How to File a Cybercrime Case Against Online Lending Apps for Harassment

Introduction

Online lending apps have become common in the Philippines because they offer quick loans with minimal paperwork. However, many borrowers report abusive collection practices, including threats, public shaming, repeated calls, unauthorized access to contacts, disclosure of debts to family members or employers, and defamatory messages sent through text, social media, or messaging apps.

When harassment is committed through phones, messaging platforms, email, social media, or other digital means, the conduct may fall under Philippine cybercrime laws, privacy laws, consumer protection rules, lending regulations, and criminal statutes. A victim may file complaints before law enforcement agencies, regulators, and, in proper cases, the prosecutor’s office.

This article discusses the legal remedies available in the Philippine context, the evidence needed, where to file, what laws may apply, and how to prepare a strong complaint against online lending apps and their collection agents.

I. Common Harassment Practices by Online Lending Apps

Harassment by online lending apps often includes one or more of the following acts:

  1. Threatening messages or calls Examples include threats of arrest, imprisonment, physical harm, public humiliation, or legal action that is false, exaggerated, or abusive.

  2. Contacting people in the borrower’s phonebook Some apps access the borrower’s contacts and message relatives, friends, coworkers, employers, or clients.

  3. Public shaming This includes posting the borrower’s name, photo, debt details, or accusations on social media, group chats, or public platforms.

  4. False accusations Borrowers may be called “scammers,” “fraudsters,” “thieves,” or similar defamatory labels.

  5. Data privacy violations Lending apps may collect, use, disclose, or store personal information without proper consent or beyond what is necessary.

  6. Repeated and abusive collection calls Excessive calling, calling at unreasonable hours, or using abusive language may support a complaint.

  7. Impersonation or fake legal threats Some collectors pretend to be lawyers, police officers, court personnel, or government officers.

  8. Sending edited photos or humiliating graphics Some victims report edited images, memes, or posters circulated to shame borrowers.

  9. Threats to contact employers or ruin employment Telling a borrower that the app will report them to HR, have them terminated, or destroy their reputation may be evidence of harassment.

  10. Unauthorized use of personal data This may involve accessing contact lists, photos, government IDs, selfies, addresses, employment data, or references beyond legitimate lending purposes.

II. Is Non-Payment of a Loan a Crime?

As a general rule, failure to pay a debt is not, by itself, a criminal offense in the Philippines. The Constitution prohibits imprisonment for debt. A lender may pursue legitimate civil remedies, such as collection or filing a civil case, but it may not use harassment, threats, defamation, or unlawful disclosure of personal information to collect payment.

However, separate criminal liability may arise if there is fraud, falsification, identity theft, or other criminal conduct. But mere inability to pay a loan does not give an online lending app or its collectors the right to threaten, shame, or harass the borrower.

III. Laws That May Apply

Several Philippine laws may apply depending on the facts.

A. Cybercrime Prevention Act of 2012

The Cybercrime Prevention Act may apply when unlawful acts are committed through information and communications technology, such as mobile phones, text messages, messaging apps, social media, email, websites, or online platforms.

Possible cybercrime-related offenses include:

1. Cyber Libel

Cyber libel may apply when defamatory statements are made online or through digital platforms. If collectors send messages to other people accusing the borrower of being a criminal, scammer, thief, or fraudster, and the statements damage the borrower’s reputation, the victim may consider filing a cyber libel complaint.

Cyber libel generally requires:

  • an imputation of a crime, vice, defect, act, condition, status, or circumstance;
  • publication to a third person;
  • identification of the offended party; and
  • malice.

If the defamatory statement is sent to relatives, employers, coworkers, group chats, or posted publicly, the publication element may be present.

2. Cyber Harassment-Related Conduct

The Cybercrime Prevention Act does not use the phrase “cyber harassment” as a standalone offense in the same way some people use it casually. However, harassment done through electronic means may still be prosecuted if the acts fall under cyber libel, unjust vexation through electronic means, threats, identity theft, illegal access, data interference, misuse of devices, or other offenses committed using technology.

3. Identity Theft or Misuse of Personal Information

If collectors use another person’s identity, create fake accounts, impersonate government officers, or misuse personal data obtained through the app, cybercrime and data privacy issues may arise.

B. Revised Penal Code

Even if the harassment is done online, traditional crimes under the Revised Penal Code may still apply.

1. Grave Threats, Light Threats, or Other Threats

Threats may be charged when a collector threatens to cause harm, accuse the borrower of a crime, expose them to public shame, or perform an unlawful act unless payment is made.

