The Securities and Exchange Commission, together with other government agencies, reminded online lending platforms (OLPs) to strictly comply with data privacy rules amid mounting complaints of abusive collection practices.
The SEC, along with the Department of Information and Communications Technology, and the National Privacy Commission, said lending and financing companies must adhere to existing rules on processing borrowers’ personal data under the Data Privacy Act of 2012 and the Financial Products and Services Consumer Protection Act.
The advisory reiterated earlier SEC rules aimed at protecting borrowers, particularly SEC Memorandum Circular No. 18, Series of 2019, which prohibits unfair debt collection practices.
Another is SEC Memorandum Circular No. 19, Series of 2019, which requires firms to disclose the online lending platforms they operate.
Authorities have flagged persistent reports of OLPs engaging in harassment, intimidation, and public shaming, as well as the unlawful use of personal data in collecting debts. They stressed that digitalization should not come at the expense of consumer protection.
OLPs were reminded that they are barred from accessing the contact lists of borrowers and reaching out to individuals who are not declared guarantors. Regulators said such practices constitute disproportionate processing of personal data and may lead to harassment and unfair debt collection.
The advisory also underscored that the obligation of lenders is to ensure the secure disposal or destruction of personal data once processing is no longer necessary. Borrowers, meanwhile, must be given the ability to revoke permissions granted to mobile applications after their purpose had been fulfilled.
The public was also urged to remain vigilant when using online lending apps, by downloading only from verified sources and transacting only with SEC-registered entities. Borrowers should carefully review privacy notices, avoid granting unnecessary permissions, and secure the consent of guarantors before sharing their information.
Abusive collection practices, often involving online lending platforms, have been a cause of distress for many Filipinos, not only the borrowers with unpaid loans, but even those whose only offense was to be included in the contact lists that the lenders were given access to. This gross violation of data privacy laws should have never been allowed, and the only way to rectify the mistake is for the government to not only remind borrowers to be more careful with their data when they apply for loans, but also to penalize the violators to ensure the practice is ended as soon as possible.*
