp. 416 and 417. 192 Cf. art. 41, n° 3, 2nd part, CRP. 193 Cf. art. 11, n° 2, LPDPI. 191

European Data Protection and Churches in Portugal

159

II. More detailed analysis, however, shows that this is not a real exception at all, since if the data is not identifiable then it is not a personal data, but a statistical data. This suggests that the CRP does not prohibit the storing of statistical data related to religious matters. What it does prohibit is the computerised processing of personal religious data, acquired from an identified or identifiable person. This is perfectly understandable. If the person to whom the data related cannot be identified, there are no dangers to his freedom or privacy. Consequently, we must consider the exception of the LPDPI as contradictory in terms, since the allowance of computerised processing of highly personal data for only statistical purposes becomes impossible since it does require the non-identificability of such data. The concept of personal data requires the identification, or at least the identificability of the people concerned. If the data does not relate to the people concerned, then we are no longer talking about personal data194. III. The fact that the LPDPI added another motive for exceptions, beyond that of statistics, i.e. for research purposes, may place doubts as to the constitutional validity of this section since it is intended to open two exceptions, whereas the CRP allows only one. One hypothesis would be to suggest that the CRP should not state everything, but that it is possible and even preferable for the infraconstitutional law to subsequently clarify or complete the regulation with additional points. We do not believe, however, that this is the case. The fact that the text of the CRP went so far as to establish a specific allowance based on statistical motives suggests that this measure was intended to be exclusive, to exclude all other possible motives. In addition, the constitutional regime on restriction of rights, liberties and guarantees states that any such restriction of these rights must be expressly provided for 195 . But there is another, stronger reason: on the contrary to statistical data, this data remains personal. IV. The constitutional allowance in relation to computerised processing of statistical religious data does not cause any particular problems of interpretation which cannot be solved under the general terms of the different categories of data mentioned above. However, it is interesting that the CRP, in deciding to specify one particular category of data, should have chosen statistical religious 194 195

Jorge Bacelar Gouveia , op. cit., loc. cit., p. 726. Cf. art. 18, n° 2, 1st part, CRP.

160

Jorge Bacelar Gouveia

data, and that not only is this allowed, but its merely statistical nature is reiterated.

12. The Prohibition of Computerised Processing of Religious Personal Data and the Respective Exceptions in the Project for the EC Directive

I. The project for the EC directive is important to the protection of religious data in terms of article 8, which forms part of a section on certain kinds of data. Clause 1 prohibits the processing of data concerning religious convictions. Clause 2, however, adds that States may process such data if the person in question gives his consent, if the processing is done by a non-profit making entity, if the original purpose is respected, and on condition that it is not published without the consent of those concerned, and that the circumstance of the processing do not prejudice private lives or liberties. The exception has also been enlarged to include motives of public interest declared by the Member States196.

196

This principle from the project for the EC directive reads as follows: Article 8 The processing of particular categories of data

"1. The Member States prohibit the processing of data related to racial and ethnic origin, political opinion, religious philosophical or moral convictions, membership of trade unions, state of health and sexual life. 2. The Member States agree that the processing of the data mentioned in the previous clause may be performed on condition that: a) the individual to whom the data relates gives his written consent to such processing, except in cases where the legislation of the Member State provides that the prohibition of clause 1 may not be waived by such consent; b) the processing is performed by a foundation or association of a non-profit-making nature, with political, philosophical, religious or trade union characteristics and with legitimate objectives, on condition that exclusively concerns the members of that foundation or association and that the data is not divulged to third parties without the consent of the individuals concerned; c) the processing is performed in circumstances which manifestly do not threat on private life and liberties. The processing envisaged in b) waives the obligation of notice provided for in section V I I I of this chapter. 3. The member States may provide for derogation concerning clause 1, on the grounds of relevant public interest, by means of national legislative dispositions or decision of the controlling authority, which should specify the kinds of data to be processed, those who will receive the data, those responsible for the processing and the appropriate guarantees. 4. Data concerning penal convictions may only be stored by judicial authorities and by those directly involved in the decisions in question or their representatives; the Member States may, how-

European Data Protection and Churches in Portugal

161

II. The object and content of the right underlying this principle implies exactly the same kind of considerations we have examined above in our study of the fundamental right to the prohibition of computerised religious data under Portuguese Constitutional Law. The idea of "religious conviction" is practically identical to the expression "religious belief used by the CRP. This right is intended to prevent the automatised processing of personal data, as can be inferred from its definition 197. The second hypothesis for exception, however, is not sufficiently clear in relation to the terms in which it is organised. It does not include norms referring to those who supervise the processing, which leads to legitimate problems of privacy and freedom when confronting a person with all the other people belonging to the same faith. In the case of Portugal and the Roman Catholic Church, this means the overwhelming majority of the population, and thus the aim of protecting privacy is completely thwarted. III. It cannot therefore be said that the regime proposed by the project for the EC directive has made much progress in terms of the explicit meaning of this right, which is clearly required given the experience of various States, and in this case chiefly Portugal. An appreciation of this regime leads us to adopt a reticent attitude, since it contains exceptions which may become disastrous in the future. The circumstances in which the processing clearly does not endanger the private life and liberties of the people are not so well defined, and may therefore allow to greater abuses. The exception in the public interest, for example, although related to each Member State, may cause the frustration of all the concerns with prohibition the processing of highly personal data. The processing of statistical data is not important here, since as this is understood to be non-personal, it does not fall within the scope of the project for the directive 198. IV. Worse than this, however, is the conclusion that none of the proposed exceptions are acceptable under current Portuguese Constitutional Law. The text of the CRP, besides not allowing restrictions to the right (on the contrary to ever, provide for derogation by means of national legislative dispositions which establish the appropriate guarantees. 5. The Member States shall determine the conditions under which a national identification number or other general identification instrument may be used." 197 Cf. art. 2 b), project for the EC directive. 198 Cf. art. 2 a), in fine, project for the EC directive. 11 Robbers

162

Jorge Bacelar Gouveia

other rights) could never accept a group of situations which, in essence, do not provide minimum guarantees in terms of the defence of the person. The consequence of this is the invalidity of the norms of the EC directive, both direcüy in terms of the objectives proposed and indirectly through the law which the Portuguese State would be obliged to make in order to transpose these norms into the domestic legal system. There are only two possibilities: either to reduce the strictness of the CRP on this point by means of a constitutional revision, or for the directive to transform highly personal data into statistical data. At the moment, neither of these seem likely.

