Some online lenders are using illegally obtained personal data to shame or harass borrowers when they failed to meet their obligations.
The Philippine NPC (National Privacy Commission) has reiterated directions to online lenders ordering them to stop collecting and using customers’ personal data for illicit activities.
The privacy watchdog issued the directive after impacted borrowers raised concern that some online lenders were using illegally obtained data to shame or harass them when they failed to meet their obligations.
According to the NPC, lenders operating online apps that can be installed in smartphones are prohibited from harvesting personal information such as phone and social media contact lists to harass delinquent borrowers.
The harassment and shaming of delinquent borrowers before relatives, friends and colleagues has reportedly persisted despite separate orders last year from the NPC and SEC (Securities and Exchange Commission) to shut down errant online creditors, the NPC said.
Last month, the NPC issued Circular No. 20-01 in response to numerous complaints that online lenders were illegally using personal data of clients and those of others on their contact lists, causing damage to their reputation and violating their rights as data subjects.
The circular requires all lending and financing companies in possession of borrowers’ contact lists in whatever form to dispose of the information in a secure manner that would prevent further unauthorised processing, access, or disclosure to any other party or the public, the NPC said.
“The National Privacy Commission is issuing this circular for the appropriate and respectable treatment of borrower’s personal information,’’ said privacy commissioner Raymund Liboro.
The NPC advises online lenders to design their business processes in compliance the principles of the Data Privacy Act (DPA).
Under the circular, unnecessary permissions include accessing phone contact or e-mail lists, harvesting social media contacts, copying or otherwise saving these for use in debt collection or to harass the borrower and their contacts is banned.
Access to the phone camera of the borrower is allowed only for KYC purposes. “In no way shall the borrower’s photo be used to harass or embarrass him or her in order to collect a delinquent loan,” the NPC said.
Any lender found in violation of the circular will be liable under the applicable provisions of the DPA, which impose fines and imprisonment.
The NPC said that a month after it ordered the shutdown of 26 online lending companies in October last year, the complaints it received from the public declined 90 percent.