Online Lending App Harassment of Borrower and Contacts: Legal Remedies Under Philippine Law

General information only. This is not a substitute for advice from a lawyer handling an actual case.

I. Overview: How Online Lending Harassment Happens

With the rise of mobile lending apps in the Philippines, many borrowers – and even their uninvolved contacts – have reported abusive collection practices, such as:

  • Floods of calls and messages, including during late hours or holidays
  • Threats of arrest, “blacklisting,” or criminal cases over small unpaid loans
  • Sending shaming messages to family, friends, co-workers, and even clients
  • Posting edited or humiliating photos of the borrower on social media
  • Using vulgar, degrading, or discriminatory language

These practices are not only unethical; many of them can be illegal. Philippine law offers multiple layers of protection against such abuse.

II. Legal Framework

Several laws can apply simultaneously when a lending app harasses a borrower or their contacts.

1. Regulation of Lending Apps and Companies

Online lending apps are usually operated by:

  • Lending companies – covered by the Lending Company Regulation Act (LCRA)
  • Financing companies – covered by the Financing Company Act
  • Banks and other financial institutions – supervised primarily by the BSP

Key points:

  • A lending or financing company must be properly registered with the SEC and obtain the necessary authority to operate.
  • The SEC has issued rules and advisories against abusive collection practices and has the power to suspend or revoke licenses and impose fines.
  • Unregistered or illegally operating online lenders may face administrative sanctions and even criminal liability under special laws.

2. Financial Consumer Protection

Recent legislation strengthened the protection of financial consumers (including borrowers of online loans). Among the core principles:

  • Fair treatment – lenders must treat clients with professionalism and respect, even during collection.
  • Equitable and honest dealing – no deceptive, misleading, or highly oppressive practices.
  • Protection against abusive collection – harassment, threats, public shaming, and coercion are prohibited and can result in regulatory sanctions and civil or criminal liability.

Regulators such as the Bangko Sentral ng Pilipinas (BSP), Securities and Exchange Commission (SEC) and Insurance Commission (IC) can investigate and penalize supervised entities for abusive collection behavior.

3. Data Privacy and Confidentiality

The Data Privacy Act of 2012 (DPA) protects personal information of borrowers and third parties, including:

  • Names, contact numbers, photos
  • Contact list entries saved on the borrower’s phone
  • Information about their debts and financial status

Key concepts under the DPA:

  • Consent – Personal data should only be processed (collected, used, shared) with valid, informed, and freely given consent, or under another lawful basis.
  • Purpose limitation – Data may only be used for legitimate, specific, and declared purposes.
  • Proportionality – The data collected and the way it is used must be necessary and not excessive.

Using a borrower’s contact list to harass or shame the borrower, or to send intimidating messages to those contacts, can amount to:

  • Unauthorized processing of personal data
  • Unauthorized disclosure or improper sharing of personal information
  • Security breaches if data is accessed or used beyond what was reasonably expected

Violations may result in administrative fines from the National Privacy Commission (NPC) and criminal penalties, including imprisonment and fines.

4. Criminal Laws: Revised Penal Code and Cybercrime Law

Abusive collection practices may also be prosecuted under the Revised Penal Code (RPC) and the Cybercrime Prevention Act.

Some possible offenses:

  • Grave threats – threatening a person with harm, injury, or other wrong, especially if conditioned on payment.
  • Light threats – less serious forms of threats.
  • Grave coercion – using violence, intimidation, or threats to compel someone to do something against their will or to prevent them from doing something lawful (e.g., forcing immediate payment under threat of public shaming).
  • Unjust vexation – acts that annoy, irritate, or humiliate a person without justification (often invoked in harassment cases, though subject to evolving jurisprudence).
  • Libel and slander – imputing a crime, vice, or defect that tends to dishonor or discredit someone, whether in writing, online, or orally.
  • Cyber libel – libel committed through online means such as posts, messages, or group chats, with increased penalties under the Cybercrime law.

If harassment is done through messages, social media posts, or “shame group chats,” it may qualify as cybercrime, giving law enforcers and courts additional tools to investigate (e.g., preservation and disclosure of computer data).

5. Civil Law: Right to Privacy, Human Dignity, and Damages

The Civil Code provides:

  • Article 26 – protecting privacy, reputation, and human dignity (e.g., against intriguing into private life, vexing or humiliating on account of one’s physical defect, or similar acts).
  • Articles 19, 20, and 21 – requiring everyone to act with justice, give everyone their due, and observe honesty and good faith; violations can give rise to damages even if no specific penal law was violated.

A borrower or even a contact who suffers harassment and emotional distress may claim:

  • Moral damages – for anxiety, mental anguish, fear, serious embarrassment, and wounded feelings.
  • Exemplary damages – to serve as a deterrent when the act was done in a wanton, fraudulent, reckless, or oppressive manner.
  • Attorney’s fees and costs – if justified under the Civil Code.

III. Typical Abusive Practices and Their Possible Legal Consequences

Below are common patterns of abuse by online lending apps, and the possible legal hooks.

