'EZ' money from online lending apps for the holidays? Not exactly
"Welcome to the golden age," some Filipinos say. They don't refer to a period of prosperity, but rather the time when prices of goods are ever-increasing.
Especially with the holidays fast approaching, some members of the working class—aside from a second job, several rakets, and other side hustles—turn to borrowing money, particularly from online lending apps (OLAs).
Certain OLAs are accessible in just a few clicks, with the money being immediately available within the day. More importantly, the OLAs in question promise no collaterals.
A Merry Christmas and a Happy New Year, right? Or is it?
Even with the seemingly easy transaction, there are multiple risks ahead. The National Privacy Commission (NPC) has since reported an influx of complaints from borrowers, whose personal data have been compromised.
Complaints include companies reportedly aggressively messaging their loved ones, threatening to "expose" them on social media and file cases against them for missing their due date.
Even if that's the case, it's unfair and unethical for companies to make such threats, the NPC noted. In fact, it's a criminal offense.
Under the Republic Act No. 10173, or the Data Privacy Act of 2012 (DPA), everybody's personal information must be secured and protected.
Under Section 11, personal information must be:
- collected for specified and legitimate purposes;
- processed fairly and lawfully;
- accurate, relevant, and necessary;
- adequate and not excessive;
- retained only for long as long as necessary; and
- kept in a form that permits the identification of data subjects.
Malicious and unauthorized disclosure of personal information, among other offenses under Sections 25 to 32, leads to the imprisonment of at least a year and a minimum fine of P500,000. A combination of several offenses means longer imprisonment and larger fines.
In a separate circular in 2020, the NPC also detailed guidelines on processing personal data from loans.
Lending companies and financing companies, in accordance with the DPA, shall limit the collection of personal data. They must only be done in line with the applicable know-your-customer policies, determining creditworthiness, and preventing fraud. Once the purpose of vetting has already been achieved, NPC Circular No. 20-01 states that OLAs shall prompt users to disallow these permissions.
In NPC's video explainer hosted by PhilSTAR L!fe's Got a Minute presenter Carlo Lorenzo, the public is warned about OLAs requesting access to phone contacts, social media friends, media gallery, email, device storage, text messages, calendar, microphone, and location. OLAs making such several requests can be dangerous.
Lorenzo says one must go to About this App, then App Permissions/App Privacy Notice to check what areas the app has access to. One may also check their phone's Settings and see the concerned OLA's Permissions under Apps and Notifications. Lorenzo also suggests changing the access setting to "Ask Every Time," if not "Deny" or "Don't Allow," to be sure.
The NPC Circular No. 20-01 also states that OLAs cannot access and save personal details, particularly for debt collection later on and for harassing borrowers and their contacts.
"In all instances, online lending apps must have a separate interface where borrowers can provide character references and/or co-makers of their own choosing," the circular reads.
When all else fails, one may email [email protected] for assistance.
But at the end of the day, inasmuch as OLAs and other financial entities are held accountable for ensuring data privacy, Lorenzo has a gentle reminder to everybody, borrowing money or not: "Kaakibat ng proteksiyong ito (DPA) ang ating responsibilidad na maging mapanuri at responsable sa pagbibigay ng ating personal na impormasyon."