NPC conducts hearings on 48 online lending apps after over 400 harassment complaints

Over 400 complaints of alleged harassment and shaming by various mobile online lending operators have swamped the National Privacy Commission (NPC) recently, with borrowers crying foul over perceived reputational harm and abuse of their data privacy rights.

Speaking to reporters, Privacy Commissioner Raymund Enriquez Liboro said the agency is presently handling a total of 485 complaints against operators of online lending applications that allegedly misused the borrower’s information, including the disclosure of unpaid balances to other people. At least 235 cases were formally pursued by complainants and are now subject of NPC hearings.

“Over the past few months, we received almost identical complaints that pile up by the day from individuals accusing online lending apps of rude practices. Complainants say the harassment and shaming started when they failed to pay their balances on time. The people behind the lending app called or texted their contact list about their inability to return the money, causing them embarrassment and emotional stress,” Liboro said.

Upon download, the mobile apps allegedly require access to contact information, photos, files and documents saved in the borrower’s phone, before processing of the online loan application can proceed. If a borrower fails to pay on time, all of his or her phone contacts receive a collection text message or call stating the borrower’s full name and outstanding balance.

“The NPC has started conducting hearings on the cases and it is vital that we also hear the respondent’s side of the story and we would highly appreciate it if they cooperate,” Liboro said.

In case culpability is established, erring mobile online lending operators may face temporary or permanent ban from operating while the NPC may also award damages to affected individuals. The cases could also be referred to the Department of Justice for criminal prosecution. However, during the course of the proceedings, the parties may opt for mediation where they may freely arrive into settlement.

On the bright side, Liboro noted this surge of complaints could be seen as an indication of people’s growing awareness of day-to-day data privacy issues. It also shows the increasing comfort level of Filipinos about digital technology, including online financial exchanges, which is built on the foundation of consumer. But much work needs to be done. “If left unaddressed, problems like these may slow down our momentum towards a data-driven Philippines,” Liboro said.

Simultaneous to its enforcement efforts, the NPC is also intensifying its awareness drive aimed at data subjects as well as data controllers and processors, with the Privacy Awareness Week (PAW) 2019 happening on May 25 - 31.

“Citizens need to know that they should carefully read privacy notices before they give consent to any personal data processing. PICs, meantime, should be fully transparent when declaring how they will process and use the personal data they collect, assuming full accountability,” Liboro said.

This year’s theme for the PAW is “Datos ng Pilipino, Protektado Ko! (Protecting the Digital Filipino: Accountability, Compliance & Ethics in a Data-driven Philippines).

“Upholding data privacy rights by those who process our personal data cannot happen with mere paper compliance. It has to be rooted in a sense of public accountability to data subjects. That’s what this year’s tagline emphasizes. It’s all about owning up to the responsibility of safeguarding people’s data and living up to the trust they conferred upon your organization,” Liboro said.

Serving as its flagship event for the PAW 2019 celebrations, the NPC shall conduct the 2nd National Data Privacy Conference (NDPC).

The NDPC is expected to draw more than 2,000 participants on May 23 and 24 at the Philippine International Convention Center. This year’s theme is "Protecting the Digital Filipino: Accountability, Compliance & Ethics in a Data-Driven Philippines.”

One of NDPC’s highlights is the 1st Digital Data Governance in the Public Sector Conference, which is solely for Data Protection Officers in the government. For the private industry, there will be breakout sessions targeting each sector’s specific needs.

# # #