Examples:

  • “We will post your face online if you do not pay today.”
  • “We will tell your employer you are a criminal.”
  • “We will send people to your house.”
  • “You will be arrested today if you do not pay.”

The exact offense depends on the wording, seriousness, condition imposed, and surrounding facts.

2. Coercion

Coercion may apply when a person is forced to do something against their will through violence, intimidation, or threats. If the collection tactic pressures a borrower into payment through unlawful intimidation, coercion may be considered.

3. Unjust Vexation

Unjust vexation may apply to conduct that causes annoyance, irritation, distress, torment, or disturbance without lawful justification. Repeated abusive calls, insulting messages, and humiliating tactics may fall under this depending on the facts.

4. Slander or Oral Defamation

If defamatory statements are spoken to third persons, such as through calls to relatives or employers, oral defamation may be considered.

5. Libel

If defamatory statements are made in writing, print, or similar means, traditional libel may apply. If the defamatory publication is made online or through computer systems, cyber libel may be more directly applicable.

C. Data Privacy Act of 2012

The Data Privacy Act is highly relevant to online lending app harassment because many complaints involve unauthorized access, processing, sharing, or disclosure of personal information.

Online lending apps commonly collect:

  • full name;
  • address;
  • mobile number;
  • email address;
  • government IDs;
  • selfies;
  • employment information;
  • bank or e-wallet details;
  • emergency contacts;
  • phone contacts;
  • device information;
  • photos or files stored on the device.

Processing personal information must generally comply with principles of transparency, legitimate purpose, and proportionality.

Possible Data Privacy Violations

A lending app may violate data privacy rules if it:

  1. collects more data than necessary;
  2. accesses the borrower’s contact list without valid and informed consent;
  3. uses contact information for public shaming or harassment;
  4. discloses the borrower’s debt to third persons;
  5. sends defamatory messages to the borrower’s contacts;
  6. stores or uses personal data beyond the legitimate lending purpose;
  7. fails to provide a clear privacy notice;
  8. refuses to delete or correct unlawfully processed data;
  9. shares personal data with unauthorized collection agents;
  10. uses personal information for threats, humiliation, or coercion.

A complaint may be filed with the National Privacy Commission for misuse of personal data.

D. Lending Company Regulation Act and SEC Rules

Online lending platforms operating as lending companies or financing companies may be subject to regulation by the Securities and Exchange Commission.

The SEC has issued rules and advisories against unfair debt collection practices. Lending and financing companies may be held accountable for abusive collection methods, including threats, harassment, use of obscenities, disclosure of names and personal information, false representations, and contacting third persons in a manner that invades privacy.

A borrower may file a complaint with the SEC if the lending app is a registered lending company, financing company, or an entity operating under SEC jurisdiction. Even if the entity is unregistered, the SEC may still receive reports involving unauthorized lending activities.

E. Consumer Protection Laws

Borrowers may also raise consumer protection concerns if the lending app uses deceptive, unfair, abusive, or unconscionable practices. Misleading interest rates, hidden charges, deceptive loan terms, automatic renewals, excessive penalties, and oppressive collection methods may support administrative complaints.

Depending on the nature of the lender and transaction, complaints may involve the SEC, Bangko Sentral ng Pilipinas, Department of Trade and Industry, National Privacy Commission, or law enforcement agencies.

IV. Where to File Complaints

A victim may file in more than one office depending on the issue.

A. Philippine National Police Anti-Cybercrime Group

The PNP Anti-Cybercrime Group investigates cybercrime complaints, including online threats, cyber libel, identity misuse, and harassment through digital platforms.

A victim may go to a PNP cybercrime office and submit evidence such as screenshots, messages, call logs, URLs, account names, phone numbers, and affidavits.

B. National Bureau of Investigation Cybercrime Division

The NBI Cybercrime Division also investigates cybercrime offenses. Victims may file complaints involving online harassment, cyber libel, threats, fake accounts, and other technology-enabled offenses.

C. Office of the City or Provincial Prosecutor

Criminal complaints may be filed before the prosecutor’s office. The prosecutor evaluates the complaint, affidavits, and evidence to determine probable cause. If probable cause exists, an information may be filed in court.

For cybercrime-related offenses, law enforcement assistance is often useful before filing with the prosecutor because digital evidence may need preservation, tracing, or technical verification.

D. National Privacy Commission

If the issue involves misuse, unauthorized disclosure, excessive collection, or unlawful processing of personal information, a complaint may be filed with the National Privacy Commission.

