Harassment by Online Lending Apps: Filing Complaints with the NPC and SEC (Philippines)

Introduction

In the Philippines, the proliferation of online lending applications has provided convenient access to credit for many Filipinos, particularly those underserved by traditional banks. However, this convenience has been marred by widespread reports of harassment tactics employed by some lending apps during debt collection. These tactics often include incessant calls and messages, public shaming on social media, threats of legal action, and unauthorized access to borrowers' personal contacts and data. Such practices not only violate borrowers' rights but also infringe upon data privacy laws and regulations governing fair debt collection.

This article provides a comprehensive overview of harassment by online lending apps within the Philippine legal framework. It examines the relevant laws, defines what constitutes harassment, and details the processes for filing complaints with the National Privacy Commission (NPC) and the Securities and Exchange Commission (SEC). The discussion is grounded in key statutes such as Republic Act No. 10173 (Data Privacy Act of 2012), Republic Act No. 9474 (Lending Company Regulation Act of 2007), and related issuances from regulatory bodies. By understanding these mechanisms, affected individuals can seek redress and contribute to holding errant lenders accountable.

Legal Framework Governing Online Lending and Harassment

The Philippine legal system addresses harassment by online lending apps through a dual regulatory approach focusing on data privacy and financial oversight.

Data Privacy Act of 2012 (Republic Act No. 10173)

Enacted to protect the fundamental human right to privacy, the Data Privacy Act (DPA) regulates the processing of personal information by both public and private entities. Online lending apps, as personal information controllers (PICs) or processors (PIPs), must comply with principles of transparency, legitimate purpose, and proportionality in handling borrowers' data.

Key provisions relevant to harassment include:

  • Section 11: Personal information must be collected for specified and legitimate purposes, with the data subject's consent.
  • Section 12: Processing must be adequate, relevant, and not excessive.
  • Section 13: Sensitive personal information (e.g., financial data, contact lists) requires stricter safeguards.
  • Section 16: Rights of data subjects, including the right to object to processing, access information, and demand rectification or erasure.

Harassment often stems from violations like unauthorized sharing of borrower data with third-party collectors or accessing device contacts without explicit consent, which contravenes these sections.

The NPC, established under the DPA, is the primary agency enforcing these rules. It has issued guidelines, such as NPC Circular No. 2020-04 on the Handling of Complaints Involving Data Privacy Violations, which specifically address complaints against financial institutions, including online lenders.

Lending Company Regulation Act of 2007 (Republic Act No. 9474)

This law regulates lending companies, requiring them to register with the SEC and adhere to ethical standards in operations. SEC Memorandum Circular No. 19, Series of 2019 (Rules and Regulations on the Registration of Lending Companies and Financing Companies), mandates fair and transparent practices.

Relevant to harassment:

  • Lending companies must not engage in unfair collection practices, such as threats, intimidation, or public disclosure of debts.
  • SEC Circular No. 10, Series of 2020, prohibits abusive debt collection methods and requires lenders to respect borrowers' privacy.

The SEC oversees the licensing and operations of online lending platforms, many of which are classified as financing companies under its jurisdiction. Non-compliance can lead to suspension, revocation of licenses, or fines.

Other Pertinent Laws and Regulations

  • Republic Act No. 10175 (Cybercrime Prevention Act of 2012): Addresses cyber-harassment, such as online threats or unauthorized access to data.
  • Republic Act No. 11313 (Safe Spaces Act): Covers harassment in digital spaces, though primarily focused on gender-based issues.
  • Civil Code of the Philippines (Articles 19-21): Provides for damages due to abuse of rights, including moral and exemplary damages for harassment.
  • Bangko Sentral ng Pilipinas (BSP) Circulars: While the BSP regulates banks, some online lenders partner with BSP-supervised entities, extending oversight.

The interplay between these laws ensures that harassment is tackled from both privacy and regulatory angles, with the NPC handling data breaches and the SEC focusing on operational misconduct.

What Constitutes Harassment by Online Lending Apps?

Harassment in the context of online lending refers to aggressive, intrusive, or unethical debt collection practices that cause distress, embarrassment, or harm to borrowers. Common forms include:

  1. Excessive Communication: Repeated calls, texts, or emails at unreasonable hours (e.g., late at night or multiple times a day), often using automated systems.
  2. Threats and Intimidation: Warnings of arrest, lawsuits, or physical harm without legal basis, or threats to contact employers/family.
  3. Public Shaming: Posting borrowers' details, photos, or debt information on social media or public forums.
  4. Unauthorized Data Access and Sharing: Accessing phone contacts, gallery, or location data without consent and contacting third parties (e.g., friends, relatives) to pressure repayment.
  5. False Representations: Posing as law enforcement or government officials to coerce payment.
  6. Discriminatory or Abusive Language: Use of profane, derogatory, or discriminatory remarks based on gender, ethnicity, or status.

These acts often violate the DPA's data processing principles and the SEC's fair collection guidelines. The NPC has classified such behaviors as "privacy-invasive debt collection practices" in advisories, noting that they disproportionately affect vulnerable groups like low-income earners.

To establish harassment, victims should document incidents with screenshots, call logs, messages, and timestamps, as evidence is crucial for complaints.

Role of the National Privacy Commission (NPC) in Addressing Harassment

The NPC serves as the watchdog for data privacy, investigating complaints related to misuse of personal information by online lenders.

