How to File Complaints for Online Loan Harassment and Threats in the Philippines

Overview: what “online loan harassment” looks like

In the Philippines, harassment linked to online loans (often from online lending apps or “OLAs”) commonly includes:

  • Relentless calls/texts at all hours, sometimes using multiple numbers or spoofed caller IDs
  • Threats of arrest, warrants, or “police/NBI” action for nonpayment
  • Public shaming: posting your name/photo online, tagging you, or sending “wanted” posters to contacts
  • Contacting your phonebook (family, friends, coworkers) to pressure you
  • Doxxing: revealing your address, workplace, ID details, or other personal data
  • Threats of violence, death, or sexual harm
  • Defamation: calling you a scammer, thief, or criminal publicly or to your contacts
  • Extortion-style threats: “Pay or we will post your photos/contacts/messages”

Some collection efforts are allowed (lawful demand for payment), but many tactics used by abusive collectors are illegal—especially where there are threats, public humiliation, or misuse of personal data.

Key legal principle: nonpayment of debt is not a crime

The Philippine Constitution prohibits imprisonment for nonpayment of debt. As a result:

  • A lender/collector cannot lawfully threaten arrest simply because you are behind on payments.
  • Police/NBI “warrants” are not issued by collectors. Warrants come from courts after proper proceedings.
  • However, fraud-related conduct (e.g., falsifying identity/documents, deceit at the outset) can be treated differently under criminal laws. Most abusive collection cases, though, involve illegal collection tactics, not valid criminal liability for debt.

The Philippine laws most often used against abusive online lenders/collectors

1) Revised Penal Code: threats, coercion, defamation, and related crimes

Depending on what was said/done, common criminal angles include:

  • Grave threats / light threats: threats to harm you, your family, property, or reputation
  • Grave coercion / unjust vexation (other coercions): forcing you to do something through intimidation, or harassing behavior that causes annoyance/distress
  • Slander/Oral defamation (spoken) or libel (written/posted): calling you a criminal/scammer, posting shaming content
  • Intriguing against honor and similar offenses may apply in narrow situations

If the harassment is done online (posts, messages, platforms), the same acts may be prosecuted under cybercrime rules (below).

2) Cybercrime Prevention Act (RA 10175)

When threats, harassment, or defamation are committed through computers, social media, messaging apps, SMS, or other ICT channels, it may fall under:

  • Cyber libel (libel committed through a computer system)
  • Other cyber-related offenses depending on the conduct (often paired with Revised Penal Code offenses)

A key practical point: online conduct usually strengthens the case through digital evidence, but it also raises the need to preserve proof properly.

3) Data Privacy Act (RA 10173): misuse of your personal information

Many OLA abuses are fundamentally data privacy violations, especially when collectors:

  • Access and use your contacts to shame or pressure you
  • Disclose your debt status to third parties without a lawful basis
  • Publish your personal details (name, photos, IDs, address, employer)
  • Use deceptive permissions or excessive data collection unrelated to lending

The Data Privacy Act can support:

  • Administrative complaints and enforcement actions through the National Privacy Commission (NPC)
  • Criminal complaints for unauthorized processing, disclosure, or other unlawful acts involving personal information

4) SEC regulation of lending/financing companies and unfair collection practices

Many OLAs are (or should be) under the Securities and Exchange Commission (SEC) if they operate as lending/financing companies. The SEC has issued rules and enforcement actions against unfair debt collection practices, and it regulates lending/financing entities through relevant laws (including rules governing lending and financing companies).

If the lender is unregistered or violates SEC rules, you can report to the SEC for regulatory action (which can include cease-and-desist, revocation, and penalties).

5) Special laws that may apply in specific situations

Depending on facts, additional laws can apply, such as:

  • Safe Spaces Act (RA 11313) if there is gender-based online sexual harassment (sexual threats, sexualized insults, coercive sexual content)
  • Anti-VAWC (RA 9262) if the offender is a spouse/intimate partner and the abuse includes harassment, threats, or psychological violence
  • Anti-Photo and Video Voyeurism (RA 9995) if intimate images are threatened or shared without consent
  • Anti-Bullying/other workplace policies (non-criminal but relevant) if harassment spills into school/work

Where to file: the right agency depends on the violation

You can file multiple complaints in parallel (e.g., privacy + cybercrime + SEC), especially when the harassment overlaps.