1. Accessing the Borrower’s Contact List and Messaging Contacts

Behavior:

  • The app requires access to contacts upon installation.
  • Upon delay or default in payment, the lender sends mass messages to friends, family, co-workers, and clients, labeling the borrower as a “scammer” or “delinquent,” and pressuring them to force the borrower to pay.

Possible violations:

  • Data Privacy Act – processing and disclosure of contacts’ personal data without their consent or a legitimate basis.
  • Civil Code – unwarranted intrusion into privacy; harassment of people who are not parties to the loan.
  • Libel / slander or unjust vexation – if contacts are falsely told that the borrower is a criminal, or if messages are humiliating or threatening.

Contacts, even if they never installed the app or borrowed money, may have their own independent claims against the lender.

2. Threats of Arrest, Imprisonment, or Police Involvement

Behavior:

  • Collectors tell borrowers they will be arrested “within 24 hours,” that police will “pick them up,” or that a “warrant of arrest” has been issued, despite the absence of any actual case or court order.

Possible violations:

  • Grave or light threats, grave coercion – intimidation to force immediate payment.
  • Deceitful collection – violating financial consumer protection and fair dealing rules.
  • Possible liability under laws against using the name of public authorities or pretending to be a public officer.

In the Philippines, non-payment of debt is generally a civil matter, not a ground for imprisonment, except where a separate criminal act (e.g., estafa, bouncing checks) is proven.

3. Vulgar, Degrading, or Discriminatory Remarks

Behavior:

  • Use of insults, slurs, sexist or homophobic remarks, attacks on the borrower’s family or children, and sending obscene images.

Possible violations:

  • Unjust vexation or related offenses under the RPC.
  • Libel or slander if false statements are made publicly or to third parties.
  • Gender-based online harassment (under gender-related laws) if the remarks are sexist or directed at gender identity or sexual orientation.

Regulators often treat this as a clear form of abusive collection, which may lead to license suspension or penalties.

4. Posting Edited Photos or Public “Shame Posts”

Behavior:

  • Posting the borrower’s photo with defamatory captions in Facebook groups or pages.
  • Tagging employers, clients, or schools to pressure payment.

Possible violations:

  • Libel / cyber libel – imputing a disgraceful action or condition that damages reputation.
  • Data Privacy Act – unauthorized publication of personal data and photos.
  • Civil Code – violation of privacy and dignity; grounds for moral and exemplary damages.

Screenshots and links of these posts can be crucial evidence in any complaint.

IV. Remedies for Borrowers

Borrowers have several avenues, which may be pursued simultaneously.

1. Immediate Practical Steps

  • Gather evidence – screenshots of messages, caller IDs, call logs, social media posts, and app permissions. Save them in multiple copies.
  • Review agreements – retain copies of the loan contract and app terms (if available) to assess any consent and its limits.
  • Secure devices – remove app permissions (e.g., access to contacts, camera, storage) and, if necessary, uninstall the app after preserving evidence.
  • Inform close contacts – let family, friends, and supervisors know that they may receive harassing messages, and that they are free to ignore or document them.

2. Regulatory Complaints (Administrative Remedies)

a. Securities and Exchange Commission (SEC) If the lender is a lending or financing company or a similar entity required to register with the SEC, a complaint may be filed for:

  • Operating without the proper license;
  • Abusive collection practices;
  • Misrepresentation and other regulatory violations.

Possible outcomes:

  • Suspension or revocation of the company’s license;
  • Monetary penalties;
  • Public advisories warning the public.

b. Bangko Sentral ng Pilipinas (BSP) If the entity is a bank, quasi-bank, e-money issuer, or similar BSP-regulated institution, borrowers may file complaints via:

  • The financial institution’s internal complaints unit (required under regulations); and
  • The BSP’s consumer assistance channels.

The BSP can impose sanctions, require corrective action, and mandate compensation in some cases.

c. National Privacy Commission (NPC)

Borrowers and contacts whose data was misused or disclosed may:

  • File a complaint for unauthorized processing or disclosure, or for failure to secure personal data; or
  • Report a data breach if there was large-scale unauthorized access to contacts or other personal data.

The NPC can:

  • Order the cease and desist of unlawful data processing;
  • Impose administrative fines and recommend criminal prosecution;
  • Direct the company to adopt compliance measures and remedial actions.

d. Other agencies

  • Department of Trade and Industry (DTI) – for unfair or deceptive trade practices in consumer transactions.
  • Local government units – for business permit issues, especially if the lender operates physical offices.

3. Criminal Complaints

Harassment that qualifies as threats, coercion, libel, or other crimes may be reported to:

  • Philippine National Police (PNP), especially the Anti-Cybercrime Group;
  • National Bureau of Investigation (NBI), Cybercrime Division;
  • Directly to the Office of the City or Provincial Prosecutor via an affidavit-complaint.

Typical process:

  1. Affidavit-complaint – the victim executes a sworn statement narrating the incidents, attaching evidence (screenshots, copies of posts, etc.).
  2. Preliminary investigation – the prosecutor evaluates if there is probable cause to file a case in court.
  3. Filing of information – if probable cause is found, a criminal case is filed in the proper trial court.