This is especially relevant when:

  • the app accessed the borrower’s contacts;
  • the app messaged people in the borrower’s phonebook;
  • the app disclosed the debt to third persons;
  • the app used the borrower’s photo, ID, address, or employer details for harassment;
  • the app failed to explain how personal data would be used.

E. Securities and Exchange Commission

A complaint may be filed with the SEC if the online lending app, lending company, financing company, or collection agent engaged in abusive, unfair, or unlawful debt collection practices.

The SEC may impose administrative sanctions, including penalties, suspension, or revocation of authority, depending on the violation.

F. Barangay or Local Police

For immediate threats, personal safety concerns, or harassment occurring offline, the victim may also seek assistance from the barangay or local police. However, for cyber-related conduct, specialized cybercrime units are usually more appropriate.

V. Evidence Needed

Evidence is critical. A complaint is stronger when the victim preserves clear, complete, and organized proof.

A. Screenshots

Take screenshots of:

  • text messages;
  • chat messages;
  • social media posts;
  • comments;
  • group chat messages;
  • emails;
  • app notifications;
  • caller ID logs;
  • threats;
  • defamatory statements;
  • messages sent to third persons.

Screenshots should show:

  • date and time;
  • sender’s number, username, profile, or account name;
  • full message content;
  • URL, if applicable;
  • group name or platform;
  • visible recipient details, if relevant.

Avoid cropping out important details unless privacy requires it. Keep the original files.

B. Screen Recordings

Screen recordings can help show that the messages came from a particular account or number and were not fabricated. Record the process of opening the app, chat, profile, or message thread.

C. Call Logs

Save call logs showing:

  • number used;
  • date and time;
  • frequency of calls;
  • duration of calls.

If calls were threatening, write a detailed note immediately after each call stating what was said, who spoke, and any identifying details.

D. Audio Recordings

Audio recordings may be useful, but their admissibility and legality can be sensitive. The Philippines has laws against unauthorized recording of private communications. A complainant should seek legal advice before relying on recorded calls. Even if a recording exists, the complaint can still proceed using call logs, affidavits, screenshots, and witness statements.

E. Witness Affidavits

If the lending app contacted relatives, friends, coworkers, employers, or other third persons, ask them to prepare affidavits stating:

  • what message they received;
  • from whom it came;
  • when it was received;
  • what was said;
  • how they know the borrower;
  • whether they were shown the borrower’s name, photo, debt, or personal information.

Witnesses should preserve their own screenshots and devices.

F. Loan Documents and App Records

Keep copies of:

  • loan agreement;
  • disclosure statement;
  • payment schedule;
  • interest and penalty computation;
  • app screenshots;
  • privacy policy;
  • terms and conditions;
  • proof of disbursement;
  • proof of payments;
  • collection notices;
  • names of collection agencies;
  • customer service replies.

G. App Permissions and Privacy Settings

Take screenshots showing the permissions requested or used by the app, such as access to:

  • contacts;
  • camera;
  • photos;
  • location;
  • storage;
  • microphone;
  • SMS;
  • call logs.

This may help show excessive or unnecessary data access.

H. Proof of Harm

Gather evidence of damage, such as:

  • employer warnings;
  • HR complaints;
  • emotional distress;
  • medical consultations;
  • business loss;
  • reputational harm;
  • social media exposure;
  • family conflict;
  • anxiety or fear caused by threats.

For civil damages or criminal complaints involving defamation and harassment, proof of harm may be important.

VI. How to Prepare the Complaint

A strong complaint should be factual, chronological, and supported by evidence.

A. Identify the Respondents

Respondents may include:

  • the online lending app;
  • the registered company operating the app;
  • collection agency;
  • individual collection agents;
  • account names or phone numbers used;
  • officers of the company, when legally appropriate.

If the collector’s real name is unknown, identify them by mobile number, account name, username, email address, or other available details.

B. State the Facts Chronologically

The complaint should tell the story in order:

  1. when the loan was obtained;
  2. amount borrowed;
  3. amount received;
  4. repayment terms;
  5. payments made, if any;
  6. when collection started;
  7. what harassment occurred;
  8. who received the messages;
  9. what personal data was disclosed;
  10. what threats were made;
  11. what harm resulted.

Avoid exaggeration. Stick to facts that can be proven.

