How to Stop Unsolicited Loan Texts and Harassment from Online Lending Apps

The rapid growth of online lending applications in the Philippines has exposed millions of Filipinos to aggressive collection practices, including unsolicited text messages, repeated calls, and public shaming tactics. These messages often arrive from unknown numbers, threaten legal action, contact family members or employers listed in the borrower’s phonebook, or flood the recipient with demands for immediate repayment—even for loans the borrower never applied for. Such conduct is not merely annoying; it constitutes violations of multiple Philippine statutes governing data privacy, consumer protection, financial services, and criminal law. This article exhausts the complete legal landscape, the rights of affected individuals, the precise regulatory bodies empowered to act, the step-by-step procedures available, the penalties imposable on violators, and the preventive measures mandated by law.

I. Governing Legal Framework

A. Data Privacy Act of 2012 (Republic Act No. 10173, as amended)
The National Privacy Commission (NPC) enforces the strictest rules on personal data processing. Online lending apps are “personal information controllers” or “processors.” They may collect and process contact lists, phone numbers, and financial data only with explicit, informed consent. Using that data to send unsolicited collection texts or to share it with third parties (family, friends, employers) without consent is a direct breach of Sections 11, 12, 13, and 16. The right to erasure (Section 19) and the right to object to processing (Section 18) allow any individual to demand immediate deletion of all personal data.

B. Financial Products and Services Consumer Protection Act (Republic Act No. 11765, 2022)
This law applies to all “financial service providers,” including digital lenders. Section 4 guarantees the right to fair and honest treatment and protection from abusive collection practices. Section 5 prohibits harassment, coercion, and public disclosure of debt. BSP-registered entities must comply with the Act’s implementing rules; unregistered entities are ipso facto illegal and subject to immediate closure.

C. Consumer Act of the Philippines (Republic Act No. 7394)
Deceptive and unconscionable sales acts include false representations about loan terms and the use of harassing collection methods. The Department of Trade and Industry (DTI) and the Consumer Protection and Advocacy Bureau have jurisdiction.

D. Cybercrime Prevention Act of 2012 (Republic Act No. 10175)
Repeated unwanted electronic communications can qualify as “cyberstalking” or “cyber-harassment” under Section 4(c)(4) when they cause mental or emotional distress. The Department of Justice (DOJ) Office of Cybercrime and the PNP Anti-Cybercrime Group investigate these cases.

E. Revised Penal Code

  • Article 287 (Unjust Vexation) – covers persistent annoying texts and calls.
  • Article 282 (Grave Threats) – applies when threats of public shaming, job loss, or criminal cases are made.
  • Article 172 (Falsification) and Article 315 (Estafa) – sometimes invoked when fake demand letters or forged documents are sent.

F. National Telecommunications Commission (NTC) Regulations
NTC Memorandum Circular No. 04-07-2019 (Anti-Spam Rules) and related issuances prohibit unsolicited commercial electronic messages. SIM Registration Act (Republic Act No. 11934) further enables tracing of offending SIMs because every active SIM is now linked to a verified identity.

G. Securities and Exchange Commission (SEC) and Bangko Sentral ng Pilipinas (BSP) Rules
Only SEC-registered financing companies or BSP-licensed digital banks may lawfully engage in online lending. Unregistered “5-6” apps operating through mobile applications are illegal lending entities under Republic Act No. 9474 (Lending Company Regulation Act) and Presidential Decree No. 168.

II. Rights of Every Filipino Borrower or Recipient of Unsolicited Texts

  1. Right to privacy of personal data and communication.
  2. Right to be free from abusive, harassing, or coercive collection practices.
  3. Right to demand immediate cessation and deletion of data.
  4. Right to file complaints without fear of retaliation.
  5. Right to damages (actual, moral, exemplary) plus attorney’s fees.

III. Comprehensive Step-by-Step Action Plan

Step 1: Immediate Self-Protection (Day 1)

  • Block every sender number and report as spam inside the messaging app.
  • Disable SMS from unknown numbers via phone settings.
  • Uninstall the lending app completely and revoke all permissions (contacts, camera, location, storage).
  • Change all passwords and enable two-factor authentication on linked accounts.
  • Do not reply to any message; replying confirms the number is active and can escalate harassment.

Step 2: Exercise Data Privacy Rights (Within 7 Days)
Send a formal data subject request via the app’s registered email or through the NPC’s online portal (privacy.gov.ph). The exact wording must include:
“I demand (1) confirmation of whether my personal data is being processed, (2) a copy of all data held, (3) immediate cessation of processing for marketing or collection, and (4) permanent deletion of all my personal data and that of my contacts under Sections 18 and 19 of RA 10173.”
Retain proof of sending (screenshot with timestamp).