V. Conclusions 13. Concerning Part I I

a) The State-Church relations, in accordance with theoretical models and taken from an observation of History and Comparative Law, provide the following characterisation of the State: the confessional State, theocracy or caesaropapism, depending on the dominance of religious power or political power; the secular State in union or the secular State in separation, involving the need to distinguish in the first case between clericalism, regalism and relative separation, and in the second case between relative separation and absolute separation; the secularising State, passive or active, according to whether there is mitigated or absolute opposition to the religious phenomenon; b) the History of Portuguese Constitutional Law, reflecting the variety of the models of relations between State and Church, shows three different phases or periods: the first, up to the C1911, shows a secular State with an official Catholic religion; the second, with the First Republic, shows a passive secularising State, including some moments of active secularisation; the third during the period in which the C1933 was in force, shows a secular State with preferential treatment for the Roman Catholic Church, although this may be subdivided into three sub-phases; c) current Portuguese Constitutional Law establishes absolute separation between State and Church, in which the religious phenomenon assumes constitutional importance in relation to the form of government, following the Republi-

European Data Protection and Churches in Portugal

163

can principle, and in terms of fundamental rights, with the establishment of several individual and institutionalrights related to religious freedom; d) religion is also highly important in infraconstitutional norms which govern other equally significant aspects such as the exercise of religious freedom in general, also applicable to other religions besides the Roman Catholic Church, conscientious objection, based on religious grounds, compulsory military service, protection of the position of priests and of the practice of freedom of worship, and local ineligibility in electoral terms for ministers of any religion; e) despite the secular nature of the Portuguese State, the Roman Catholic Church enjoys a special status in comparison to other religions, given its broad sociological representation (6.352.705 believers, from a total of 6.721.889); this status is defined essentially by the CSSRP, and consists of firstly the recognition of the Roman Catholic Church as a legal entity, together with its organisations which may be freely created, secondly the attribution of civil effects to Catholic marriages, thirdly the exemption from the payment of all taxes, and fourthly the freedom to teach catholic religion and morals in private schools; one should also mention certain infraconstitutional laws, relating to catholic religious assistance in prisons, child care centres, hospitals and the armed forces; nevertheless, the privileged position enjoyed by the Roman Catholic Church should not be considered unconstitutional on account of a hypothetical violation of the principle of separation between churches and the State, since the State should at least encourage the activities of the majority religion. 14. Concerning Part Ι Π

a) Computers, a modern human reality, have become more and more important in legal terms, chiefly under Constitutional Law given the need to protect the individual; current Portuguese Constitutional Law has demonstrated its concern with this, by means of the admirable detail and extension in the constitutional approach to the use of computers, which has been subsequently improved in the first two constitutional revisions; four fundamental rights are provided for - the right to the control of personal data, the right to the non-publication of personal data, the right to the prohibition of the processing of highly personal data, and the guarantee of the non-attribution of a single national number; these fundamental rights benefit physical individuals, collective entities and foreigners, and are aimed at computerised personal data, which means in11*

164

Jorge Bacelar Gouveia

formation obtained from identified or identifiable people processed by computer; therights benefit from the solid regime governingrights, liberties and guarantees; b) several other legal points concerning the protection of personal data are regulated by the LPDPI; in relation to matters determined by constitutional imposition, one should mention the definition of the concepts of personal data, data banks and data bases, the regulation of set-up conditions for automatised files, data banks and the regime governing the exit of data from the country; elsewhere, it is important to mention the creation of the Comissäo Nacional de Protecçâo de Dados Pessoais Informatizados, the addition of the prohibition of the computerisation of other data beyond those provided for by the CRP, the norms affecting the way in which data is collected and its interfacing, the regulation of the exercise of constitutionally-established rights and the criminal designation of several kinds of actions in breach of the related fundamental rights.

15. Concerning Part IV

a) With regard to specific protection of religious personal data, the CRP ensures the fundamental right that personal data concerning "religious beliefs" shall not be computerised; the object is based on an incomplete notion, which leaves doubts as to the extent of the concept of religion and as to whether this includes data of a religious nature on matters of a less spiritual kind; the content implies the prevention of any form of computer operation on this data, which does not apply to data obtained by conventional methods; b) on the other hand, the CRP allows the computerised processing of nonpersonal religious data of a statistical nature, whereas the law also allows this in the case of research, which should be considered unconstitutional; c) the project for the EC directive, like the Portuguese Constitution, establishes the prohibition of computerised processing of religious personal data, although it allows exceptions based on the consent of the person concerned, the case of non-profit-making institutions in relation to their members, where the processing does not endanger private life or liberties and when the public interest justifies it; these exceptions do not agree with the Portuguese Constitution, which only opens exceptions for statistical data and never for personal data; they also seem unsuitable in terms of providing adequate defence for the individual in relation to the processing of extremely important and delicate personal

European Data Protection and Churches in Portugal

165

data, and do not make any advance in relation to norms already established by some States, such as Portugal.

Churches in the United Kingdom and the Law of Data Protection By Norman Doe, Cardiff The law in this field gives rise to an important issue for ecclesiastical life, government and the individual - the degree to which the use and disclosure of information held by ecclesiastical authorities on individual church members, clerical and lay, and their rights of access to it, are regulated and protected by law. There has been no examination of this subject in relation to church life in the United Kingdom, and in general terms the law is less well developed and clear than that dealing with a related matter (with which this paper does not deal) - the right in the church to be informed about the activities of ecclesiastical government which affect the church community. The study presented here is simply a preliminary investigation. It is divided into five parts: (1) the civil law; (2) the legal position of churches in the United Kingdom (three are studied); (3) the applicability of civil law to these churches; (4) some comments on the likely effects of the proposed European directive; and (5) conclusions. I. The Civil Law: Basic Principles The body of law described briefly here is part of the general law of the United Kingdom1. The dominant legal regime in this area is to be found in the following parliamentary enactments and judicial doctrines. 1. The Data Protection Act 1984

This statute was enacted to incorporate into domestic law the European Convention on Data Protection 1981. The statute applies only to data held by computer. Personal data includes factual information and opinion relating to a li1 See generally, for example, P. Birkinshaw , Freedom of Information: The Law, the Practice and the Ideal (Weidenfeld and Nicolson, London, 1988).

168

Norman Doe

ving individual, and this may include information concerning religious belief, health and sexual life. The data must by the statutory principles be obtained fairly and lawfully, held for a specified and lawful purpose, it must not be used or disclosed in any manner incompatible with those purposes, and must be adequate, relevant, not excessive, and accurate. The data subject has rights of access and correction. The statute has had some judicial consideration. All data users (those holding data) must register, unless exempt, and it is a criminal offence not to do so. The Data Protection Registrar maintains the register, whose entries contain, inter alia , the name and address of users, a description of the personal data, the purpose(s) for which it is held and a description of sources and recipients. Access to data, generally, might be had only with the subject's consent. Certain types of information are exempt from the statute. A subject has no right of access in relation, for example, to data held for enforcing the criminal law, assessing or collecting tax, and discharging certain statutory functions. As a general rule disclosure may occur when the general law allows this. No specific provision is made for churches2.