C. Attach Evidence Properly

Label attachments clearly:

  • Annex “A” – Screenshot of threatening message dated ___
  • Annex “B” – Screenshot of message sent to borrower’s employer
  • Annex “C” – Call log from collector’s number
  • Annex “D” – Screenshot of app permissions
  • Annex “E” – Witness affidavit of coworker
  • Annex “F” – Loan agreement
  • Annex “G” – Proof of payment

Each allegation in the complaint should refer to the relevant annex.

D. Prepare a Sworn Statement or Complaint-Affidavit

A criminal complaint usually requires a sworn complaint-affidavit. It must be signed before a prosecutor, notary public, or authorized officer.

The affidavit should include:

  • complainant’s personal details;
  • respondent’s details, if known;
  • statement of facts;
  • specific unlawful acts;
  • evidence attached;
  • request for investigation and prosecution.

E. Preserve Original Evidence

Do not delete messages, uninstall the app without preserving data, or throw away the SIM card. Keep the device, screenshots, backups, and original files.

Digital evidence is more credible when the original source remains available for verification.

VII. Sample Complaint Structure

A complaint-affidavit may follow this structure:

Republic of the Philippines City/Province of ________ Office of the City/Provincial Prosecutor or PNP Anti-Cybercrime Group / NBI Cybercrime Division / National Privacy Commission / Securities and Exchange Commission

Complainant: Name, address, contact details

Respondent: Name of lending app, company, collection agency, phone numbers, account names, or unknown persons

Subject: Complaint for Cyber Libel, Threats, Unjust Vexation, Violation of the Data Privacy Act, and other applicable laws

Statement of Facts:

  1. I am the complainant in this case.
  2. On or about ___, I obtained a loan from ___ through its mobile application.
  3. The amount borrowed was ₱, but the actual amount received was ₱ after deductions.
  4. The due date was ___.
  5. On ___, I received messages from number/account ___ demanding payment.
  6. The messages contained threats, insults, and defamatory statements.
  7. On ___, my relative/friend/employer ___ received a message stating ___.
  8. The message disclosed my personal information and debt without my consent.
  9. Copies of the messages are attached as Annexes “A” to “__.”
  10. Because of these acts, I suffered fear, humiliation, anxiety, reputational damage, and disturbance.

Applicable Offenses:

Based on the acts described, the respondents may be liable for cyber libel, threats, unjust vexation, coercion, violation of the Data Privacy Act, unfair debt collection practices, and other offenses as may be determined by the investigating authority.

Prayer:

WHEREFORE, I respectfully request that this complaint be investigated and that appropriate criminal, civil, and administrative charges be filed against the respondents.

Signature Complainant

Jurat / Verification Subscribed and sworn to before me this ___ day of ___.

VIII. Filing a Cybercrime Complaint: Step-by-Step

Step 1: Secure All Evidence

Before confronting the lending app, collect all available evidence. Save screenshots, screen recordings, call logs, app details, payment records, and witness statements.

Step 2: Identify the App and Company

Search within the app, loan agreement, text messages, privacy policy, and payment instructions for:

  • company name;
  • SEC registration number;
  • business address;
  • email address;
  • customer service number;
  • collection agency name;
  • payment channels;
  • bank or e-wallet recipient.

The legal respondent is often the company operating the app, not merely the app name.

Step 3: Write a Timeline

Prepare a simple timeline with dates and events. Example:

  • March 1 – Loan obtained from app
  • March 5 – First collection message received
  • March 6 – Collector threatened to post my photo
  • March 7 – Collector messaged my employer
  • March 8 – Collector posted my name in a group chat

A clear timeline helps investigators understand the pattern of harassment.

Step 4: Prepare the Complaint-Affidavit

State facts clearly and attach evidence. The complaint should not merely say “I was harassed.” It should quote or describe the actual words used, identify who received them, and attach proof.

Step 5: File with the Proper Office

Depending on the case, file with:

  • PNP Anti-Cybercrime Group for cyber harassment, threats, cyber libel, fake accounts, or online abuse;
  • NBI Cybercrime Division for cybercrime investigation;
  • Office of the Prosecutor for preliminary investigation of criminal offenses;
  • National Privacy Commission for misuse or unlawful disclosure of personal data;
  • Securities and Exchange Commission for abusive lending or collection practices.

Step 6: Cooperate with the Investigation

Investigators may ask for:

  • your phone;
  • screenshots;
  • original messages;
  • account links;
  • SIM details;
  • affidavits of witnesses;
  • additional proof of identity;
  • proof of loan and payments.

