Issue of October 25, 2020
Mt. Province
Other Links:
Online lenders barred from getting client’s contact list
by Press release

Lenders operating online apps that can be installed in smartphones are prohibited from harvesting personal information, such as phone and social media contact lists, to harass delinquent borrowers, the National Privacy Commission (NPC) said.

The NPC issued Circular 20-01 on Oct. 19 in response to numerous complaints that online lenders were illegally using the personal data of clients and those in their contact lists, causing damage to reputation and violating the rights of the latter as data subjects.

The harassment and shaming of delinquent borrowers before relatives, friends, and colleagues have persisted despite separate orders last year from the NPC and the Securities and Exchange Commission to shut down errant online creditors.

Upon the effectivity of the circular 15 days after publication, all lending and financing companies in possession of their borrowers’ contact lists in whatever form in violation of the guidelines shall dispose of the information in a manner that would prevent further unauthorized processing, access, or disclosure to any other party or the public, the NPC said.

“The NPC is issuing this circular for the appropriate and respectable treatment of borrower’s personal information,’’ Privacy Commissioner Raymund Liboro said.

He said online lending applications should design their business processes with privacy by design and default, and with complete adherence with the principles of the Data Privacy Act.

“Once again, we remind online lending operators and businesses to take their customers’ data privacy seriously and deploy adequate security measures. For the public, we hope this circular will help them keep an eye out for red flags while they are in the process of borrowing money from online lenders,’’ Liboro added.

He added the circular lays out what online lending operators can and cannot do with borrowers’ personal information to avoid instances of abuse.

Unnecessary permissions include accessing phone contact or e-mail list, harvesting social media contacts, copying or otherwise saving these for use in debt collection, or harassing the borrower or his/her contacts.

Access to the phone camera of the borrower is allowed only for the purpose of know-your-customer policies. In no way shall the borrower’s photo be used to harass or embarrass him or her to collect a delinquent loan.

App permissions are allowed only under suitable, necessary and not excessive purpose of know-your-customer for determining credit worthiness, preventing fraud and collecting debt.

``When such purpose has already been achieved, such online apps shall prompt the data subject to turn off or disallow these permissions,’’ the circular said.

In terms of personal information controllers, lending and financing companies must implement reasonable and appropriate organizational, physical, and technical security measures to protect personal data.

Details concerning the loan must be written in a clear language and in the most appropriate format.

Borrowers must be informed if the loan processing activity involves the use of profiling, automated processing, automated decision-making, or credit rating or scoring.

A separate lawful criterion must be in place pursuant to Sections 12 and/or 13 of the Data Privacy Act, should information be used for marketing, cross-selling, or sharing with third parties for purposes of offering other products or services not related to loans.

Reasonable policies on retention of data must be adopted and implemented for those with denied loan applications and borrowers who have fully settled their loans.

The circular stated lending or financing companies and persons acting like these entities are at all times accountable for personal data under their control or custody.

“They shall not use any personal data to engage in unfair collection practices as defined under SEC Memorandum Circular 18, s.  2019,” the circular stated.

Any lender found in violation of the circular shall be liable under the applicable provisions of the Data Privacy Act, which imposes fines and imprisonment.

The NPC observed that a month after it ordered the shutdown of 26 online lending companies in October last year, the complaints it received from the public declined 90 percent.

Your Ad Here

‘OPS only gives SM license to negotiate city market deal’

Punong brgys asked to prepare for longer battle vs COVID-19

SBCorp to expand CARES with P10 B fund from Bayanihan 2

BCDA sets another round of COVID tests

BLISTT bolsters ties for COVID-19 fight

New Bantay Asin TF formed

Baguio declares November as Ibagiw Festival Month

Bocaps told to monitor projects

TESDA-CAR kicks off free training on contact tracing

Landbank grants 6-day timeout on loan payments

3 big projects set on 10-hectare portion of Baguio Dairy Farm

Hotels in GCQ, MGCQ areas opens at full capacity soon

PRC warns against fixer

Philippine National Police – Police Regional Office – CAR
R.A Gapuz Review Center

Baguio Central University
Baguio Country Club
Benguet Electric Cooperative Inc.
Congressman Mark Go
Data Center of the Philippines of Baguio City, Inc.
Department of Health – CAR
Kings’ College of the Philippines
Mayor Benjamin B. Magalong
Pines City Colleges
Sangguniang Panlungsod
SM City Baguio
Social Security System
Veterans Bank

Albergo Hotel and Residences
Baguio Center Mall
Baguio Water District
C & Triple A Supermart
Congressman Nestor B. Fongwan
Curamed Pharmacy
Department of Agriculture – CAR
Department of Environment and Natural Resources – CAR
Ganza & Solibao Restaurants
GMS Technology
Governor Melchor D. Diclas
John Hay Management Corporation
Mayor Romeo K. Salda
MMS Development Training Center Corporatino
Mother Earth Deli Basket
Philipppine Science High School
Regional Development Council – CAR
Home | About Us | Editorial Policy | Contact Us  
News | Opinion | Snapshots | Week's Mail | Obituaries  
Copyright © 2007-2015. All Rights Reserved.