The National Privacy Commission (NPC) has joined hands with two groups from the finance sector in urging online lenders to stop excessive data collection and start complying with the Data Privacy Act.
Along with members of Fintech Alliance.ph and Philippine Finance Association, the NPC reminded online lenders that they face consequences whenever they fail to uphold clients’ rights as data subjects.
The joint statement comes after the Google Store took down four online lending apps on NPC orders. The apps were found harvesting grossly excessive data — from media files to social media data – supposedly for the purpose of evaluating creditworthiness.
“We… strongly condemn the practice of some online lending platforms in harvesting excessive information without legitimate purpose through the use of unreasonable and unnecessary apps permissions including saving and storing their clients’ contact list and photo gallery ostensibly to evaluate their creditworthiness. Such practice is unnecessary because an applicant’s creditworthiness may be determined through other lawful and reasonable means,” the NPC and the fintech groups said.
Based on reports and complaints to the NPC, the sector has posted an alarming rate of data privacy violation over the past few years, using methods such as debt shaming and harassment of delinquent borrowers.
“We likewise reiterate our appeal to non-compliant operators of online lending apps to refrain from exploiting borrowers by using the borrowers’ personal data to shame and coerce them into paying their loans through unauthorized and unfair use of their personal data,” the statement said.
The agency and its partners from the finance sector also reminded online lending companies to adopt existing codes of conduct and an NPC issuance to ensure lawful collection and processing of data from borrowers.
“Now more than ever, business operators must act with consideration and a strong moral code as the whole world struggles with the exhaustive toll of the Covid-19 pandemic,” they said.