Respond promptly and keep copies of everything submitted.

Step 7: Attend Hearings or Clarificatory Proceedings

For criminal complaints, the prosecutor may require counter-affidavits from respondents and reply-affidavits from complainants. Attend all required proceedings and submit documents on time.

IX. Complaints Before the National Privacy Commission

A complaint before the National Privacy Commission is appropriate when the lending app misused personal information.

A. Grounds for NPC Complaint

Grounds may include:

  • unauthorized access to phone contacts;
  • disclosure of debt to third persons;
  • use of personal photos or IDs for shaming;
  • excessive collection of personal data;
  • failure to provide a valid privacy notice;
  • processing personal data for harassment;
  • sharing information with unauthorized collectors;
  • refusal to stop unlawful processing.

B. What to Include

The complaint should include:

  • complainant’s identity;
  • lending app and company name;
  • description of personal data collected;
  • how the data was misused;
  • screenshots of messages sent to third persons;
  • privacy policy or app permission screenshots;
  • proof that the app contacted people from the phonebook;
  • harm suffered.

C. Reliefs That May Be Requested

The complainant may request:

  • investigation;
  • order to stop unlawful processing;
  • deletion or correction of data;
  • administrative penalties;
  • recommendation for prosecution, when warranted;
  • other appropriate relief.

X. Complaints Before the SEC

A complaint before the SEC is useful when the lending or financing company uses abusive collection practices.

A. Acts That May Be Reported

Reportable acts may include:

  • use of threats or violence;
  • use of obscene or insulting language;
  • disclosure of borrower information to third persons;
  • false representation that non-payment is a criminal offense;
  • pretending to be connected with courts, police, or government offices;
  • excessive or unreasonable collection calls;
  • public shaming;
  • unfair or deceptive loan terms;
  • operating without proper authority.

B. Evidence for SEC Complaints

Attach:

  • screenshots of threats and messages;
  • call logs;
  • loan agreement;
  • app screenshots;
  • SEC registration details, if available;
  • proof of payment;
  • privacy policy;
  • names of collection agents;
  • messages sent to third persons.

The SEC process is administrative, but the same facts may also support criminal or privacy complaints.

XI. Cyber Libel Against Online Lending Apps

Cyber libel is one of the most common legal theories when collectors shame borrowers online or through digital messages.

A. Examples That May Support Cyber Libel

Cyber libel may be considered when collectors send messages like:

  • “This person is a scammer.”
  • “This borrower is a thief.”
  • “Do not trust this employee; they commit fraud.”
  • “Wanted: debtor who refuses to pay.”
  • “This person used fake documents,” if untrue.
  • “This person is a criminal,” if baseless.

The statement must be defamatory and communicated to someone other than the borrower.

B. Private Message to Borrower Alone

If the insult or threat is sent only to the borrower, cyber libel may be harder to establish because libel requires publication to a third person. However, the act may still support complaints for threats, unjust vexation, coercion, or harassment-related conduct.

C. Message to Employer, Family, or Group Chat

If the collector sends defamatory messages to the borrower’s employer, family, friends, coworkers, or group chats, publication is clearer. Screenshots from the recipients are important.

XII. Threats and Coercion

Debt collection becomes unlawful when it crosses from demand into intimidation.

A. Examples of Threats

Statements such as the following may be relevant:

  • “We will post your face online.”
  • “We will report you to your employer as a scammer.”
  • “You will be arrested today.”
  • “Police will come to your house.”
  • “We will ruin your reputation.”
  • “We will message all your contacts.”
  • “We will expose your family.”
  • “We will make you viral.”

Some threats may be false legal threats. Others may be threats to commit unlawful acts, such as public shaming or unauthorized disclosure of personal data.

B. False Threat of Arrest

A borrower generally cannot be arrested merely for non-payment of debt. A collector who falsely threatens arrest may be engaging in deceptive, abusive, or coercive collection conduct.

XIII. Data Privacy Issues in Contact-Shaming

One of the most serious practices by online lending apps is “contact-shaming,” where collectors message people from the borrower’s phonebook.

This may violate privacy rights because:

  1. the borrower’s contact list may have been collected beyond what is necessary;
  2. the people contacted did not consent to be involved in the loan;
  3. the borrower’s debt information is personal information;
  4. disclosure to third persons may be unauthorized;
  5. the disclosure may be intended to shame or pressure the borrower;
  6. the use of data may be incompatible with the declared purpose of loan processing.