2. The Access to Personal Files Act 1987 (and Medical Legislation)

Secondary executive legislation created under this statute regulates the use of and access to information contained in manual documentary files in certain areas, such as social services and housing. No special provision is made for churches. It is arguable that under the statute the government would have power to legislate for churches, as the statute confers a power to legislate for 'any authority keeping records containing personal information' (s. 1 (1)), but it has not done so. Several recent statutes have also been enacted dealing with medical records. The Access to Medical Reports Act 1988 and the Access to Health Records Act 1990 contain similar provisions regulating the use of and access to medical records of patients. The 1984 and 1990 acts together deal with the problem of patients seeking access to medical information on them when this is computerised (1984 act) or held manually (1990 act). The 1988 statute concerns employment 2 For a short description of the background to the legislation, see S.H. Bailey , D.J. Harris and B.L. Jones, Civil Liberties: Cases and Materials (2nd ed., Butterworths, London, 1985) 392 - 400.

Churches in the United Kingdom and the Law of Data Protection

169

and insurance. This deals with employers wanting access to files of employees and prospective employees. The subject has a right to forbid disclosure, a right which he may waive. The holder of the medical file must consult the patient and obtain consent, and may also refuse disclosure if this may seriously harm the subject's health. 3. The Equitable Doctrine of Confidence

This allows in some circumstances a court to grant an injunction to prevent the disclosure of information by a person when that information has been given in confidence. Its scope is not entirely clear but it might be applied in both the public and private spheres, and has been applied in relation to medical files 3.

II. The Legal Position of the Churches and Their Internal Rules Three churches are studied here: the Church of England, the Church in Wales, and the Roman Catholic Church. These churches enjoy different positions in law. Consequently, the legal status and effect of their internal rules differ from church to church. 1. The Church of England

This is established by law and, constitutionally, there is a fusion between state and church: the monarch is the head of the church; episcopal appointments are royal appointments; ministerial duties (such as marriage) are owed to all residents of a parish, church members and non-members; church courts are in a sense state courts; and some bishops sit in the House of Lords. There are many other incidents of establishment. An important point is that one form of internal church law, the measures of the General Synod, have the same force and effect as a parliamentary statute. Other species of internal church law, such as canons, are inferior species of law and must be consistent with the general law to enjoy validity4. 3

R. Austin, 'Freedom of information: the constitutional impact', in J. Jowell and D. Oliver (eds.), Iiie Changing Constitution (2nd ed., Oxford, 1989) 409. 4 T. Briden and B. Hanson eds., Moore's Introduction to English Canon Law (3rd ed., Mowbray, London, 1992) 10- 28.

170

Norman Doe

2. The Church in Wales

This is a self-governing national Anglican church which was disestablished from the Church of England in 1920 by parliamentary legislation of 1914 and 1919. It has its own internal form of government and episcopacy, and its own canon law, except for example in the area of marriage, where the law of the land applies to the church. Its internal rules, its canon law (located in a variety of sources), exist as the terms of a contract entered into by its members. This internal canon law is enforceable in Welsh church courts and perhaps in civil courts5. 3. The Roman Catholic Church

Historically, after the English Reformation, Roman Catholics were subject to many legal incapacities, and its internal canon law lost validity and applicability. These incapacities have since been removed, though there are still some vestiges. The church's hierarchy was restored in 1850 and the church is organised on a consensual basis. The 1983 code of canon law applies domestically, though it is unclear whether it exists as a foreign law applicable to Roman Catholics in Britain. The internal canon law is enforceable in the tribunals of the Roman Catholic Church. There is no concordat law governing state/Roman Catholic Church relations as with some European countries. As a general principle the internal Roman canon law is inferior to the law of the state and, ultimately, the legality of provisions in the code is dependent on conformity with the general law6.

I I I . The Applicability of the General Law to Ecclesiastical Government As a fundamental point, the law which governs these churches is the general (or civil) law as described in outline above. The churches, with the possible exception of elements of Roman Catholic canon law, have not developed an independent body of law in relation to data protection. 5

N. Doe (ed.), Essays in Canon Law. A Study of the Law of the Church in Wales (University of Wales Press, Cardiff, 1992) 25 - 48, 133 - 150. 6 Halsbury , The Laws of England; Vol 14 Ecclesiastical Law (4th ed., Butterworths, London, 1975) paras. 1388- 1400.

Churches in the United Kingdom and the Law of Data Protection

171

1. The Church of England

The internal law of the Church of England sometimes provides for the creation and use of files by ecclesiastical authorities, files which may contain personal information on clerics and lay members. Most data is held manually though computerisation is increasing. There is no autonomous general right of access provided by a distinct internal information law. Nor is there an autonomous internal legal regime providing for general regulation in this area. The discussions on these areas are largely speculative. Basically, the civil law applies in these areas, most importantly if the data is computerised, though as a matter of practice the dominant legal regime, the general law, does not make express provision for the church. Given a lack of judicial decisions here, it is often difficult to determine exactly whether the civil law actually applies in detailed circumstances. We shall take some practical areas to indicate the difficulties in determining whether the general law applies to the church.

a) Appointment of ecclesiastical judges The Church of England has a complex system of ecclesiastical courts which, by virtue of establishment, may be broadly classified as state courts. Consistory or diocesan court judges are appointed by the bishop and also become judges in the temporal courts7. Appointment to the episcopate is by the crown as head of the church. Assuming files are kept on candidates for judicial appointment in the church, it is unclear whether such a person would have a right of access to these files. The Data Protection Act 1984 expressly excludes this right in relation to files held by a 'government department' containing information 'relevant to the making of judicial appointments'(s. 31 (1)). It is a large and unsettled question, but if a bishop is classified legally as a government department, and there are strong arguments to suggest that the episcopal office might be, a candidate for ecclesiastical judicial appointment may very well have no right of access to such files.

7

See Briden and Hanson, op. cit., at 115.

172

Norman Doe

b) Church electoral rolls Each parish is obliged to keep an electoral roll. Entry of a name on this confers certain rights, principally electoral, and also qualifies for the holding of lay office in the church. There is a large body of law on electoral rolls 8. Information contained simply refers to a name and sometimes an address. By law the roll is available for public inspection. If a cleric or another uses this information for a purpose other than that for which the roll by law exists, and on the basis of the roll a cleric opens a computerised file containing information about a person, for example that a named person has not attended church for a stated period, or a person holds particular religious beliefs, the cleric would probably be obliged to register as a data user and would generally fall within the terms of the 1984 act. The roll itself does not it seems give rise to problems about data protection. c) Church finance : covenants By synodical measure some ecclesiastical bodies have power to take steps to raise funds for the church, and parishes have the power to levy a voluntary church rate (though rarely used)9. One major method of fund-raising is by covenanting, by which an individual agrees to contribute a fixed sum each year. The obligations arising under and the enforceability of such covenants have not been decided directly by the courts. Each parish will keep records of the covenants of individuals and perhaps information about failure to honour the covenant. Numbered envelopes are also used to collect contributions at church services. It is probable that such information, if computerised (and this is a standard practice), will fall under the general law. However, holding such information might be exempt from the 1984 statute under the accounting provisions of s. 3210. Generally, the courts have held that accountants must be registered as data users holding financial information. By analogy the same might be the 8

