THE SECURITIES and Exchange Commission (SEC), Department of Information and Communications Technology (DICT), and National Privacy Commission (NPC) issued a joint advisory reminding online lending platforms (OLPs) to comply with data privacy and borrower protection rules.
“The government recently received numerous reports of [OLPs] engaging in harassment, intimidation, public shaming and unlawful use of personal data in their collection practices,” the advisory read.
“Digital transformation must protect — not prey upon — the Filipino people. The National Government stands firm in enforcing the law and safeguarding the rights, privacy, and dignity of every Filipino in the digital economy,” it added.
The advisory cited Republic Act No. 10173, or the Data Privacy Act of 2012, and Republic Act No. 11765, or the Financial Products and Services Consumer Protection Act. It also referenced SEC Memorandum Circulars No. 18 and 19 (both Series of 2019), which prohibit unfair debt collection practices and require disclosure of OLP operations by financing companies.
The SEC, DICT, and NPC said OLPs must not access borrowers’ contact lists or contact non-guarantors, as these practices may lead to harassment, unauthorized debt collection, and excessive processing of personal data.
The joint advisory also requires OLPs to securely dispose of data once it is no longer needed and to allow users to revoke application permissions after the purpose has been fulfilled, among other requirements.
“Violations of applicable laws, [implementing rules and regulations], and SEC regulations may subject the erring [financing and lending companies] to administrative sanctions, including fines, suspension or revocation of authority to operate, and other penalties provided under relevant laws,” the SEC, DICT, and NPC said.
The regulators also reminded OLP users to remain vigilant against risks to their personal data. They advised users to download applications only from official or verified sources linked to SEC-registered firms.
The advisory also emphasized the need to review privacy notices carefully, noting that some applications use deceptive tactics to process user data. It added that borrowers should check application permissions to prevent unnecessary access beyond legitimate needs.
“Borrowers must also inform and secure the express consent of their guarantors,” the three agencies said.
Victims of unfair debt collection may file complaints with the SEC Financing and Lending Companies Department through its e-mail address or hotline.
Harassment, threats, fraud, and scams should be reported to authorities, including the DICT, National Bureau of Investigation, and Philippine National Police. — Alexandria Grace C. Magno
