Text Harassment by Online Lending Apps: Legal Remedies in the Philippines

Text Harassment by Online Lending Apps: Legal Remedies in the Philippines

Why this matters

Text blasts, threat messages, and “contact-shaming” by online lending apps (OLAs) are more than just annoying—they can be unlawful. Philippine law protects borrowers from abusive collection tactics and gives multiple pathways for relief, even if the debt is valid and unpaid.

The legal framework at a glance

1) Financial Consumer Protection Act (FCPA) — Republic Act No. 11765 (2022)

  • Declares abusive collection and harassment unlawful across the financial sector.
  • Empowers regulators (Bangko Sentral ng Pilipinas, Securities and Exchange Commission, Insurance Commission, and Cooperative Development Authority) to investigate, penalize, order restitution, and suspend/close violators.
  • Gives consumers the right to timely redress through regulated complaint channels.

2) SEC rules for lending/financing companies (non-bank apps)

  • SEC registration and licensing are mandatory for lending/financing companies and their online lending platforms (OLPs).
  • The SEC prohibits unfair debt collection practices, including threats, profane or obscene language, public shaming, and contacting a borrower’s phone contacts to coerce payment.
  • The SEC can impose fines, suspensions, or revocations and order platforms taken down; it also names and shames unregistered/illegal OLAs.

3) BSP rules (bank-linked apps and lenders under BSP supervision)

  • BSP’s consumer protection framework requires fair treatment and responsible collections (no harassment, no misleading statements).
  • Banks and e-money issuers must maintain complaint mechanisms and are subject to BSP enforcement and penalties for abusive practices.

4) Data Privacy Act of 2012 (DPA) — Republic Act No. 10173

  • OLAs are Personal Information Controllers/Processors and must have a lawful basis to collect, use, and disclose personal data.
  • “Contact-shaming”—scraping your phonebook and texting your family, employer, or friends—often involves unauthorized processing/disclosure, which can be a criminal offense and a basis for administrative penalties by the National Privacy Commission (NPC).
  • Borrowers have data subject rights: to be informed, to access/correct, to object to processing, to erasure/blocking, and to damages.

5) Cybercrime law and the Revised Penal Code (RPC) Depending on the content and manner of the messages, text harassment can also amount to:

  • Grave threats or coercion (forcing payment by intimidation).
  • Libel/cyber libel (defamatory statements sent online or to third parties).
  • Unjust vexation or intriguing against honor (for persistent nuisance or humiliation). These are criminal and can be pursued via the Prosecutor’s Office, NBI-Cybercrime Division, or PNP-Anti-Cybercrime Group.

6) SIM Registration Act (RA 11934) and telecom measures

  • Facilitates traceability of numbers used in harassment and supports blocking or takedown requests routed through telcos and the NTC, particularly for scammy or abusive mass texting.

What counts as unlawful debt collection harassment?

While exact wording varies across regulations, red flags typically include:

  • Threats of harm, jail, or fabricated criminal cases; doxxing; or threats to contact your employer/HR.
  • Profane, obscene, or defamatory language; sending edited photos/memes to shame you.
  • Contact-shaming: blasting messages to people in your phonebook or on social media.
  • Excessive or unreasonable frequency of calls/texts, especially at odd hours.
  • False representations, e.g., pretending to be a government agent, court sheriff, or police.
  • Public posting of your alleged debt or sharing your sensitive personal data.

Important: A valid debt does not excuse illegal collection methods. You can pursue remedies for harassment even while negotiating or paying off the loan.

Your remedies and where to file

A) Administrative remedies

1) Securities and Exchange Commission (SEC) — for lending/financing companies and their OLPs

  • When to file: Harassment by a non-bank OLA; unregistered app; hidden fees; unfair collection.

  • What you can get: Investigation, fines/penalties against the company, orders to cease abusive practices, and platform takedowns.

  • How to prepare:

    • Company/app name, links, screenshots of the app store listing, and proof of use.
    • Evidence of harassment: screenshots, call logs, audio (if any), and a timeline.
    • IDs, contract/loan agreement, payment records.

2) Bangko Sentral ng Pilipinas (BSP) — for banks, e-money issuers, bank-partner apps

  • When to file: The lender or app is bank-supervised.
  • Relief: Corrective action, penalties, and mandated consumer redress.
  • Tip: Start with the bank’s complaint desk; escalate to BSP if unresolved.

3) National Privacy Commission (NPC) — for privacy violations

  • When to file: Your contacts were messaged, or your data was misused/disclosed without a clear lawful basis; denial of your data subject rights (access/erasure/objection).
  • Relief: Compliance orders, cease-and-desist, administrative fines, referrals for prosecution.
  • Also do this: Send the OLA a Data Subject Request (DSR) (sample below) to stop processing, delete unlawfully obtained data, and confirm actions taken.

4) National Telecommunications Commission (NTC) / Telcos — for number blocking and spam control

  • Report originating numbers for blocking; ask telcos about caller/texter management and filtering options.
  • Useful when harassment uses multiple prepaid SIMs.

B) Criminal remedies

  • File a criminal complaint (via the City/Provincial Prosecutor) for grave threats, coercion, libel/cyber libel, or unjust vexation, attaching your evidence.
  • For digital evidence or cross-border elements, coordinate with NBI-Cybercrime or PNP-ACG first; they can help with digital forensics and case build-up.

