Legal Remedies Against Harassment and Death Threats from Online Lending Apps in the Philippines

The rise of Financial Technology (FinTech) in the Philippines has democratized access to credit, but it has also birthed a predatory ecosystem of Unregistered Online Lending Applications (OLAs). These entities often employ "shaming" tactics, unauthorized data access, and even death threats to coerce payment. For victims, the Philippine legal system provides a multi-layered framework of protection spanning administrative, civil, and criminal law.

I. Regulatory Violations and Unfair Debt Collection Practices

The Securities and Exchange Commission (SEC) is the primary regulatory body for lending companies. Under SEC Memorandum Circular No. 18, series of 2019, the government explicitly prohibits "Unfair Debt Collection Practices."

Prohibited Acts

Lending companies and their outsourced collection agencies are strictly forbidden from:

  • Threats of Violence: Using or threatening to use physical violence or other harmful means to harm the person, reputation, or property of any person.
  • Obscene/Profane Language: Using insults or symbols intended to shame the borrower.
  • Disclosure of Information: Publicizing the names and personal circumstances of borrowers who allegedly refused to pay.
  • Contacting Contacts: Contacting persons in the borrower’s contact list other than those named as guarantors or co-makers.
  • Misrepresentation: Falsely claiming to be lawyers, police officers, or representatives of government agencies to intimidate the borrower.

Violations of this circular can lead to the suspension or revocation of the OLA’s Certificate of Authority (CA) and substantial administrative fines.

II. Violations of the Data Privacy Act of 2012 (R.A. 10173)

Most OLAs require "permissions" to access a user's contacts, gallery, and social media accounts. However, the National Privacy Commission (NPC) has ruled that accessing this data for the purpose of harassment is a violation of the Data Privacy Act (DPA).

Actionable Offenses

  • Unauthorized Processing: Accessing a borrower's phonebook to contact friends and family without their explicit, informed consent for that specific purpose.
  • Processing for Illegitimate Purposes: Using personal data to harass or threaten individuals falls outside the "legitimate interest" or "contractual necessity" clauses of the DPA.
  • Malicious Disclosure: Revealing a borrower’s debt to third parties constitutes a breach of confidentiality and malicious disclosure under Section 31 of the DPA, punishable by imprisonment and fines ranging from ₱500,000 to ₱2,000,000.

III. Criminal Liabilities under the Revised Penal Code and Cybercrime Law

When harassment escalates to threats of death or physical harm, the actions move from administrative violations to serious criminal offenses under the Revised Penal Code (RPC) and Republic Act No. 10175 (Cybercrime Prevention Act of 2012).

1. Grave Threats and Light Threats (Art. 282-283, RPC)

If an OLA agent threatens to kill the borrower or burn their house down, they can be charged with Grave Threats. If the threat is made via text, email, or social media, the penalty is increased by one degree under the Cybercrime Law.

2. Grave Coercion (Art. 286, RPC)

Compelling a borrower to do something against their will (such as paying an unconscionable amount under the threat of violence or shame) constitutes Grave Coercion.

3. Cyberlibel

Posting a borrower's photo on social media with captions labeling them as a "scammer" or "thief" constitutes Cyberlibel. Under Philippine law, the truth of the debt is not a complete defense if the post was made with "malice" or the sole intent of humiliating the person.

4. Unjust Vexation

The persistent, annoying, and obsessive calling or texting of a borrower and their contacts may fall under Unjust Vexation, a criminal act that causes annoyance, irritation, or mental distress.

IV. Procedural Steps for Victims

Victims of OLA harassment should follow a systematic approach to seek redress:

1. Evidence Gathering

Preserve all digital evidence. This includes:

  • Screenshots of threatening text messages and emails.
  • Call logs and recordings of harassing conversations.
  • Screenshots of social media posts or messages sent to contacts.
  • The OLA’s name, registered entity (if available), and mobile numbers used.

2. File a Complaint with the SEC

If the OLA is registered, file a formal complaint with the SEC Corporate Governance and Finance Department (CGFD). If the OLA is unregistered, the SEC Enforcement and Investor Protection Department (EIPD) can initiate cease-and-desist orders and work with Google or Apple to take down the app.

3. Report to the National Privacy Commission (NPC)

Victims should file a "Statement of Complaints" with the NPC for the unauthorized use of their contact lists and the "shaming" of their personal information. The NPC has the power to order the deletion of data and the shutdown of the offending app's data processing systems.

4. Coordination with Law Enforcement (PNP-ACG / NBI)

For death threats and grave threats, victims must go to the Philippine National Police Anti-Cybercrime Group (PNP-ACG) or the National Bureau of Investigation (NBI) Cybercrime Division. These agencies can track the digital footprint of the harassers and conduct entrapment operations if necessary.

V. Summary of Remedies

Law/Regulation Agency Remedy/Penalty
SEC MC No. 18 SEC Fines, Revocation of License
Data Privacy Act NPC Imprisonment, Fines, Deletion of Data
Cybercrime Law PNP-ACG / NBI Criminal Prosecution (Cyberlibel/Threats)
Revised Penal Code Regular Courts Imprisonment for Coercion/Grave Threats

Disclaimer: This content is not legal advice and may involve AI assistance. Information may be inaccurate.

Privacy Policy

Terms of Use

Lawyer Login

 
 
Privacy Policy         Terms of Use         Lawyer Login