For a statement of the basic rules, see Halsbury , op. cit., paras. 591 - 596. The PCC would be registered as a data user under the 1984 act, and the Diocesan Board of Finance for parish/diocese dealings. 9

Parochial Church Councils (Powers) Measure 1956. If this church activity is 'keeping accounts relating to any business or other activity carried on by a data user or keeping records of purchases, sales or other transactions or for the purpose of making financial or management forecasts to assist him in the conduct of any business or activity' (s. 32) personal data are exempt from the provisions of Part II of the act and from ss. 21 and 24 on subject access rights and rights of rectification and erasure. This provision gives rise to a host of uncertainties. 10

Churches in the United Kingdom and the Law of Data Protection

173

case with parish clergy and treasurers. Failure to do so may constitute a criminal offence. One academic problem here is this: if the exchange of money, under for example a voluntary church rate system (though rarely used), is classifiable in law as a 'tax or duty', and computerised data exists about its collection would the data subject's right of access be exempted under s. 28 (1) of the 1984 statute which excludes 'personal data held for the ... assessment or collection of any tax or duty'? d) Religious beliefs : ordination of women Ostensibly there seems little opportunity for church authorities to open files on members' religious beliefs. The future may hold a problem, however. The General Synod in 1993 endorsed a measure facilitating the ordination of women as priests. The question has caused considerable division in the church11. Regulating decisions about candidature of women for ordination may involve making rules about who might be on selection panels of candidates for the ordained ministry. It would probably become necessary to formulate files on those in pools from which selection panels are made so that they enjoy a degree of doctrinal balance and impartiality. Pools of potential selectors might include some opposed and some in favour of the ordination of women. It may become necessary to gather personal information about the religious beliefs of potential selectors and to open files containing this information. As the law stands at present, such information would have to be registered and a right of access might arise, if these files were computerised. If the draft directive is implemented, the holding of such information would be prohibited unless the subject consents or unless it is held in the course of the church's legitimate activities. e) Ecclesiastical discipline One area in which clerics or lay officers arguably have a right of access under the 1984 statute, is to information contained in any computerised files relating to internal discipline. But, again, much of this documentation would be held manually, thus escaping the provisions of the civil law. This renders actual regulation in this area minimal. 11

Priests (Ordination of Women) Measure 1993.

174

Norman Doe

Under the Incumbents (Vacation of Benefices) Measure 1977, requests to a bishop might be made for an inquiry to be set up to examine a serious breakdown of pastoral relations in a parish, between the incumbent and the parishioners. The breakdown may be the result of 'the conduct of the incumbent or of his parishioners'. This written request 'shall contain particulars of the facts which appear to the person or persons making the request to justify an inquiry' (s. 1). The request may contain details of complaints and personal information. The incumbent must be notified of the request and, if a committee of inquiry is set up he may object, stating the grounds of his objection, to its membership. In short, these lawful procedures might generate the creation of several files containing personal information. If computerised, such files may be the subject of a right of access. The same applies to computerised data compiled to administer the ordinary 'criminal jurisdiction' of the ecclesiastical courts (or disciplinary action taken administratively by bishops, for example), in relation to ecclesiastical offences, such as neglect of duty or conduct unbecoming a clerk in holy orders. Such files may include details of the sexual life of a subject. Again files may be compiled on potential 'assessors', jurors in prosecutions in the consistory court, in order to produce a balanced and fair trial. By law, assessors are selected by lot from a panel of six priests and six lay persons approved by the Diocesan Synod12. The approval process may generate the creation of files. If computerised these data may be caught by the 1984 act. However, one legal question that arises is whether such information might fall within s. 28 of the 1984 act as relating to the enforcement of the criminal law. Ecclesiastical law and the criminal jurisdiction of the established church may arguably exempt a subject access right. f) Medical records and reports Medical records held by church authorities, and medical records sought for various reasons, by church authorities, would be subject to the provisions of and the rights of access under the Data Protection Act 1984 and the act of 1990. These apply to both computerised and manual files. The most important statute here is likely to be the 1988 act.

12 See Halsbury , Ecclesiastical Law, op. cit., para. 1367 and the Ecclesiastical Jurisdiction Measure 1963.

Churches in the United Kingdom and the Law of Data Protection

175

There are many internal rules giving power to authorities to require the formulation of medical reports (mainly on clerics). Under the Incumbents (Vacation of Benefices) Measure 1977, for example, a pastoral breakdown may be due to the 'age or infirmity' of an incumbent, and a diocesan committee of inquiry may be charged to report to the bishop 'whether in the opinion of the committee the incumbent... is unable by reason of age or infirmity of mind or body to discharge adequately the duties' of his office (s. 6). Again, an archbishop may have to adjudge, in order to take remedial action, whether a bishop is incapacitated by physical or mental disability from the due performance of his episcopal duties13. Here, as the church is not (generally) in law an employer of its clergy, it is unclear precisely what scope the civil law has in this area. It is arguable, but not decided, that the 1988 statute, dealing with 'employment', applies also to Church authorities. This provides, inter alia , that if an employer wants access to medical files, he must have the consent of the subject. The statute applies to employment, contracts of service 'or otherwise'. If this covers clerics they may have a right to forbid disclosure of the medical information, but they would also have a right to waive this. The church authority would have to consult the doctor, who in turn would consult the cleric. There is a general principle, however, which has been considered judicially, that disclosure may occur without the patient's consent if this is in the 'public interest'. g) The confessional Finally, information communicated through the confessional is subject to ministerial non-disclosure according to the internal canon law. However, under the civil law such information, though there is considerable debate in this area, is commonly said not to be privileged, and a court could probably compel a cleric to disclose, under threat of contempt of court, information obtained by way of confession 14. 2. The Church in Wales

The Church in Wales has not yet legislated internally in relation to personal information. Under the disestablishment parliamentary legislation the Church 13 14

Bishops (Retirement) Measure 1951. R. Bursell , 'The seal of the confessional', Ecclesiastical Law Journal 2 (1990) 84.

