Stop harassment messages from online lending apps Philippines

Here’s a comprehensive, practitioner-style legal explainer on dealing with harassing messages from online lending apps (OLAs) in the Philippines—what counts as unlawful conduct, the laws you can invoke, concrete steps (with templates), and where to file complaints.

What counts as “harassment” by OLAs

Debt collection crosses into unfair, abusive, or unlawful territory when collectors do any of the following:

  • Shaming tactics: group texts or posts to family, colleagues, or social media contacts; “utang list” blasts; edited photos or defamatory posters.
  • Threats: violence, arrest, “blotter,” criminal cases over pure non-payment, deportation, or public exposure (“papakilala ka sa barangay”).
  • False claims or misrepresentation: pretending to be a police officer/lawyer/court sheriff; fake “warrants,” “subpoenas,” or “NBI cases.”
  • Unreasonable contact: repeated calls/texts at odd hours; contacting your employer, HR, clients, or unrelated third parties.
  • Data-privacy abuse: scraping your contacts/gallery; coercive consent in app permissions; non-consensual disclosure of personal data.
  • Profane/obscene language; sexist or sexual harassment.

Key laws and remedies

1) Securities and Exchange Commission (SEC) rules for lenders/collectors

  • Lending Company Regulation Act (RA 9474) and Financing Company Act (RA 8556): SEC regulates lending/financing companies and their agents.
  • Unfair debt collection is prohibited (via SEC memoranda and licensing conditions). Common violations include: shaming, contacting third parties not the borrower, threats/obscenity, misrepresentation, and repeated calls intended to annoy/abuse.
  • Remedies: SEC can fine, suspend/revoke licenses, order take-downs of abusive apps, and shut down unregistered OLAs. File with the SEC’s Enforcement and Investor Protection Department (EIPD).

2) Data Privacy Act of 2012 (RA 10173) & IRR

  • Personal data (your name, numbers, photos, contacts) cannot be collected/processed/disclosed without a valid lawful basis and proportional purpose.

  • Common privacy violations by OLAs/collectors:

    • Blanket access to contacts/photos irrelevant to loan servicing.
    • Disclosure of your debt to third persons (family, coworkers, clients).
    • Failure to provide privacy notices, consent records, or a retention policy.

  • Penalties: administrative fines; criminal penalties (including imprisonment) for unauthorized processing, access, and disclosure; civil damages.

  • Remedies: File a complaint with the National Privacy Commission (NPC) (seek cease-and-desist, data erasure, and administrative fines).

3) Cybercrime & Penal laws

  • Cybercrime Prevention Act (RA 10175): covers online crimes, including cyber-libel, unlawful/illegal access, data interference, computer-related identity theft, and cyber harassment.

  • Revised Penal Code:

    • Grave threats / grave coercion (threats of harm, undue compulsion).
    • Unjust vexation (repeated, annoying conduct causing irritation/annoyance).
    • Libel (public and malicious imputation of a crime, vice, or defect).
    • Usurpation of authority (posing as a public officer).
    • Coercion/Intriguing against honor, depending on facts.

  • Remedies: Criminal complaints with PNP-Anti-Cybercrime Group or NBI-Cybercrime Division, then file with the City/Provincial Prosecutor.

4) Safe Spaces Act (RA 11313)

  • Covers gender-based online harassment (e.g., sexist slurs, sexual threats, non-consensual sexualized images). Provides criminal penalties and civil remedies.

5) Civil Code remedies (Articles 19, 20, 21)

  • Sue for damages for acts contrary to morals, good customs, or public policy; and for willful or negligent violations of your rights (moral, exemplary, attorney’s fees).

6) Consumer protection & telco measures

  • SIM Registration Act (RA 11934) and telco anti-spam programs support blocking/reporting of abusive numbers and deactivation of SIMs used for harassment.

Immediate steps to protect yourself

A) Preserve evidence (Day 0)

  • Take full screenshots of texts/chats/calls (include timestamps, profile/name, and number).
  • Save voice messages, call logs, viber/FB messenger IDs, and threatening images.
  • Export the app’s permissions page (showing contacts, files, camera access).
  • Get witness statements (coworkers/family who received messages/calls).

B) Cut off data exposure (Day 0–1)

  • Revoke app permissions (Contacts, Storage, Camera, SMS). On Android: Settings → Apps → [App] → Permissions → Deny.
  • Change passwords (email, social media, cloud) and enable 2FA.
  • Uninstall abusive apps (document first). If you still need access for payment, switch to web portal or official channels.
  • Block/report numbers in your phone and messaging apps; report to your telco for spam.

C) Put the collector on legal notice (Day 1)

Send a Cease-and-Desist + Data-Privacy Notice (SMS/email/app chat). Keep it firm, factual, and rights-based (template below).

D) Pay safely—without enabling abuse

  • If you can pay, use traceable channels (official bank accounts, app wallet, or over-the-counter partners in the lender’s name). Keep receipts.
  • If you dispute the amount, ask for a Statement of Account and a computation; note all interest/penalty provisions. You can pay under protest while pursuing complaints.
  • Never send IDs/selfies to collectors in chat unless the lawful basis is clear and necessary for KYC (and you trust the channel).