C) Civil remedies

  • Sue for damages (moral, exemplary, actual) under Civil Code Articles 19, 20, and 21 (abuse of rights; acts contrary to law/morals/good customs).
  • Include claims for privacy damages under the DPA and for injunctions (to stop harassment).
  • Consider the Rules on Small Claims for purely monetary claims under the prevailing threshold (check the latest threshold before filing).

Step-by-step action plan (practical)

  1. Secure evidence immediately

    • Save screenshots of texts/IMs (showing sender ID/number, date, time), call logs, voicemails/recordings, links, and any messages sent to your contacts.
    • Export app permissions (e.g., screenshots showing it asked for “Contacts” access).
    • Keep a timeline diary.

  2. Send a Dual-Purpose Notice (to the lender/app)

    • a) Cease & Desist / Fair-Collection Demand (cite FCPA and “unfair debt collection” prohibitions).
    • b) Data Subject Request under the DPA: revoke consent, object to processing for collections beyond legitimate purposes, demand erasure of scraped contacts and social-graph data, and ask for a response within a defined period.

  3. Protect your network

    • Alert family/employer that any messages about your loan are private harassment.
    • Consider changing app permissions (Settings → Apps → Permissions) and removing the app; if needed, factory-reset a secondary device you used for the loan to cut trackers.
    • Request number blocking from your telco and report to the NTC where applicable.

  4. File with the right regulator(s)

    • SEC (non-bank OLA), BSP (bank-supervised), NPC (privacy), and NTC/Telco (blocking). File in parallel if facts overlap.

  5. Escalate if threats or defamation persist

    • Go to NBI-Cybercrime/PNP-ACG; prepare your e-evidence.
    • Consider a criminal complaint and/or a civil action for damages.

  6. Debt resolution (in parallel)

    • If you intend to pay or settle, communicate in writing only. Ask for a SOA, full breakdown (principal/interest/fees), and a written settlement offer.
    • Avoid cash pickups; use traceable payments and keep receipts.
    • After payment/settlement, request a Certificate of Full Payment/Release and deletion of your data that’s no longer necessary.

Evidence checklist

  • Copies of the loan agreement, app screenshots, and permissions granted.
  • Harassment messages (with numbers/handles and timestamps).
  • Witness statements from contacts who were messaged.
  • Telco records (if available) and your complaint reference numbers from SEC/BSP/NPC.
  • Medical/psychological notes if you’re claiming moral damages (optional but helpful).
  • Employment records (if harassment reached your workplace).

Frequently asked borrower questions

Is non-payment a crime? Generally no (debt is a civil obligation). But issuing bounced checks (BP 22) or estafa scenarios are separate matters. Harassment is not justified by non-payment.

Can they contact my employer or my phonebook? Not lawfully. Contact-shaming and third-party disclosure are typically unfair collection and data privacy violations.

Can I be sued? Yes, for collection—but that’s a civil case. Harassment tactics are a separate legal risk for them, not a license to coerce you.

Should I delete the app? First preserve evidence (screenshots/exports). Then remove permissions/uninstall. If you still need access for statements, use a clean device with permissions locked down.

Sample one-page letter you can adapt

Subject: Cease and Desist; Data Subject Request (DPA) and Fair-Collection Demand To: [Name of lender/OLA], [email/address]

I am writing regarding Loan No. [_____]. Your representatives have sent me and persons in my contacts repeated messages containing threats and defamatory statements. These are unfair debt collection practices prohibited under Philippine law (including the Financial Consumer Protection Act) and constitute unauthorized processing/disclosure of personal data under the Data Privacy Act.

I hereby:

  1. Object to any further use of my personal data for harassment, public shaming, or third-party contact;
  2. Revoke consent to process any contact-list or social-graph data collected from my device;
  3. Demand erasure of all such data and confirmation in writing within 15 days;
  4. Demand you cease and desist from any unlawful collection communications, including contacting third parties and sending threats.

Failure to comply will lead me to file complaints with the SEC/BSP and the National Privacy Commission, and to pursue criminal/civil remedies.

Sincerely, [Name] [Mobile/Email] [Date]

Practical tips to reduce exposure

  • Use a dedicated number or device for fintech apps; keep permissions on a need-to-grant basis.
  • Prefer lenders that are properly licensed (SEC-listed or BSP-supervised) and that publish clear collection policies.
  • Read app permissions; deny Contacts, SMS, and Call logs access unless strictly necessary.
  • Keep written records of all negotiations and payments.

Bottom line

  • You do not have to tolerate harassment to resolve a debt.
  • Philippine law—through the FCPA, SEC/BSP rules, the DPA, and the RPC/Cybercrime framework—provides administrative, criminal, and civil tools to stop abusive OLAs.
  • The most effective strategy is parallel action: preserve evidence, send a targeted cease-and-desist + DSR, and file with the right regulators, while pursuing a clean, documented settlement if you intend to pay.

This article is for general information only and is not a substitute for legal advice tailored to your specific facts. If you’re under active harassment, consider consulting a lawyer to assess immediate remedies and potential damages.

Disclaimer: This content is not legal advice and may involve AI assistance. Information may be inaccurate.

Privacy Policy

Terms of Use

Lawyer Login

 
 
Privacy Policy         Terms of Use         Lawyer Login