A) National Privacy Commission (NPC)

File here if your contacts were messaged, your personal data was disclosed, or you were doxxed using data obtained through an app or lending process.

Good for: misuse/disclosure of personal info, contact-list harassment, doxxing, unlawful processing Possible outcomes: orders to stop processing/disclosure, takedowns, compliance orders, and potential referral/coordination for criminal prosecution

B) SEC (Securities and Exchange Commission)

File here if the lender is a lending/financing company/OLA, especially if:

  • It appears unregistered/unlicensed, or
  • It uses prohibited/unfair collection practices (shaming, threats, contacting third parties)

Good for: regulatory action against the company/OLA, license issues, unfair collection practices

C) PNP Anti-Cybercrime Group (ACG) / NBI Cybercrime Division / local police cyber desks

File here when there are:

  • Online threats, harassment, blackmail/extortion-type threats
  • Online defamation/shaming posts
  • Coordinated harassment using multiple accounts/numbers

Good for: blotter, cyber incident reporting, assistance in preserving digital evidence, identifying perpetrators, case build-up for the prosecutor

D) Office of the City/Provincial Prosecutor

For criminal cases, you typically need a complaint-affidavit filed with the prosecutor for preliminary investigation (unless there’s an inquest scenario).

Good for: formal criminal charging process (threats, coercion, libel/cyber libel, etc.)

E) Barangay (Katarungang Pambarangay), in limited cases

Some disputes require or benefit from barangay conciliation if the parties are individuals residing in the same city/municipality and the case is within the barangay’s coverage. In practice, many OLA harassment cases involve corporations, unknown actors, or parties outside the barangay’s jurisdiction—so barangay processes may not apply or may not be effective.

Step-by-step: how to prepare and file a strong complaint

Step 1: Prioritize safety and stop ongoing harm

If there are credible threats of violence, treat it as urgent:

  • Contact local authorities immediately.
  • Inform trusted family/friends and tighten personal security.
  • If threats involve intimate partner violence or gender-based harassment, consider remedies under VAWC/Safe Spaces that can support protection measures.

Step 2: Preserve evidence (this often determines whether you win)

Collect and store evidence before accounts, numbers, or posts disappear.

What to preserve

  • Screenshots of SMS, chats, call logs, emails (include date/time and the full number/account handle)
  • Screen recordings showing the message thread scrolling (harder to dispute than a single screenshot)
  • URLs/links to posts, profile pages, groups, comment threads
  • Copies of shaming posts sent to your contacts (ask them for screenshots and a short written account)
  • Any loan documents: app name, company name, receipts, ledgers, collection notices
  • App permission screens, privacy policy pages (if accessible), proof of contact access or abnormal permissions

Best practices

  • Keep files in a dedicated folder with filenames like 2026-01-09_SMS_Threat_NumberX.png
  • Back up to at least two places (e.g., phone + external drive/cloud)
  • Don’t edit images in a way that looks manipulative (cropping is fine, but preserve originals)
  • Write a simple incident timeline while memory is fresh

Step 3: Identify the proper respondent (company and collectors)

Your complaint is stronger if it identifies:

  • Company legal name (and app name)
  • Collection agency name (if any)
  • Phone numbers used, email addresses, payment channels, social media accounts
  • Any names used by agents (even aliases help establish a pattern)

If you don’t know the true identity, you can still file using the numbers/accounts and request investigative assistance.

Step 4: Draft your narrative: “what happened, when, how, and who was harmed”

A clear structure helps prosecutors and regulators:

  • Background of the loan (date, amount, app/company, payments made)
  • When harassment started, frequency, and escalation
  • Specific threats (quote the exact words where possible)
  • Third-party contact: who was messaged, what was said, impact
  • Public shaming: where posted, what content, reach
  • Emotional/financial/workplace harm (stress, reputation damage, lost job opportunities, family distress)
  • Attachments list (Evidence A, B, C…)

Step 5: Choose filing routes (often 2–4 routes at once)

Typical combinations:

  • NPC + PNP/NBI + Prosecutor for contact-list harassment + threats
  • SEC + NPC for abusive OLA practices plus data misuse
  • Prosecutor + PNP/NBI for threats, coercion, cyber libel

You are not required to pick only one. Different agencies address different aspects.