Where to file and what to prepare

1) SEC (for abusive collection and unregistered OLAs)

What to allege: unfair debt collection; unregistered lending; misrepresentation; threats/shaming; violations of SEC rules. Attach: screenshots, receipts, app links, company details (app publisher, DTI/SEC name, addresses), witness statements, your demand letters. Relief sought: fines, license suspension/revocation, take-down of app, order to stop harassment, referral for prosecution.

2) National Privacy Commission (NPC)

What to allege: unauthorized processing; excessive data collection (contacts/photos); unauthorized disclosure to third parties; failure to secure data; lack of proper consent/notice. Relief sought: Cease-and-Desist, data erasure, administrative fines, compliance orders; referral for criminal action.

3) PNP-ACG or NBI-CCD; Prosecutor’s Office

Criminal angles: threats, coercion, unjust vexation, cyber-libel, identity theft, usurpation of authority. What to bring: device, SIM, screenshots, call logs, demand letters, IDs, affidavit of complaint.

4) Civil action (RTC/MTC)

Sue for moral/exemplary damages and attorney’s fees under Civil Code Arts. 19/20/21; seek injunction against continued harassment.

5) Employer coordination (if your workplace is contacted)

  • Ask HR to log calls/emails and reply: “Company does not entertain third-party collection calls. Direct all communications to the borrower in writing only.”
  • HR can issue a cease contact email to the collector. Employers are not obliged to disclose your whereabouts or salary.

Decision guide (quick)

  1. Harassing texts/calls to you only? → Send Cease-and-Desist, block, preserve evidence, complain to SEC/NPC; consider PNP/NBI if threats/libel.
  2. Shaming to family/office/socials? → Add NPC (unauthorized disclosure) and cyber-libel/threats with PNP/NBI; seek injunction.
  3. Collector poses as police/lawyer or waves “warrant”?Criminal complaint (usurpation of authority, falsification), plus SEC/NPC.
  4. Unregistered OLA / fly-by-night app?SEC EIPD and app store reporting for take-down.

Templates (copy-paste and edit)

1) Cease-and-Desist & Data-Privacy Notice

Subject: CEASE AND DESIST – Unlawful Debt Collection and Data Privacy Violations To: [Collector No./Email] / [App Chat]

I am [Name], borrower of [Company/App]. Your representatives have sent [calls/texts/chats] on [dates] containing [threats/shaming/false claims], including disclosure to [family/employer/contacts].

Take notice that these acts constitute unfair debt collection and unlawful processing/disclosure of personal data under Philippine law. You are hereby ordered to STOP: (1) contacting me outside reasonable hours; (2) contacting any third party; (3) using profane/abusive language; (4) issuing threats or false representations; and (5) processing or disclosing my contacts/photos/other data without a valid lawful basis.

Effective immediately, contact me only in writing at [email] for legitimate account matters. Further violations will be documented and reported to the SEC, National Privacy Commission, and law enforcement for civil, administrative, and criminal action.

Sincerely, [Name], [Mobile], [Email] [Date]

2) Employer HR reply to collectors

Subject: Cease Contact – [Employee Name] This company does not entertain third-party collection communications. Please remove our numbers/emails from your records. Direct all written correspondence to the borrower. Further contact will be logged for regulatory action. —[HR/Legal Contact]

3) Evidence index (attach to complaints)

  • Exhibit A: Timeline of calls/texts (date, time, number/ID).
  • Exhibit B: Screenshots (originals + printed copies).
  • Exhibit C: App permissions page and privacy policy (if any).
  • Exhibit D: Demand letters sent and delivery proofs.
  • Exhibit E: Witness statements (family/HR).

Practical FAQs

Q: I really owe money. Can I still complain about harassment? Yes. Debt does not justify unlawful collection. You can settle or restructure and report abusive conduct.

Q: They messaged my contacts from my phonebook. Is that legal consent? Not if consent was coerced, bundled (required to install), vague, or disproportionate to the loan purpose. You may demand erasure and file with the NPC.

Q: They threatened arrest. Pure non-payment of a loan is generally a civil matter. Arrest warrants come only from courts in criminal cases—not from collectors. Threats are actionable.

Q: They posted defaming content about me. Preserve the post/URL, take forensic screenshots, and consider cyber-libel and NPC complaints for unlawful disclosure.

Q: They keep changing numbers. Block each number, file once with a pattern of conduct; add telco spam reports and request SIM deactivation.

Compliance tips if you’re a legitimate collector

  • Train agents on no-shaming, no-third-party contact, no threats, no misrepresentation; contact only the borrower at reasonable hours.
  • Use purpose-limited data processing; avoid phonebook scraping; keep privacy notices and consent logs.
  • Maintain a complaints channel and audit trails; implement call recording reviews.
  • Coordinate with counsel on NPC and SEC compliance.

Bottom line

You can stop OLA harassment using a three-track strategy: (1) Cease-and-Desist + evidence preservation and safe payments; (2) Regulatory complaints (SEC for unfair collection; NPC for privacy violations); and (3) Criminal/civil action for threats, libel, coercion, and damages. Non-payment does not excuse abuse—Philippine law gives you multiple, parallel remedies to make it stop and hold offenders accountable.

If you want, I can turn this into a ready-to-file SEC/NPC complaint pack (forms filled with placeholders, plus an affidavit template).

Disclaimer: This content is not legal advice and may involve AI assistance. Information may be inaccurate.

Privacy Policy

Terms of Use

Lawyer Login

 
 
Privacy Policy         Terms of Use         Lawyer Login