Amid polarized opinions on the implementation of SIM card registration, the Philippine government has released the implementing rules and regulations (IRR) for its new law that are intended to protect users from fraud and misuse of prepaid mobile phones.
The IRR was released by the National Telecommunications Commission on Monday, December 12th, and will take effect starting December 27th. Under the new law, all prepaid mobile phone subscribers will have 180 days from its effectivity to register their SIM cards and up to 120 days for an extension. Otherwise, their mobile numbers will be deactivated.
The new rules are expected to increase security while giving the government access to necessary information in order to prevent fraud, counterfeiting, and other crimes.
The country’s top telcos, PLDT (Smart) and Globe Telecom, have expressed support for the law, but some groups – like journalists, lawyers, and cybsersecurity practitioners – have been vocal in their concerns.
Varying rules for varying users
New users will need to register their SIMs – which will be sold in “deactivated mode” – starting December 27th. Registration is free and covers all types of SIMs, including embedded SIMs, broadband modems, and IoT devices.
New users will also need to present identification documents and fill out a registration form electronically through a secure website provided by the telco provider. Minors below the age of 18 will need to be registered under the name of their parent or guardian who must present an ID as well as their consent.
Existing prepaid subscribers will also need to register with their respective telco providers within 180 days from the Act’s effectivity of October 28th. The registration period may be extended for another 120 days. Failure to register will result in the automatic deactivation of the SIM, which can only be reactivated within five days from deactivation.
The rules are slightly different for foreigners, who will need to provide more documents including the type of travel or admission document presented, ID number or number of document presented and address in the Philippines. Tourists will be given a SIM card that is valid only for 30 days but can be extended upon presentation of an approved visa extension. Other types of visas allow foreigners to acquire SIM cards without the 30-day restriction.
Postpaid subscribers who already possess existing details in the SIM registry must validate their information and data through the telco provider’s platform or website.
Penalties for violations
Violations of the SIM registration law will result in varying penalties.
For providing false information or documents to register a SIM or illegal sale or transfer of a registered SIM, penalties range from imprisonment ranging from six months to two years or a fine not less than P100,000 ($1,780) but not more than P300,000 ($5,300), or both.
A breach in confidentiality will also result in a penalty of a fine not less than P500,000 ($8,850) but not more than P4 million ($71,450). Meanwhile, spoofing a registered SIM carries a penalty of imprisonment of no less than six years or a fine of P200,000 ($3,500).
Telcos refusing to register a SIM without a valid reason will face a fine of P100,000 ($1,780) for the first offense and a fine of not less than P300,000 ($5,300) but not more than P500,000 ($8,850) for the second offense. For the third and subsequent offenses, telcos can be fined a minimum of P500,000 ($8,850) but not more than P1 million ($17,870).
Privacy concerns raised over SIM registration
In a conversation with BusinessWorld, lawyer and data protection officer Jose Gabrielle G. Petrac said that while the objective of the bill was noble, he had concerns over its implementation.
“Although crimes involving telecommunication should be given the utmost attention, the regulation of modern technology should also be met with modern solutions, not another layer of government regulation that purely relies on human intervention,” he said.
Data privacy advocates around the world agree. They also believe that, in order to protect the citizens’ right to privacy, regulators should focus on passing laws and regulations that prevent data exploitation rather than relying on data collection for enforcement.
Be the first to comment