How to file with the Prosecutor: what you’ll usually need

For a criminal complaint, you generally prepare:

  1. Complaint-Affidavit (notarized)
  2. Affidavits of witnesses (e.g., friends/coworkers who received shaming messages)
  3. Annexes/Evidence (screenshots, recordings, links, call logs, copies of posts)
  4. Respondent details (company/OLA name, addresses if known, numbers/accounts used)

What happens next (typical flow)

  • Filing and docketing
  • Preliminary investigation process (submissions/counter-affidavits)
  • Resolution (dismissal or filing of information in court)

For cyber-related cases, law enforcement can help with technical documentation and identifying account holders.

How to file with the NPC (Data Privacy route)

When the issue involves your personal data (contacts, disclosure, doxxing), your submission typically includes:

  • A narrative of the processing/misuse of data
  • Proof that the lender/collector accessed or used your personal data improperly
  • Evidence of disclosure to third parties or publication
  • The harm caused and the relief you want (stop processing, deletion/takedown, accountability)

Even if you can’t prove how they got your contacts, patterns like “multiple contacts receiving the same script” shortly after installing an app are highly relevant.

How to file with the SEC (OLA regulation route)

Report the OLA/company when:

  • It appears unregistered/unlicensed, or
  • It uses unfair/prohibited collection tactics

Include:

  • App name + company name shown in receipts or terms
  • Screenshots of harassment/shaming
  • Proof of the lending relationship (transaction history, payment links)
  • Numbers/accounts used by collectors

SEC complaints are particularly powerful when the company’s business model relies on continued app operation and legitimacy.

Practical tips that help immediately (while your complaint is pending)

Communicate in writing only

  • Tell the collector you will only communicate via email (or a single documented channel).
  • Do not argue by phone; it creates less usable evidence.

Stop data leakage

  • Revoke app permissions (contacts, SMS, storage) where possible
  • Uninstall suspicious apps
  • Tighten privacy settings on social media
  • Warn close contacts not to engage with collectors and to save evidence

Don’t be baited into “confessions”

Collectors may try to provoke admissions or use edited snippets. Keep messages short and factual.

Consider a demand letter

A lawyer’s letter (or a formal notice) demanding cessation of harassment and data misuse can help establish:

  • You asserted your rights
  • Continued harassment was willful
  • You sought a less adversarial remedy first (not required, but sometimes helpful)

Common defenses collectors use—and how to counter them

“You consented because you clicked ‘Allow contacts.’” Consent must still be lawful, proportionate, and tied to legitimate purposes. Using contacts to shame or pressure is difficult to justify as a legitimate lending purpose, and disclosure to third parties can be unlawful.

“It was just a reminder.” Threats, shaming, contacting third parties, and doxxing are not “reminders.” Preserve exact language and frequency.

“That agent wasn’t authorized.” Companies can still be held accountable when collection practices are systemic, repeated, or done by their agents/contractors.

Frequently asked questions

Can I be arrested because I didn’t pay an online loan?

Nonpayment of a debt is not itself a crime. Collectors who threaten arrest for simple nonpayment are commonly using intimidation.

What if my friends/coworkers got messages—can they help my case?

Yes. Their screenshots plus a short affidavit describing what they received and when can be very strong evidence, especially for data privacy and harassment theories.

Should I settle first before filing?

You can, but you don’t have to. If threats/harassment are already happening, filing can be the safest route. If you do negotiate, keep it in writing and do not agree to abusive terms.

What if I don’t know the collector’s real identity?

You can still file using the phone numbers, account handles, links, and the company/app involved. Cybercrime units can help trace, and prosecutors can proceed if there’s enough identifying information and pattern evidence.

A simple “complaint package” checklist

  • Incident timeline (1–2 pages)
  • Complaint-affidavit (notarized, for prosecutor)
  • Witness affidavits (contacts who were harassed)
  • Evidence annexes labeled and organized
  • Loan documents/receipts and app/company identifiers
  • List of phone numbers/accounts used, with dates and screenshots

Closing note

Online loan harassment cases are winnable when you treat them like an evidence-and-process problem: preserve proof, pick the right agencies, file in parallel, and document everything. If threats are severe or your reputation/safety is at immediate risk, consult a lawyer or seek help from law enforcement and the appropriate regulatory bodies promptly.

This article is for general information and does not replace advice from a qualified Philippine attorney who can assess your specific facts.

Disclaimer: This content is not legal advice and may involve AI assistance. Information may be inaccurate.

Privacy Policy

Terms of Use

Lawyer Login

 
 
Privacy Policy         Terms of Use         Lawyer Login