Blog: Will GDPR Really be Scientology's Achilles Heel? - 2018-05-26
The European Union's GDPR (General Data Protection Regulation) suite took effect yesterday, May 25, 2018. We look at what it might mean to Scientology, and how activists might use it as an avenue to bring about positive change in the organization, or, if Scientology is not serious about complying with the rules, how they might be hamstrung (but not shut down) by the GDPR.
I did extensive work on the potential impact of the GDPR on US-based companies in 2016 and early 2017, and this discussion is based on that work as well as other research about earlier investigations by European regulators into Scientology's privacy practices.
Scientology's antiquated paper-based recordkeeping practices, mandated by founder L. Ron Hubbard's holy writ, cannot ever hope to comply with the GDPR. The cult's belief that it's inherently above "wog" law means that it probably won't make a meaningful attempt to comply. That exposes Scientology to the highest level of penalties, a minimum fine of €20 million, reserved for chronic violation of the rules and for not taking them seriously. But while Scientology is exposed, we think regulators will have much larger fish to fry in the early days following GDPR enactment to pay attention to the cult. We discuss the specifics of what will happen when the regulators do turn their eyes onto Scientology's privacy practices in the future.