Even if the borrower agreed to some form of data collection, consent must be informed, specific, and limited to legitimate purposes. Consent to process data for loan evaluation does not automatically mean consent to public shaming, harassment, or disclosure of debt to unrelated persons.

XIV. What to Do Immediately After Harassment Starts

A. Do Not Panic

Collectors may use fear to force immediate payment. Stay calm and preserve evidence.

B. Stop Giving Unnecessary Personal Information

Do not send additional IDs, selfies, passwords, OTPs, banking information, or contact lists.

C. Secure Your Accounts

Change passwords for:

  • email;
  • social media;
  • e-wallets;
  • banking apps;
  • cloud storage;
  • messaging apps.

Enable two-factor authentication.

D. Review App Permissions

Check phone settings and revoke unnecessary permissions, especially access to contacts, photos, location, camera, microphone, SMS, and storage.

E. Notify Contacts

Tell family, friends, and coworkers that they may receive abusive messages from a lending app. Ask them not to engage and to preserve screenshots.

F. Avoid Engaging in Insults

Do not respond with threats or defamatory statements. Keep replies calm, short, and factual. Hostile replies may complicate your own case.

G. Send a Written Demand to Stop Harassment

A borrower may send a message such as:

“Please communicate with me only through lawful and proper channels. I do not authorize you to contact my relatives, employer, coworkers, or other third persons regarding this loan. I also do not authorize the disclosure of my personal information or alleged debt to third persons. Any further threats, public shaming, defamatory statements, or unauthorized processing of my personal data will be reported to the proper authorities.”

Keep a screenshot of the message and proof that it was sent.

XV. Can the Borrower Still Be Required to Pay the Loan?

Yes. Filing a complaint against harassment does not automatically erase a valid debt. The borrower may still be civilly liable for a legitimate loan obligation.

However, the lender’s right to collect does not include the right to:

  • threaten;
  • shame;
  • defame;
  • disclose private information;
  • harass contacts;
  • impersonate authorities;
  • use abusive language;
  • violate data privacy laws;
  • impose unlawful or undisclosed charges.

The legal issue should be separated into two parts:

  1. Debt obligation – whether the borrower owes money and how much.
  2. Collection misconduct – whether the lender or collectors violated the law.

A borrower may dispute excessive interest, hidden charges, unlawful penalties, or unfair loan terms while still addressing harassment separately.

XVI. What If the Lending App Is Unregistered?

If the lending app is unregistered or operating without proper authority, that fact should be reported to the SEC and law enforcement. Include screenshots of the app, app store listing, website, loan documents, payment accounts, and messages.

Unregistered status does not prevent the borrower from filing criminal, cybercrime, privacy, or administrative complaints.

XVII. What If the Collectors Use Different Numbers?

Collectors often use multiple SIM cards, fake names, and changing accounts. Preserve all numbers and account names. Investigators may still use the pattern of messages, payment channels, app identity, timing, and content to connect the acts to the lending operation.

Prepare a table like this:

Date Time Number/Account Message Summary Evidence
March 5 9:12 AM 09XX-XXX-XXXX Threatened to post my photo Annex A
March 5 10:30 AM Account name Messaged my employer Annex B
March 6 8:01 PM 09XX-XXX-XXXX Called me a scammer in group chat Annex C

XVIII. What If the App Is No Longer Available?

Even if the app has been removed from the app store, the complaint may still proceed if there is enough evidence. Preserve:

  • app screenshots;
  • APK file, if available;
  • app package name;
  • developer name;
  • website;
  • email address;
  • payment account;
  • text messages;
  • privacy policy;
  • loan agreement;
  • customer service replies;
  • phone numbers used by collectors.

XIX. Remedies Available

Depending on the case, the victim may pursue several remedies.

A. Criminal Remedies

Possible criminal complaints include:

  • cyber libel;
  • threats;
  • coercion;
  • unjust vexation;
  • slander or libel;
  • identity-related offenses;
  • other cybercrime-related offenses.

B. Administrative Remedies

Administrative complaints may be filed with:

  • SEC for lending and collection violations;
  • NPC for data privacy violations;
  • other regulators depending on the entity involved.

C. Civil Remedies

The victim may seek damages if the harassment caused:

  • reputational injury;
  • emotional distress;
  • loss of employment opportunity;
  • business damage;
  • humiliation;
  • mental anguish;
  • other compensable harm.

Civil damages may be pursued together with, or separately from, criminal and administrative remedies depending on the circumstances.

