FOL;LOWING COMPLAINTS of online lending apps using users’ phone data for debt collection, the National Privacy Commission (NPC) said harvesting such data violates the debtor’s privacy rights.
In its Circular No. 20-01 released on Monday, the NPC said several lending apps allegedly process the personal data of its clients “without lawful basis,” noting that some users complained that people in their contact list were reached out to by debt collectors, “causing damage to their reputation”.
The circular, entitled “Guidelines on the Processing of Personal Data for Loan-Related Transactions,” said harvesting the contacts or social media account of a person “for use in debt collection” is prohibited.
“Access to contact details in whatever form, such as but not limited to the phone contact list or e-mail lists, the harvesting of social media contacts, and/or copying or otherwise saving these contacts for use in debt collection or to harass in any way the borrower or his/her contacts, are prohibited,” the circular reads.
Other things prohibited by the guidelines include money lending apps asking for unnecessary access to a borrower’s phone camera and using a borrower’s photo to be used to “harass” or “embarrass” to collect an overdue loan.
“App permissions are allowed only under suitable, necessary and not the excessive purpose of KYC (know-your-customer policies) for determining creditworthiness, preventing fraud and collecting debt,” the circular reads.
Lending and financing companies or individual lenders, it said, are “at all times accountable” for the personal data of its users.
Depending on the violation, it said a lender can face fines and imprisonment under the Data Privacy Act.
“They shall not use any personal data to engage in unfair collection practices as defined under SEC Memorandum Circular No. 18 series of 2019. Such practices may also be construed as a punishable act under the DPA,” the circular reads.
In a press release, NPC Commissioner Raymund Liboro said the circular was released to promote the “appropriate and respectable treatment” of a borrower’s personal information.
“We remind online lending operators and businesses to take their customers’ data privacy seriously and deploy adequate security measures. For the public, we hope this circular will help them keep an eye out for red flags while they are in the process of borrowing money from online lenders,’’ Liboro said.
A month after the NPC ordered the shutdown of 26 online lending companies in October last year, it said user complaints dropped by as much as 90 percent. (By Raymond Carl Dela Cruz)
