[ad_1]
A digital credit lender has failed to overturn a Sh900,000 damages slapped on it for violating the right to privacy of three people listed by a loan defaulter as guarantors or emergency contacts.
High Court judge Joe Omido upheld the compensation of damages against Credit Watch Investment Limited, which was slapped on it by the Office of the Data Protection Commissioner (ODPC) last December.
The judge said without a doubt, the calls made by the digital lender to Peter Mbugua, Timothy Ngome and Aggrey Timothy went beyond making a follow up on the whereabouts of the borrowers in the event that they could not be reached on phone.
The judge said the incessant calls amounted to a violation of Section 26(a) of the data protection Act, as there was no information given by the lender to the three individuals that the same would be used to pursue the defaulters of the loans and ensure that they paid up.
“I find the appeal herein to be devoid of merit and proceed to dismiss it. The determination of the ODPC dated December 1, 2023, made pursuant to Sections 8(f) and 56 of the Data Protection Act, 2019 and Regulation 14 of the Data Protection (Complaints Handling Procedure and Enforcement) Regulations, 2021 is hereby upheld,” said the judge.
The court heard that the digital credit provider operated a money lending product known as Cloudloan, and the ODPC was notified of the complaints filed against it by the complainants.
After hearing the complainants, the ODPC found the lender liable and awarded each of the complainants Sh300,000, each as damages for distress. The three complainants produced several copies of printed screenshot messages sent to their mobile phones by the lender.
The messages indicated that they had been listed as the guarantors or emergency contacts of persons who had taken mobile loans through its Cloadloan mobile platform and who had subsequently defaulted.
The lender demanded that they reach out to the mobile loan defaulters as a matter of obligation and ensure that they pay up the defaulted loan amounts.
The complainants claimed that some messages had veiled threats that unspecified action would be taken against them if the loan defaulters did not pay up.
They further submitted that each had received several phone calls from different numbers from persons who stated that they were agents of the lender, asking them to follow up the loan defaulters and ensure the money was repaid.
While acknowledging that the unsolicited messages and phone calls were made to the may have caused them distress, the lender stated that their customers were required to include secondary or emergency contacts during the application process for Cloudloan.
The digital lender said it was the responsibility of their customers to ensure that the emergency contacts that they provided were aware and had consented to being emergency contacts.
The judge, however, said Section 26(a) of the Data Protection Act, 2019 provides that a data subject has a right to be informed of the use to which their personal data is to be put.
“It is instructive from the Appellant’s (Lender) response that it collected the Respondents’ personal data from third parties (the borrowers) and did not have any mechanism of ascertaining that the Respondents had given their consents for their personal data to be used and the purpose for which the same was to be used,” said the judge.
[ad_2]