XX. Practical Tips for a Stronger Case

  1. Be specific. Do not simply say “they harassed me.” State the exact words, date, sender, recipient, and effect.

  2. Organize evidence. Label every screenshot and match it to the timeline.

  3. Get witnesses. If third persons received messages, their affidavits are powerful.

  4. Preserve original data. Keep the phone, SIM, messages, and app records when possible.

  5. Do not fabricate or edit evidence. Edited screenshots can damage credibility.

  6. File promptly. Delays may make digital evidence harder to trace.

  7. Separate emotion from facts. A complaint should be clear, factual, and evidence-based.

  8. Report to multiple proper agencies when appropriate. Cybercrime, data privacy, and lending regulation issues may require different forums.

  9. Do not ignore legitimate court papers. If a real case is filed, respond through proper legal channels.

  10. Consult a lawyer or legal aid office for serious cases. This is especially important if the harassment involves employers, public posts, threats of physical harm, or significant reputational damage.

XXI. Common Mistakes to Avoid

A. Deleting Messages

Many victims delete messages because they are stressful. This can weaken the case. Preserve everything first.

B. Only Reporting the App Name

The app name may not be enough. Try to identify the company, payment account, email address, website, and collection numbers.

C. Posting Back Online

Publicly accusing the lending app or collector may expose the borrower to counterclaims. It is safer to file complaints with authorities and preserve evidence.

D. Paying Without Documentation

If payment is made, keep receipts, screenshots, reference numbers, and confirmation messages. Demand an official acknowledgment.

E. Ignoring Data Privacy Issues

Many online lending harassment cases are not just debt collection issues. They may also involve unlawful processing and disclosure of personal information.

XXII. Frequently Asked Questions

1. Can I file a case if I really owe the money?

Yes. Owing money does not allow a lender to harass, threaten, shame, defame, or unlawfully disclose personal information.

2. Can they message my contacts?

A lender should not use a borrower’s contact list for harassment, shaming, or unauthorized disclosure of debt. Contacting third persons may raise data privacy, defamation, and unfair collection issues.

3. Can they post my picture online?

Posting a borrower’s photo with accusations or debt details may support complaints for cyber libel, data privacy violations, harassment-related offenses, and unfair debt collection practices.

4. Can I be arrested for not paying an online loan?

As a general rule, no person may be imprisoned merely for debt. However, separate criminal conduct such as fraud or falsification is a different matter. Collectors should not falsely threaten arrest for ordinary non-payment.

5. Can I file against unknown collectors?

Yes. If the real names are unknown, identify them by phone number, account name, email address, screenshots, app name, and other available details. Investigators may help determine identities.

6. Should I file with PNP, NBI, NPC, or SEC?

It depends on the facts. For online threats and cyber libel, PNP ACG or NBI Cybercrime may be appropriate. For misuse of personal data, file with the NPC. For abusive lending or collection practices, file with the SEC. For criminal prosecution, file with the prosecutor’s office.

7. What if the collector claims I consented because I installed the app?

Consent to use an app does not automatically authorize harassment, public shaming, defamatory statements, or disclosure of debt to unrelated third persons. Data processing must still be lawful, fair, transparent, and proportionate.

8. Can I demand deletion of my personal data?

A borrower may invoke data privacy rights where applicable, especially if the data is being unlawfully processed or retained beyond a legitimate purpose. The NPC may be the proper forum for privacy-related relief.

9. What if the app threatens to sue me?

A lender may pursue lawful collection remedies. But threats, lies, public shaming, and unlawful disclosure remain improper. A real court case should be answered properly; fake legal threats should be documented.

10. Can I recover damages?

Possibly, if the harassment caused compensable injury such as reputational damage, emotional distress, business loss, or other harm. The availability of damages depends on evidence and the legal action filed.

XXIII. Sample Evidence Checklist

Before filing, prepare the following:

  • Government ID of complainant
  • Complaint-affidavit
  • Timeline of events
  • Screenshots of threatening messages
  • Screenshots of defamatory posts or messages
  • Screenshots from contacts who received messages
  • Call logs
  • Witness affidavits
  • Loan agreement or app screenshots
  • Proof of amount borrowed and amount received
  • Proof of payments
  • App name and screenshots
  • Company name, if known
  • SEC registration details, if known
  • Privacy policy and terms of use
  • App permission screenshots
  • Phone numbers and account names used by collectors
  • URLs or profile links
  • Proof of harm or damage

XXIV. Sample Demand Message to the Lending App

The borrower may send a written notice such as:

“Please stop all unlawful, abusive, threatening, defamatory, and harassing collection practices. I do not authorize you, your employees, agents, or third-party collectors to contact my relatives, friends, employer, coworkers, or other third persons regarding this loan. I do not authorize the disclosure of my personal information, loan details, photographs, IDs, address, employment information, or alleged debt to any unauthorized person. Please communicate with me only through lawful and proper channels. I am preserving all evidence and will report any further violation to the appropriate authorities, including the PNP Anti-Cybercrime Group, NBI Cybercrime Division, National Privacy Commission, Securities and Exchange Commission, and the Office of the Prosecutor.”