176

Norman Doe

in Wales has the legal power to create canon law on this subject (as it does to legislate on most matters concerning the church) by means of canon or regulation, but it has not done so at present. I am not aware of any movement in the church to legislate in this area at present or in the near future. In the event that the Church in Wales did legislate on this matter, its internal law, to be valid, would have to be consistent with the general civil law. Therefore, as a general principle, the law which applies to the Church in Wales on personal information is the civil law. One of the government authorities of the Church in Wales is its Representative Body, an administrative body which manages the church's property 15. In broad terms, as with any administrative body today, as a matter of practice the Representative Body keeps both computerised files and manual documentary files. The Representative Body is a registered data user under the 1984 act. Much of the information kept on computer and in manual records, dealing with finance and property, would not necessarily contain personal information. Files concerning the finance and funding of the church, for example, relate inter alia to sums derived from benefactions, bequests and from the 'parish charge', the contribution made annually to the running of the diocese. However, this is not necessarily always the case. The most likely areas in which files might be kept, containing personal information, are those concerning grants given to clerics, pensions of clerics, their widows and orphans. One of the most important types of file relates to the church's legal obligation to pay a local government tax on property occupied by clerics. A central computerised file is being developed which contains factual personal information about individual clerics, occupying ecclesiastical property, giving details about their names, sex, whether they are married, single, divorced or separated, for the purposes of administering the local tax system. If, in the future, such files contained additional information about, for example, whether a cleric would be happy working with an ordained woman in that parish, or whether a bishop would be prepared to ordain women as priests, this may give rise to more serious issues of data protection in this area. It is an ecclesiastical practice, though varying from parish to parish, so I understand, for incumbents of parishes, and treasurers or churchwardens (lay officers), to note the actual non-covenanting contributions made by lay people in that parish. Some clerics employ the practice of keeping details on record of the 15

N. Doe (ed.), Essays in Canon Law, op. cit., 24 - 48.

Churches in the United Kingdom and the Law of Data Protection

177

'talents' of parishioners: this may be in a computerised or manual form. If this is the case, then the holders of that information are under a statutory duty to register as data users. It is a criminal offence under the 1984 statute to fail to register. And they would be under an obligation not to disclose that information, at least without the consent of the data subject. Also, the data subject has a right to verify the accuracy of the information, and he may have an action at law if it is not accurate. 3. The Roman Catholic Church

Like the law of other churches, the 1983 code contains several provisions which allow for the gathering and concealing of information held on individuals. This is a large subject and here we shall mention only some of the key areas and issues. Indeed, unlike with respect to the Church of England and the Church in Wales, a considerable corpus of literature has been produced recently by Roman Catholic canonists, mainly American and Canadian, on this subject 16 . Moreover, a body of law probably exists in the form of domestic internal canon law, the particular not universal laws of dioceses and national episcopal conferences, for example, though I have not explored this as a source of internal church rules on personal information. a) Personal information : general principle The 1983 code, in its presentation of fundamental rights of the faithful states as a general principle, by Canon 220, 'No-one is permitted to damage unlawfully the good reputation which another person enjoys nor to violate the right of another person to protect his or her own privacy'. It is a right which can be vindicated in the church tribunals (c. 221). And there are other specific areas in which the right is expressed (cc. 642, 1548 (2), 1674, 1697). The general opinion of Roman canonists is that this will be a developing area for particular law in the near future 17. b) Diocesan archives The code's provisions on secret archives and accessibility to them is an attempt to give legal integrity to the church's respect for persons and their pri16 See for example, K.E. McKenna, 'Confidential clergy matters and the secret archives', 26 (1) Studia Canoncia (1992) 191. 17 J Λ. Coriden , Τ J. Green and D.E. Heintschel , The Code of Canon Law: A Text and Commentary (London, 1985) 394 - 398.

12 Robbers

178

Norman Doe

vacy. The provisions of Canons 482 and 486 seek to safeguard documents of the diocesan curia. Disclosure of information held can only be effected with the permission of the bishop or of both the moderator of the curia and the chancellor, though the Canon also confers a general right of access to the public. c) Personal matters and secrecy Three canons are of relevance here. Canon 489 provides for the existence of secret diocesan archives. Though the canon does not define the sorts of documents which are to be secret, these documents will include details of a personal type. Canon 489 (2) requires the destruction of documents relating to 'matters of morals in which the criminal has died or in which ten years have passed since the condemnatory sentence'. There is an exception, however: 'a brief summary of the case with the text of the definitive sentence is to be retained'. Other forms of document commonly held include: matrimonial dispensations in the non-sacramental internal forum (c. 1082); the register for secret marriages (c. 1133); dispensations from impediments and irregularities to orders (cc. 1047, 1048); decrees of dismissal from a religious institute (c. 700); and documents relating to the loss of the clerical state by invalidity, penalty, or dispensation (cc. 290 - 293). These canons are silent on the point, but it seems that it is left to the diocesan bishop to determine which information is to be kept in the secret archives. However, this function will usually be delegated to the chancellor. By Canon 490 only the bishop is to have the key to the secret archives and documents are not to be removed. It seems the bishop may permit certified copies to be made and used for confidential purposes. The diocesan curia will normally formulate written policies and procedures for the different levels of access and information disclosure, sometimes adopting different classifications of documents. Personal files on priests, containing information about complaints or accusations, are not ordinarily held in the secret archives. Many canonists are concerned that particular laws should be formulated in this area. If computerised thesefiles are subject to the 1984 act. d) Applications for ecclesiastical posts The right expressed in Canon 220 seems to limit the extent to which an ecclesiastical superior might inquire into personal information when considering

Churches in the United Kingdom and the Law of Data Protection

179

the appointment of an individual to a post in the church. On the other hand, however, before appointing a priest to a parish, by Canon 521 (2) the bishop is to make sure that a person 'is distinguished for his ... integrity of morals'. It is unclear to what extent a bishop is empowered to require a person to divulge personal information of this sort and to what extent he might consult other sources to determine this. It is also unclear whether some rules developed in this area in civil law, relating to medical records, apply to the Roman Catholic Church. It is probably the case that the position applying to the Church of England and the Church in Wales applies here also. In addition, for example, if a priest in his work is to have regular contact with children, the provisions of the Children Act 1989 and other legislation may apply, by which his previous convictions (even if spent) would have to be disclosed.

IV. The Effects of the European Draft Directive on Domestic Law Two issues are of concern here. First, according to domestic law, it is essential to determine the status of a European directive according to national law and its enforceability in the courts of the United Kingdom. Secondly, what, in outline, are the provisions of the draft directive and how would they affect domestic legal arrangements?

1. The Legal Status of a European Directive

Under the European Communities Act 1972, still the dominant legal document operating in this area, there are provisions for the direct applicability of some species of European law in the United Kingdom. The 1972 statute is an enabling act and these rules of European law are applicable domestically without further enactment by parliament. The EEC Treaty, Article 189, of course, states that directives are 'binding as to the result to be achieved, upon each member state to whom it is addressed'. Unlike regulations, a directive leaves member states an option about the means by which the result required by it must be achieved. As a general proposition, a European directive will not be directly applicable and enforceable in the United Kingdom unless and until it has been incorporated into domestic law. This is a 12*

180

Norman Doe

large and complex area and the European Court of Justice has held that directives may createrights for individuals directly enforceable in national courts18. Though the European Court of Justice has repeated the principle that European law prevails over inconsistent national law, domestic courts in the United Kingdom have employed this principle only in a limited way. Some decisions accept that United Kingdom judges are to employ a presumption of consistency: domestic parliamentary legislation will be presumed to be consistent with European law. In general terms this has led in some judicial decisions to two ideas: if parliament does not clearly intend a conflict with European law, and there is an ambiguity in the statutory language, the European stance will prevail. On the other hand, some judicial dicta advance the view that if parliament intentionally legislates in contradiction of European law, then the domestic statute will prevail and not European law 19 . This is in keeping with the classical judicial doctrines on the legislative sovereignty of parliament, regardless of the terms of the 1972 act (and it raises the interesting question of the status of a synodical measure on data protection - if the Church of England created one - if this, which has the same force and effect as a parliamentary statute, conflicted with European law). However, since a leading case decided in 1990 the position in relation to a parliamentary statute may have altered. The case has been the subject of considerable debate but one proposition for which it might stand is that, if a domestic statute contradicts European law, it will retain its status as law but the judges may suspend its operation and not apply it 20 .

