Dear Attorney,

I would like to raise a concern regarding a potential issue with a phone I purchased through a well-known online marketplace in January 2022. I bought a POCO X3 GT from an official store on the platform, but after using it for a period, I decided to perform a factory reset due to full storage.

After the reset, the device suddenly changed its model identification from POCO X3 GT to Redmi Note 10 Pro. I was confused, as I had never encountered this discrepancy before. While setting it up again and logging into my accounts (such as Gmail, social media, and my bank), I received notifications alerting me to a "new device sign-in," even though I was using the same phone.

My concern is that the phone might have been reprogrammed to appear as a POCO X3 GT, while in reality, it could have been a different device originally, possibly the Redmi Note 10 Pro. I am deeply worried about the implications of this on my personal data security and privacy. Since the factory reset may have reverted the phone to its original settings, I fear that my sensitive data could have been compromised. I have contacted the seller and customer service, but they have been unable to provide any satisfactory explanation. I have also reached out to the Department of Trade and Industry (DTI), but I have not received a response yet.

Could this be considered a case of consumer fraud, and how should I proceed to protect my data and assert my rights? I can provide screenshots of the notifications from my bank and email for reference.

Insights:

Based on the details provided, this situation raises several legal issues. First, there is the matter of product misrepresentation. If the phone was sold as a POCO X3 GT but is actually a Redmi Note 10 Pro, this may constitute deceptive sales practices under the Consumer Act of the Philippines (RA 7394). The law requires that products be accurately described, and failure to do so can result in legal liability for both the seller and the platform facilitating the sale. You may have grounds to file a complaint with the DTI, which handles consumer protection issues, and potentially seek redress under the small claims process if monetary damages are involved, though the focus should remain on the misrepresentation itself.

Second, your concern about privacy and data security is valid. If the device was altered in such a way that it affected its original programming, there is a risk that your personal information, including bank details and social media accounts, could be compromised. The Data Privacy Act of 2012 (RA 10173) aims to safeguard personal data and holds entities accountable for data breaches or unlawful processing. If there is evidence that your personal data has been exposed or misused, you may want to report this to the National Privacy Commission (NPC). Additionally, changing device models post-factory reset without your knowledge can be a sign of unauthorized reprogramming, which could pose security risks.

To safeguard your rights, you should document all interactions with the seller and customer service, save the notifications you received from your bank and Gmail, and continue to follow up with the DTI. It may also be wise to change all passwords and implement additional security measures, such as two-factor authentication, for the accounts in question.

Lastly, you may want to consider exploring further legal options, such as filing a formal complaint for product misrepresentation or even data breach if evidence suggests improper use of your personal data.