Grounds for Filing with the NPC

Complaints typically allege:

  • Unauthorized collection or processing of data (e.g., scraping contacts).
  • Breach of confidentiality (e.g., sharing debt details with unauthorized parties).
  • Failure to provide data subject rights, such as deletion requests.

Under NPC Advisory No. 2020-04, harassment via data misuse is a priority area, especially post-COVID when online lending surged.

Procedure for Filing a Complaint with the NPC

  1. Preparation: Gather evidence, including loan agreements, app permissions, harassment records, and proof of data breach (e.g., messages to contacts).
  2. Filing Options:
    • Online: Via the NPC website (privacy.gov.ph) using the e-Complaint Form.
    • Email: Send to complaints@privacy.gov.ph.
    • In-Person: At the NPC office in Pasay City or regional offices.
  3. Required Information:
    • Complainant's details (name, address, contact).
    • Respondent's details (lending app name, company, address if known).
    • Description of the violation, including dates and specifics.
    • Supporting documents (scanned or attached).
  4. Processing:
    • Acknowledgment within 5 working days.
    • Preliminary evaluation to determine if prima facie case exists.
    • If accepted, mediation or full investigation follows.
    • Timeline: Resolution within 6 months, extendable.
  5. Fees: None; complaints are free.

Possible Outcomes and Remedies

  • Administrative Sanctions: Fines up to PHP 5 million per violation, depending on severity.
  • Cease and Desist Orders: Halting unlawful practices.
  • Referral: To other agencies like the SEC or DOJ for criminal prosecution.
  • Compensation: Data subjects may seek damages through civil courts, with NPC findings as evidence.

The NPC has handled thousands of such complaints, leading to blacklisting of rogue apps and partnerships with app stores for removal.

Role of the Securities and Exchange Commission (SEC) in Addressing Harassment

The SEC regulates the corporate aspects of lending companies, ensuring compliance with ethical standards.

Grounds for Filing with the SEC

Complaints focus on:

  • Unregistered or unlicensed operations.
  • Unfair debt collection practices violating SEC rules.
  • Misrepresentation or fraud in lending terms.

SEC Memorandum Circular No. 18, Series of 2019, requires lenders to adopt a Code of Ethics prohibiting harassment.

Procedure for Filing a Complaint with the SEC

  1. Preparation: Collect loan documents, payment proofs, harassment evidence, and company registration details (verifiable via SEC website).
  2. Filing Options:
    • Online: Through the SEC eSPARC portal (sec.gov.ph) or email to cgfd_md@sec.gov.ph.
    • In-Person: At SEC headquarters in Pasay City or extension offices.
  3. Required Information:
    • Similar to NPC: Complainant and respondent details, violation description, evidence.
    • Specify if the lender is registered (check SEC's list of authorized lending companies).
  4. Processing:
    • Acknowledgment and initial assessment.
    • Investigation, possibly including hearings.
    • Timeline: Varies, but aims for prompt resolution.
  5. Fees: Minimal or none for consumer complaints.

Possible Outcomes and Remedies

  • Revocation or Suspension: Of corporate registration or license.
  • Fines: Up to PHP 1 million or more.
  • Blacklisting: Publication on SEC's list of unauthorized entities.
  • Referral: To BSP, NPC, or law enforcement.
  • Restitution: Orders for refund or debt adjustment.

The SEC has revoked licenses of numerous online lenders for harassment, emphasizing consumer protection.

Dual Filing: Complaining to Both NPC and SEC

Victims can file with both agencies simultaneously, as jurisdictions overlap (data privacy vs. operational regulation). Coordination between NPC and SEC is common, with MOUs facilitating information sharing. For instance, a data breach complaint to NPC may trigger SEC review of licensing.

Additional Remedies and Support

Beyond NPC and SEC:

  • Department of Justice (DOJ): For criminal charges under cybercrime laws.
  • Integrated Bar of the Philippines (IBP): Free legal aid for indigent complainants.
  • Consumer Protection: File with the Department of Trade and Industry (DTI) for unfair trade practices.
  • Civil Suits: Seek damages in court, using agency findings as basis.
  • Class Actions: Possible for widespread violations.

Support groups like the Credit Information Corporation and financial literacy programs from BSP offer guidance.

Prevention and Best Practices

To avoid harassment:

  • Borrow only from SEC-registered apps (verify via SEC website).
  • Read privacy policies and app permissions carefully.
  • Use separate devices or apps for lending to limit data access.
  • Report immediately upon first signs of harassment.
  • Maintain records of all transactions.

Regulatory bodies continue to enhance protections, such as mandatory privacy impact assessments for lenders.

Conclusion

Harassment by online lending apps represents a significant challenge in the Philippine financial landscape, but robust legal mechanisms through the NPC and SEC empower victims to seek justice. By filing complaints, individuals not only protect their rights but also deter future violations, fostering a safer digital lending environment. Prompt action, thorough documentation, and awareness of rights are key to effective redress. For ongoing developments, monitoring official issuances from these agencies is advisable.

Disclaimer: This content is not legal advice and may involve AI assistance. Information may be inaccurate.

Privacy Policy

Terms of Use

Lawyer Login

 
 
Privacy Policy         Terms of Use         Lawyer Login