2. The Provisions of the Draft Directive

The possible effect of the directive might be summarised as follows. The purpose of the directive is to harmonise national legislation concerning data protection throughout the European Community. This is to be achieved in two ways: regulating the processing of personal data; and granting rights to the data subject. Once implemented it will promote a single market, by preventing member states from restricting the flow of data on the grounds of protection principles (Article 1). 18 See generally, for instance, E.C. Wade ancM.W. Bradley , Constitutional and Administrative Law (10th ed., Longman, London, 1985) 120 - 143. 19 Macarthys Ltd. ν Smith (1979) 3 A l l ER 325; Carland ν British Rail Engineering Ltd. (1982) 2 All ER 402. 2 0 R ν Secretary of State for Transport, ex parte Factortame Ltd. (1990) 2 W L R 818.

Churches in the United Kingdom and the Law of Data Protection

181

Member states are required to regulate 'personal data files' located in its territory or under its control (Article 4). No distinction is made between files held in the public sector and those in the private sector (Article 7). The directive does not alter domestic law in so far as under the directive data must still be processed fairly and lawfully, for lawful purposes and be adequate, relevant, accurate, not excessive, kept up to date and kept in a form which permits the identification of the data subject only for so long as is necessary (Articles 6, 7). As a general rule, processing of data relating to a subject is only possible with the subject's consent. Exceptions exist where he is not in a position to give consent (eg. illness), and when the subject has a vital interest in it being processed without his consent. Processing will be allowed when necessary in the public interest (Article 7). One significant change for ecclesiastical life is this. Previously it was possible to process data concerning matters such as religious belief only with the consent of the data subject. Under the directive member states shall prohibit the processing of data revealing religious beliefs, philosophical persuasion and data concerning health or sexual life. There are exceptions. Such data may be processed with the subject's written consent. Alternatively, member states shall provide that data may be processed concerning these matters where processing is carried out by a religious association in the course of its legitimate activities. This operates provided that the data relates solely to members of the organisation who freely entered into association. Processing is not subject to the obligation to notify. The data may still not be disclosed to third parties without consent. Such processing is also possible where there is no obvious infringement of privacy, as, for example, where the individual cannot be identified (Article 8). Given that a 'file' might include computerised and manually-held information, this provision is likely to have a profound affect upon those areas of life, in the Church of England, the Church in Wales and the Roman Catholic Church, outlined in Section III above. The directive also clarifies data subject rights, its content, its source and its use. It also forbids a third party (such as an employer) from forcing the data subject to access his files (eg. medical records) as a pre-condition to employment. A third party can now only demand such access where the request is based on domestic law (Articles 10 -15). Another new principle relates to administrative or private (such as contracts) decision-making. A subject is not to be affected by decisions based solely on

182

Norman Doe

automatic processing. Member states are to lay down safeguards (Articles 16, 17). A new supervisory authority is to examine processing which poses a specific threat to the freedom of individuals before processing commences. It also has provisions about transfer of data between states, remedies in the courts and codes of conduct (Articles 18-87). The directive is to be introduced by July 1994 and this will mean substantial amendments to be made by parliament, in these areas, to the Data Protection Act 1984.

V. Conclusions The following points might be made of this preliminary investigation. First, there has been no systematic study of this problem to-date. Any analysis of the applicability of law to church life in this area would have to be accompanied by an analysis not only of legal rules, and the policy reasons for their existence, but also by an analysis of the problem from a theological perspective. A working understanding would have to be constructed of the relation of these rules to theological principles about accountability, responsibility, stewardship, openness, confidentiality, and democratization processes in the church - especially if churches chose to create internal regulation. Secondly, with the possible exception of the Roman Catholic Church, the Church of England and the Church in Wales have not developed a separate legal regime or system to regulate these matters internally. Any rights and duties in these areas are to be found in the technical details of internal church law as created to deal with other problems and areas in ecclesiastical life. By and large, this area of law is undeveloped. Thirdly, in an attempt to incorporate European convention, the civil law, through the statutes of 1984 - 1990, has developed detailed rules in both these areas. Given the legal position of these churches, as a general principle, it is this law which is the dominant legal regime on this subject. The civil law is not static but constantly changing and it is undergoing steadily judicial consideration and treatment. Fourthly, the principal task for the church lawyer is to identify those rules of church law which generate the creation of personal information files, compute-

Churches in the United Kingdom and the Law of Data Protection

183

rised or manual. The existence and scope of this information must be established before the question of the applicability of civil law can be addressed. In this respect, the issue of whether the civil law applies is a complicated and largely speculative question. As many important personal files are held manually, except in the area of medical records, the civil law may not in practice apply extensively, in key areas, to ecclesiastical government. In practical terms, therefore, civil law regulation may be minimal. In short, information law, the individual and ecclesiastical government in the United Kingdom is not well developed or clear, a lack of clarity compounded by a lack of litigation concerning the church in this field. This, of course, may be the best evidence that, today at least, these issues do not seem to be pressing for ecclesiastical life.

Generalbericht: Datenschutzrecht in derEuropäischen Union und die Kirchen Von Gerhard Robbers, Trier Der Schutz persönlicher Daten gehört zu den weithin unbestrittenen rechtspolitischen Zielen in den Mitgliedstaaten der Europäischen Union. Übereinstimmend wird das Recht auf Datenschutz als wichtiger Bestandteil verfassungsrechtlich geschützter persönlicher Freiheit angesehen. In allen Mitgliedstaaten der Europäischen Union ergreift das Datenschutzrecht auch die Religionsgemeinschaften. Die Vielfalt der staatskirchenrechtlichen Systeme in den Mitgliedstaaten der Europäischen Union und die unterschiedlichen Strukturen ihrer datenschutzrechtlichen Bestimmungen machen generalisierende Lösungen schwierig, im Einzelfall gefährlich. Während eine Harmonisierung des Datenschutzrechts im Grundsatz ohne weiteres einleuchtet und ihre Legitimität in keinem der Beiträge bestritten wird, bleibt die Bewahrung historisch gewachsener staatskirchenrechtlicher Strukturen geradezu selbstverständliches Anliegen. Die Harmonisierung der datenschutzrechtlichen Bestimmungen in den Mitgliedstaaten der Europäischen Union stößt im wesentlichen auf drei unterschiedlich gestaltete Gruppen staatskirchenrechtlicher Systeme, die in sich wiederum vielgestaltig, unterschiedlich akzentuiert und in mannigfaltigen historischen und sozialen Zusammenhängen eingebettet sind. In einer Reihe von Staaten begegnen Systeme des Staatskirchentums, in denen innerkirchliche Normsetzung eng mit dem staatlichen Normgebungsprozeß rechtlich verbunden sind. Dies gilt für Großbritannien, Dänemark und Griechenland. Dem stehen reine Trennungssysteme gegenüber. Zu dieser Gruppe gehören Frankreich, die Niederlande, auch Portugal und Irland. Die übrigen Staaten: Spanien, Italien, Belgien, Luxemburg und die Bundesrepublik Deutschland weisen Strukturen auf, die bei grundsätzlicher Trennung von Staat und Kirche in je unterschiedlicher Weise und Intensität rechtlich anerkannte gemeinsame Angelegenheiten in großem Umfang kennen.

