The NPC enforces the Data Privacy Act of 2012 in the Philippines. It investigates data breaches, harassment by lending apps, and unauthorised use of personal data, and can fine violators and revoke their operations.
The National Privacy Commission is established under Republic Act No. 10173 (Data Privacy Act of 2012). The NPC administers and enforces data privacy laws in the Philippines. Key rights under the Data Privacy Act: right to be informed of what data is collected; right to access your data; right to object to processing; right to erasure ('right to be forgotten'); right to data portability; right to file a complaint if your data is misused. The NPC has been particularly active in cases involving: lending apps that access phone contacts without proper consent and harass borrowers' contacts; data breaches of personal information; unauthorised disclosure of health or financial records; and CCTV and biometric data misuse. To file a complaint: lodge online at privacy.gov.ph or visit the NPC office in Manila. The NPC can order an entity to stop processing, impose fines, and recommend criminal prosecution (violations carry 1–5 years' imprisonment and fines up to ₱5 million).
A borrower's friends and family start receiving threatening calls from a lending app's collectors who accessed the borrower's phone contacts without consent. The borrower files an NPC complaint. The NPC orders the app to stop, delete all harvested contacts, and pay fines.
The Advocate covers Filipino law and Scripture — 389 real scenarios across 7 countries with exact rebuttals and law references. Free to start.
Explore Filipino Rights — Free