Important considerations:

  • Some forms of evidence (like secret audio recordings of conversations) may be restricted by the Anti-Wiretapping Law. It is prudent to consult a lawyer first before relying on such recordings.
  • The complainant may request the preservation of electronic evidence (messages, logs) in cybercrime cases.

4. Civil Actions for Damages

A borrower may file a civil action to recover damages for:

  • Emotional and psychological harm (moral damages);
  • Public embarrassment and humiliation;
  • Loss of employment or business opportunities caused by defamatory statements;
  • Litigation expenses and attorney’s fees.

The civil case may be:

  • Independent – filed alone; or
  • Joined with a criminal case (as a civil action for damages arising from the crime).

The court will consider the severity of harassment, its duration, the borrower’s vulnerability, the scale of publication (e.g., how many people saw the posts), and the lender’s conduct (e.g., refusal to stop even after demands).

V. Remedies for Contacts (Non-Borrowers)

Friends, relatives, co-workers, and other contacts who are harassed or whose data is misused also have rights.

They may:

  • File their own complaints before the NPC for data privacy violations.
  • File a criminal complaint if they receive threats, malicious imputations, or are included in defamatory posts.
  • File civil actions for damages if their reputation or peace of mind was harmed.

They do not have to be borrowers to be protected; being dragged into the dispute without consent can itself be a wrongful act.

VI. Legitimate vs. Abusive Collection

The law recognizes that lenders have the right to collect valid debts. However, this right has limits.

Generally permissible collection activities:

  • Sending polite reminders via SMS, call, email, or in-app notifications.
  • Discussing payment options and restructuring terms with the borrower.
  • Elevating the account to formal legal action if the borrower truly defaults and negotiations fail.

Generally abusive or unlawful practices:

  • Repeated calls at unreasonable hours (e.g., late night, early morning) or an excessive number of calls within a short time.
  • Using threats of violence, arrest, or public exposure.
  • Contacting people who are not co-borrowers or guarantors solely to shame the borrower.
  • Using foul, degrading language or slurs.
  • Posting defamatory content online or in public places.

Even if the borrower is genuinely in default, abuse and harassment are not justified and may still be punished.

VII. Preventive Measures for Borrowers

While the burden lies on lenders to follow the law, borrowers can reduce risk by:

  1. Verifying the lender – checking whether the company is properly registered and supervised by the SEC, BSP, or other agencies.
  2. Reading app permissions – being cautious about apps that insist on full access to contacts, camera, photos, and messages for a small loan.
  3. Limiting data sharing – avoiding the use of personal phones tied to sensitive contact lists or social accounts, if practical.
  4. Keeping records – maintaining copies of agreements, payment receipts, and correspondence.

A borrower’s failure to read terms carefully does not waive statutory protections (e.g., against abuse, privacy violations), but being cautious can prevent problems.

VIII. Sample Structure of a Complaint Letter

For illustration, a simple complaint (to SEC, NPC, or law enforcement) may follow this structure:

  1. Heading – Name, address, contact information of complainant; addressee (e.g., specific agency).

  2. Introduction – Briefly state that the complainant is filing a complaint against [Name of Company / App] for harassment and other violations.

  3. Statement of facts – Chronological narration of:

    • Date of loan, amount, and terms
    • Date of first harassment
    • Manner of harassment (calls, messages, posts, threats, contact of family, etc.)
    • Specific examples, with dates and times
    • Impact on the complainant (anxiety, embarrassment, work issues, etc.)

  4. Legal basis (optional in lay complaints but helpful):

    • Mention relevant laws: data privacy, financial consumer protection, criminal provisions, and civil rights.

  5. Evidence – List of attached screenshots, links, printouts, or records.

  6. Prayer / Request – What the complainant is asking for: investigation, cessation of harassment, penalties, damages (if appropriate), or other relief.

  7. Verification and signature – Signed by the complainant; notarized if required.

A lawyer can refine this into a formal affidavit-complaint or pleading suited to the chosen forum.

IX. Key Takeaways

  • Harassment by online lending apps is not just “part of the game.” Philippine law provides multiple overlapping protections: regulatory, privacy, criminal, and civil.
  • Both borrowers and their contacts are protected against unauthorized data use, threats, and public shaming.
  • Evidence is crucial. Screenshots, call logs, and records of posts and messages strongly support complaints.
  • Legitimate debt collection has limits. Creditors may remind, but may not threaten, shame, or abuse.
  • Legal advice is important. Because each case has its own facts, it is wise to consult a lawyer, especially when considering filing criminal or civil actions.

If needed, the discussion can be tailored further to specific scenarios (e.g., an employer receiving harassing messages about an employee, or a contact who wants to assert rights even if they never installed the app).

Disclaimer: This content is not legal advice and may involve AI assistance. Information may be inaccurate.

Privacy Policy

Terms of Use

Lawyer Login

 
 
Privacy Policy         Terms of Use         Lawyer Login