186

Gerhard Robbers

Eine vollständige, strikte Trennung ohne jede Beziehungen zwischen Staat und Kirche ist aber in keinem Mitgliedstaat der Europäischen Union durchgeführt und praktisch auch kaum vorstellbar. Überdies variieren die sozialen Zusammenhänge, die im praktischen Leben eine der Rechtsform nach als Trennungssystem ausgestaltete Ordnung in der sozialen Wirklichkeit eher als intensive Verbindung zwischen Staat und Kirche ausweisen. Entsprechend vielgestaltig ist die Relevanz der staatlichen Datenschutzgesetzgebung auf innerkirchliche Verhältnisse. Entsprechend unterschiedlich ist aber auch die Akzeptanz gegenüber staatlicher Datenschutzgesetzgebung, die auf innerkirchliche Bereiche Zugriff nehmen könnte. Der Hamonisierungsbedarf im Datenschutzrecht zeigt sich besonders auch an dem ungleichen Stand mitgliedstaatlicher Datenschutzgesetzgebung. Während bisweilen noch gar keine Datenschutzgesetze bestehen, ist das Datenschutzrecht in anderen Mitgliedstaaten der Europäischen Union intensiv und fein ziseliert ausgestaltet. Es überrascht nicht, daß gerade in den Staaten staatliche Ingerenz in den innerkirchlichen Datenschutz relativ leicht akzeptiert zu werden scheint, in denen ein traditionelles System des Staatskirchen turns besteht. Dies ist der Fall besonders in Großbritannien, Dänemark und Griechenland. Hier wird kirchliche Gesetzgebung seit alters mit staatlicher eng verknüpft, bisweilen identifiziert. Ein laizistisches System wie Frankreich mag auf der anderen Seite ebenfalls wenig Schwierigkeiten mit staatlicher Ingerenz in kirchlicher Angelegenheit haben. Dies gilt insoweit, als der Bereich des staatlichen Gesetzes sehr ausgeweitet ist und eine institutionelle Eigenständigkeit der Religionsgemeinschaften gegenüber dem staatlichen Recht nur in Ausnahmefällen akzeptabel erscheint. Erhebliche Probleme ergeben sich freilich in jenen Staaten, die eine institutionelle Trennung von Staat und Kirchen bei gleichzeitigem Respekt der staatlichen Rechtsordnung gegenüber einer innerkirchlichen Rechtsordnung aufweisen. Gerade hier machen die Autoren auf eine Reihe wichtiger Problemfelder aufmerksam. Sie liegen vor allem in dem Zugriff auf theologische Momente, wie den Rückwirkungen auf das Gliedschaftsrecht und die Bedeutung der Taufe, in der Bedrohung des Kirchensteuersystems und in den Eingriffsmöglichkeiten der staatlichen Aufsichtsbehörden in das kirchliche Selbstbestimmungsrecht.

Generalbericht: Datenschutzrecht in der Europäischen Union und die Kirchen

187

Angesichts unterschiedlicher Entwicklung des Datenschutzrechtes ist auch nicht verwunderlich, daß selbst die Sicht auf die Problemlagen unterschiedlich ausfällt. Konsequenzen aus staatlicher Datenschutzgesetzgebung für die Kirchen sind nicht in allen Mitgliedstaaten Gegenstand kircheninterner Überlegungen gewesen. Die Unterschiedlichkeit der staatskirchenrechtlichen Systeme begründet auch die unterschiedliche Problemsicht, die sich in den Beiträgen zeigt. Schon die Fragestellungen variieren in ihren grundsätzlichen Dimensionen. Manche Fragen finden gegenwärtig schon deshalb keine Antwort, weil sie im Blick auf das einzelne System bisweilen als im Ansatz falsch gestellt erscheinen mögen. Umsoweniger kann es richtig sein, die nämlichen Antworten für jedes der Systeme zu geben; sie würden in der Praxis zu unvorhersehbaren, oft ungewollten Ergebnissen führen. Den Berichten hat ein Fragebogen zugrunde gelegen, der gänzlich unverbindlich mögliche Problemstellungen in den Mitgliedstaaten aufweisen wollte1.

1 Text des Fragebogens: "Erhebung Datenschutz und Kirchen in den Mitgliedstaaten der Europäischen Union. 1. Grundzüge des Staat-Kirche-Verhältnisses: Staatskirche oder strikte Trennung oder Kooperationssystem. 2. Grundsätzliche Reichweite des Selbstbestimmungsrechts von Religionsgemeinschaften. 3. Verfassungsrechtlicher Bezug der Religionsgemeinschaft: nur unmittelbarer Kernbereich wie Amtskirche, verfaßte Kirche, reine Kultusgemeinschaft oder auch von der Kirche unmittelbar oder auch nur mittelbar betriebene Einrichtungen insbesondere des diakonisch-caritativen Bereichs: Krankenhäuser, Schulen, Kindergärten, Altenheime. 4. Finanzierungssystem: Kirchensteuer, reine Spendenaufkommen, Staatsleistungen, eigenes Kirchenvermögen. 5. Existiert ein staatliches Datenschutzrecht? Angabe der normativen Grundlagen. 6. Sind Religionsgemeinschaften durch das staatliche Datenschutzrecht erfaßt oder teilweise oder ganz aus seinem Regelungsbereich ausgenommen? 7. Gibt es ein eigenes Datenschutzrecht der Religionsgemeinschaften? Angabe der normativen Grundlagen. 8. Gibt es Sonderregelungen des staatlichen Datenschutzrechts für religionsrelevante Daten? Zugehörigkeit zu einer Religionsgemeinschaft, religiöse Überzeugungen, Statistik, Meldewesen, Kirchenfinanzierung. Angabe der normativen Grundlagen. 9. In welchen Bereichen berühren sich Staat und Kirche in Bezug auf den Datenschutz? Z.B.: Finanzierung von Religionsgemeinschaften - insbesondere: Kirchensteuereinzug, Statistik, Aufnahme in caritativ-diakonische Einrichtungen, Militärseelsorge, Schulzugehörigkeit, Religionsunterricht, Meldewesen, Eherecht bei kirchlichen Eheschließungen, Kirchenaustritt. 10. Könnten die sozial besonders relevanten Religionsgemeinschaften ein staatliches Datenschutzrecht für ihren Bereich akzeptieren i m Blick auf den Richtlinienentwurf? Insbesondere: staatliche Aufsichtsbehörde, NichtVerarbeitung religionsrelevanter Daten, Ausnahmevorschrift bei öffentlichem Interesse (Art. 8 RL)."