Step 3: File Administrative Complaints

A. National Privacy Commission (NPC)

  • Online complaint form at privacy.gov.ph or email complaints@privacy.gov.ph.
  • Attach screenshots of texts, app screenshots showing contact access, and the data request.
  • NPC can issue a cease-and-desist order within 72 hours in urgent cases and impose fines of up to ₱5,000,000 per violation.

B. Bangko Sentral ng Pilipinas (BSP) Consumer Assistance Mechanism

  • For BSP-supervised entities: bsp.gov.ph (Consumer Assistance) or hotline 8708-7080.
  • BSP can revoke licenses and order immediate stoppage of collection.

C. Securities and Exchange Commission (SEC)

  • Report unregistered lenders at sec.gov.ph or email enforcement@sec.gov.ph.
  • SEC can issue cease-and-desist orders and file criminal cases.

D. Department of Trade and Industry (DTI)

  • Consumer Care hotline 1-384 or dti.gov.ph complaint portal.
  • DTI handles unfair collection practices even for unregistered entities.

E. National Telecommunications Commission (NTC)

  • File spam complaint at ntc.gov.ph or through the “NTC Text” hotline 888.
  • NTC can suspend or cancel the SIM cards used for harassment.

Step 4: Criminal Route (When Harassment Involves Threats or Public Shaming)

  • Go to any police station and file a blotter citing RA 10175 and/or Revised Penal Code Articles 282/287.
  • Request a subpoena for the telco to reveal the registered owner of the SIM.
  • The case is investigated by the PNP Anti-Cybercrime Group or the DOJ.

Step 5: Civil Action for Damages
File a complaint before the Regional Trial Court or Metropolitan Trial Court for violation of RA 10173 and RA 11765. Moral damages are routinely awarded in harassment cases; exemplary damages deter future violations.

Step 6: Special Remedies for Illegal Lending

  • Report to the Inter-Agency Council Against Illegal Online Lending (created by DTI-SEC-BSP-NPC joint circular).
  • The Council maintains a public blacklist of prohibited apps; once listed, any continued operation is punishable by imprisonment and fines.

IV. Penalties Imposable on Violators

  • NPC: Administrative fines ₱100,000 to ₱5,000,000 per violation; possible imprisonment up to 6 years.
  • BSP/SEC: Revocation of license, closure of operations, fines up to ₱1,000,000 daily.
  • Criminal (RA 10175): Imprisonment 6 months to 3 years plus ₱100,000–₱500,000 fine.
  • Revised Penal Code: Arresto mayor to prision correccional plus civil indemnity.
  • Telcos face NTC suspension of the offending SIMs and possible criminal liability for aiding spam.

V. Court and NPC Precedents and Established Principles

Philippine jurisprudence consistently holds that:

  • Contacting third parties without consent is an unauthorized disclosure (NPC Advisory No. 2020-01).
  • Debt collection may not involve public ridicule or threats (Financial Consumer Protection Act IRR).
  • Ignorance of licensing requirements is not a defense; strict liability applies.
  • The SIM Registration Act has removed the previous anonymity shield, making tracing and prosecution faster.

VI. Preventive Legal Measures Every Citizen Must Observe

  • Never grant contact-list access to any lending app.
  • Read the privacy policy and consent clauses before downloading.
  • Use only BSP-registered digital banks or SEC-registered financing companies (verifiable at bsp.gov.ph and sec.gov.ph).
  • Enable “Do Not Disturb” for unknown numbers and install carrier-level spam blockers.
  • If a loan is offered through social media or unverified links, treat it as high-risk and report the page immediately.
  • Register complaints early; the law rewards prompt action by allowing higher penalties against repeat offenders.

By systematically invoking the Data Privacy Act, the Financial Consumer Protection Act, consumer laws, cybercrime statutes, and regulatory powers of the NPC, BSP, SEC, DTI, and NTC, any Filipino subjected to unsolicited loan texts or harassment possesses complete, overlapping, and immediately enforceable remedies. Documentation, formal written demands, and parallel filings across the correct agencies guarantee cessation of the harassment and accountability of the perpetrators. The Philippine legal system has deliberately armed consumers with these tools precisely to counter the predatory tactics of unregulated online lending platforms.

Disclaimer: This content is not legal advice and may involve AI assistance. Information may be inaccurate.

Privacy Policy

Terms of Use

Lawyer Login

 
 
Privacy Policy         Terms of Use         Lawyer Login