Fintech Alliance.PH warns public about online lending apps’ deceptive tactics
The Fintech Alliance.PH is one with the National Privacy Commission (NPC) and various industry players in condemning the insidious practice of illegal and irresponsible data harvesting of some online lending applications.
Several online lending platforms have been found to be exploiting users’ data by using unnecessary app permissions in order to access and store excessive amounts of their user’s private information without any justifiable reason. This is in violation of the Data Privacy Act of 2012, which protects and secures the privacy of every personal information and information in the communications systems in order to ensure the free flow of information that contributes to innovation and nation-building. Anything in violation of the Data Privacy Act is also a violation of the users’ trust and confidence in financial institutions that are supposed to uphold their ownership of their own data.
“We call on the non-compliant online lending platforms to remember our obligation to our clients to uphold their right to safe and secure transactions, as well our obligation to follow the rule of law when it comes data storage and management. There is no room for these deceptive tactics when it comes to the use of our customer’s data, especially during this pandemic. We continue to advocate for legal, responsible, and reasonable data management. The customer’s trust is paramount in our operations,” said Lito Villanueva, Founding Chairman of Fintech Alliance.PH.
Just this August, four online lending platforms have been taken down by the NPC due to excessive and illegal data mining. Numerous clients have stated that these lending apps use the customer’s personal information in order to harass and shame their borrowers who are unable to pay for their loans. Fintech Alliance PH maintains that there are better, legal ways of doing a background check and holding a potential client accountable. Rather than storing a client’s private information and using it to force the client to pay his dues, there are many ways to make the loan payment terns more suitable to the borrower.
The FinTech Alliance adopted an industry-wide code of conduct and code of ethics in 2018 in collaboration with the NPC, Bangko Sentral ng Pilipinas, Insurance Commission, Securities and Exchange Commission, Department of Trade and Industry, and the Credit Information Corporation. These codes aim to ensure consumer protection and compliance with relevant laws and regulations.
The NPC pointed out how these apps seem to force clients into giving access to their private accounts in exchange for a quick loan.
“These online lending apps raised many red flags and the companies operating these apps demonstrate problematic data actions that expose borrowers to serious privacy risks and harms,” said Privacy Commissioner Raymund Liboro.
The commissioner pointed out how these apps have been engaged in “irrelevant, unnecessary, and excessive” harvesting of information without the client’s free and informed consent.
According to NPC, through the app permissions that were required of the borrowers, these online lending platforms are able to process the borrower’s sensitive personal information including their social media platform data, media files, contacts, and location. This extensive and invasive access to the borrower’s data that can even access third party information can reach as far as the borrower’s employer, social services, utilities, government transactions, remittances, and financial service providers. One of these online lending apps can even read and the borrower’s calendar and send emails to contacts without the borrower’s knowledge.
In 2019, some 26 online lending apps have been summoned by the commission to explain similar allegations. These apps have subsequently been taken down after failing to meet the commission’s standards. This year, the FinTech Alliance has expelled one of its members for non-compliance and violation of data privacy law.