188

Gerhard Robbers

Die Schwierigkeiten der Verknüpfung beider Regelungsbereiche werden gerade dann deutlich, wenn darauf hingewiesen wird, daß der Richtlinienvorschlag der Kommission nicht das Verhältnis Kirche-Staat regeln, sondern allgemeine Regeln des Datenschutzes in Europa aufstellen will. Dabei müssen auch die indirekten Auswirkungen berücksichtigt werden, die die Verwirklichung dieses Regelungsziels auf andere Lebensbereiche besitzt. Immer wieder wird deutlich, daß neben anderen besonders die Religionszugehörigkeit, der persönliche religiöse Glaube als sensibles Datum aufgefaßt wird 2. Soweit ersichtlich besitzen nur die Kirchen in der Bundesrepublik Deutschland ein eigenes, ausgefeiltes Datenschutzrecht. Davon abgesehen bleibt freilich für die katholische Kirche in der gesamten Europäischen Union die Regelung des can. 220 CIC bestehen. Eine wichtige Problematik dürfte sowohl für die katholische als auch für die evangelischen Kirchen in der Europäischen Union gelten. Soweit die Kirchen nur dazu befugt wären, die religiösen Daten ihrer eigenen Mitglieder zu verarbeiten, entsteht ein Konflikt zwischen verschiedenen Mitgliedschaftsverständnissen. Wer aus der Kirche austritt, mag aus der Sicht des staatlichen Rechts nicht mehr Mitglied dieser Kirche sein. Er könnte dann seine Zustimmung zur Verarbeitung seiner religiösen Daten widerrufen; diese Daten müßten gegebenenfalls gelöscht werden. Nach kirchlichem Verständnis wird die Mitgliedschaft jedoch durch die Taufe begründet und kann als solche aus theologischen Gründen niemals aufgegeben werden. Das datenschutzrechtliche Verbot, Taufverzeichnisse zu führen auch über Personen, die nachträglich aus der Kirche ausgetreten sind, würde die Religionsfreiheit der Kirche selber verletzen. Ein weiteres Problem ergibt sich aus dem kirchlichen Eherecht der katholischen Kirche. Hier muß die Religionszugehörigkeit des katholischen Ehepartners verarbeitet werden können, auch wenn dieser nicht Mitglied der katholischen Kirche ist; andernfalls wäre das Verfahren etwa zur Aufhebung einer kirchlich geschlossenen Ehe gefährdet 3. Hingewiesen wird auch auf das Problem des kirchlichen Arbeitgebers, der die Religionszugehörigkeit seines Arbeitnehmers kennen muß4.

2 3 4

Belgien, Frankreich. Torfs, S. 24. Torfs, S. 26.

Generalbericht: Datenschutzrecht in der Europäischen Union und die Kirchen

189

Verschiedentlich wird die Kompetenz der Europäischen Union zur Regelung des Datenschutzrechts im kirchlichen Bereich und Mitwirkung für die Kirchen bezweifelt 5. Erhebliche Bedenken löst die Befugnis der Überwachungsbehörde aus, in die Datenbestände und Datenverarbeitungsprozesse von Kirchen einzugreifen. Dies wird als Eingriff in das Selbstbestimmungsrecht der Religionsgemeinschaften angesehen6. Besondere Aufmerksamkeit dürfen die Niederlande beanspruchen. Hier ist jüngst ein Datenschutzgesetz eingeführt worden, das unmittelbar auch innerkirchliche Datenschutzfragen regelt. Die hierbei gesammelten Erfahrungen zeigen, daß die Nichtberücksichtigung kirchlicher Autonomie zu Konsequenzen führen kann, die nachteilig für die kirchliche Arbeit sind, ohne durch Notwendigkeiten des Freiheitsschutzes Betroffener erforderlich zu sein. Auch wird gefordert, die Kirchen vom Regelungsbereich der Richtlinie auszunehmen, jedenfalls spezifische Garantien für die kirchliche Datenverarbeitung vorzusehen. Zu Recht wird darauf aufmerksam gemacht, daß die schlichte Nichtberücksichtigung religiöser Interessen die gesellschaftliche Realität der Religion, die Existenz unterschiedlicher Religionen und religiöser Strömungen verkennt.

5 6

Motilla, S. 69 f. Z.B. Motilla, S. 69.

Autorenverzeichnis Bacelar Gouveia, Jorge, Assistant Professor at the Faculty of Law, Universidade des Lisboa, Portugal. van Bijsterveld, Sophie C., Dr., Universitair hoofddocent staatsrecht, Universität Tilburg, Netherlands. Carblanc, Anne, magistrat, secretaire général de la Commission nationale de l'informatique et des libertés, General Secretary of CNIL, Paris, France. Doe, Norman , Dr. in Law, Lecturer, Cardiff Law School, University of Wales, United Kingdom. Duffar,

Jean, Professeur à la Faculté de Droit de Paris-Saintmaur, Paris, France.

Ferrari, Silvio , Professore di Diritto Ecclesiastico, Facoltà di Giurisprudenza, Università di Milano, Italy. Kerr, Anthony, M . A . (Dub.), L L . M . (Lond.) of King's Inns, Barrister Statutory Lecturer in Law, University College Dublin, Ireland. Kopp, Ferdinand J., Dr. iur., Europäische Kommission, Brüssel, Belgium. Motilla, Agustin , Dr. in Law, Professor Titular de Derecho Eclesiâstico del Estado, University of Alcalâ des Henares, Madrid, Spain. Pauly, Alexis , Dr., Professeur Maastricht, Netherlands.

associé à l'Institut Européen d'Administration

Publique,

Robbers, Gerhard , Dr. iur., Professor fur Öffentliches Recht, Kirchenrecht, Staatsphilosophie und Verfassungsgeschichte, Universität Trier, Germany. Spyropoulos, Philippos C., Dr. Universität Athen, Greece.

iur.,

LL.M.,

Assistenzprofessor

ftir

Verfassungsrecht,

Stenbœk, Jorgen, Dr., ass. Professor am Institut for Kirkehistorie, Vorsitzender der Gesellschaft fur Kirchenrecht, Det teologiske Fakultet, Aarhus Universitet, Denmark. Torfs, Rik, Dr. in canon law, Licentiate in law, Prof. of canon law and Church-State relations, Katholieke Universiteit Leuven, Belgium.