XXV. Sample Complaint Narrative

“I obtained a loan from the online lending application ______ on . The amount shown as approved was ₱, but I received only ₱______ after deductions. The due date was ______.

Beginning on ______, I received repeated calls and messages from numbers associated with the lending app. The messages contained threats and insults, including statements that they would post my photo online and inform my employer that I was a scammer if I failed to pay immediately.

On ______, my coworker, ______, received a message from the number ______ stating that I was a scammer and that I should not be trusted. A screenshot of this message is attached as Annex ‘A.’ On the same day, my relative, ______, received a message disclosing my alleged debt and demanding that they pressure me to pay. A screenshot is attached as Annex ‘B.’

I did not authorize the respondents to disclose my loan information or personal data to my relatives, coworkers, employer, or other third persons. Their acts caused me humiliation, anxiety, fear, and damage to my reputation.

I respectfully request that the respondents be investigated for cyber libel, threats, unjust vexation, coercion, violations of the Data Privacy Act, unfair debt collection practices, and other offenses or violations that may be established by the evidence.”

XXVI. Legal Strategy

A strong case often combines three tracks:

1. Cybercrime Track

Use this for:

  • online threats;
  • defamatory messages;
  • fake accounts;
  • public shaming;
  • digital harassment;
  • identity misuse.

Possible forums:

  • PNP Anti-Cybercrime Group;
  • NBI Cybercrime Division;
  • prosecutor’s office.

2. Privacy Track

Use this for:

  • unauthorized access to contacts;
  • disclosure of debt;
  • misuse of photos, IDs, address, or employment data;
  • excessive data collection;
  • unlawful processing.

Forum:

  • National Privacy Commission.

3. Lending Regulation Track

Use this for:

  • abusive collection;
  • unfair lending terms;
  • false threats of arrest;
  • unauthorized lending operations;
  • hidden charges;
  • oppressive penalties.

Forum:

  • Securities and Exchange Commission.

These tracks may proceed separately because they address different violations.

XXVII. Important Legal Considerations

A. Prescription Periods

Criminal, civil, and administrative actions may be subject to time limits. File promptly and seek legal advice to avoid prescription issues.

B. Jurisdiction and Venue

Cybercrime and criminal complaints may depend on where the complainant resides, where the offense was accessed, where the messages were received, where the respondent operates, or where damage occurred. Law enforcement or the prosecutor can guide the proper venue.

C. Admissibility of Electronic Evidence

Electronic evidence should be authenticated. Preserve originals and metadata where possible. Screenshots are useful, but the device and original messages may be needed.

D. Liability of Companies and Officers

The company, collection agency, individual collectors, and responsible officers may be implicated depending on participation, authorization, negligence, or failure to prevent abusive practices.

E. Settlement

Some cases may be settled, but settlement of the debt does not automatically erase possible criminal, administrative, or privacy violations. Any settlement should be documented clearly and should not require the borrower to waive rights without understanding the consequences.

XXVIII. Conclusion

Online lending apps may collect valid debts only through lawful means. They cannot use threats, public shaming, defamatory messages, unauthorized contact-list access, or unlawful disclosure of personal information. In the Philippines, victims may have remedies under cybercrime law, the Revised Penal Code, the Data Privacy Act, SEC lending regulations, consumer protection rules, and civil law.

A borrower who experiences harassment should preserve evidence, prepare a clear timeline, secure witness statements, identify the app and company, and file complaints with the appropriate agencies. The strongest complaints are specific, well-documented, and supported by original digital evidence.

This article is for general legal information in the Philippine context and is not a substitute for advice from a licensed lawyer who can assess the specific facts of a case.

Disclaimer: This content is not legal advice and may involve AI assistance. Information may be inaccurate.

Privacy Policy

Terms of Use

Lawyer Login

 
 
Privacy Policy         Terms of Use         Lawyer Login