MANILA, Philippines — The National Privacy Commission (NPC) on Saturday said it fully supported the registration of all subscriber identity module (SIM) cards as a means to curb text scams and other crimes using cell phones that would be required under a bill, which could be signed into law by President Ferdinand Marcos Jr. as early as Monday.
The NPC said the proposed SIM Registration Act — the consolidated version of House Bill No. 14 and Senate Bill No. 1310 — would “prevent the proliferation of various and evolving electronic communication-aided criminal activities” being committed in anonymity.
A SIM card carries a unique telephone number and stores some personal data. Without it, phone calls cannot be made, text messages cannot be sent and transactions using ecommerce phone apps cannot be established.
The NPC noted that mandatory SIM card registration would “entail a massive collection of personal data” and called for ways to prevent data breaches.
“Hence, there is a strong need to develop a technology-neutral approach and to future-proof the proposed legislation to achieve its intended purpose, in a manner that respects the rights and freedoms of the data subjects,” it said in a statement.
There are more than 120 million mobile customers in the country, including persons with multiple phone numbers. Around 95 percent of them are prepaid card users who, unlike postpaid account holders, acquired their SIM cards without giving any personal information to telecommunications companies.
That figure is more than the 72 million Filipinos who registered for the national identification card reported by the Philippine Statistics Authority as of August.
Information and Communications Secretary Ivan John Uy told reporters on Thursday that he was informed that the president was to sign the consolidated bill on Monday after it was submitted to Malacañang on Oct. 4.
It would be the first law signed by Marcos since taking office.
Control starts at sale
Under the measure, all the new SIM cards sold after the law is enacted will be in a deactivated mode. To activate them, users will be required to register their SIMs with the concerned public telecommunication entity (PTE) — the telcos and their representatives. Registration will be at point of sale, meaning no SIM card will be sold to an individual who refuses to provide personal information.
All existing postpaid and prepaid SIM users will be required to register within 180 days, or about six months, from the effectivity of the law to avoid deactivation. The Department of Information and Communications Technology can extend the registration period for not more than 120 days (about four months).
All SIM cards that are not registered within the prescribed period will be deactivated automatically. These could only be reactivated after they are registered according to the law.
Valid ID
A valid government-issued identification card with a photograph to verify the person’s identity will be required. A foreigner must present his or her passport and give a Philippine address.
A SIM card may be registered for use by a minor but will be under the name of a parent or guardian.
Tourists visiting the Philippines who want to get a SIM card will be required to present their passports, proof of address in the Philippines and a return ticket to their country or any other ticket showing the date and time of their departure from the Philippines. Their SIM cards will be deactivated after 30 days.
PTEs, their agents or employees will be fined P500,000 to P4 million for breach of confidentiality. Those who fail or refuse to register a SIM without a valid reason will be fined P100,000 up to P1 million.
Telcos supportive
Officers of Globe Telecom Inc. and Smart Communications Inc., the country’s two biggest telcos, have said their companies also supported SIM card registration.
“We believe that once signed into law, SIM registration will take us a step ahead of fraudsters and help achieve our shared goal of eradicating scam and spam messaging,” Globe Group general counsel Froilan Castelo said in a recent statement.
The Ayala-led company said it was ready to work with the government in crafting the proposed law’s implementing rules and regulations.
Smart vice president and head of regulatory affairs Roy Ibay earlier said his company was looking at key features of the bill ratified by the House and the Senate, and would be prepared to share his company’s “knowledge of global best practices.”
Rodolfo Santiago, chief technology officer of DITO Telecommunity, had raised the need to use the national ID and the passport to validate subscriber identity under the proposed law.
“Doing so will unburden the telcos of the need to establish another database to store biometrics data, which would be time-consuming and resource heavy,” he explained.
Text scams
Copywriter John Paolo Bencito, who uses both prepaid and postpaid SIM cards, is relieved that their sale would now be regulated in the country and was optimistic that this would deter text scams. On Saturday alone, he received at least four spam messages.
He was confident that there would be enough safeguards to prevent possible personal data breaches.
“SIM card registration is not a new idea also, it’s being used in Malaysia, Singapore and in other countries,” Bencito said.
“Only here in the Philippines that people can easily swap and buy SIM cards from your local ‘sari-sari’ store,” he added.
Kim Cantillas, secretary general of the Computer Professionals Union (CPU), an organization of information and technology professionals and advocates, said her group was against mandatory SIM card registration.
“It has been proven in other countries that this is not an effective means to stop or minimize the crimes it is meant to address,” Cantillas said.
“Given the poor implementation of the Data Privacy Act (DPA) and a culture that does not yet appreciate our right to privacy, this is an additional risk to the people,” she said.
Cantillas urged the government to ensure the strict implementation of the DPA and make sure that the law would keep pace with digital technology trends.
“It is disappointing that instead of addressing the different crises in our country, the Marcos administration chooses to prioritize a bill which is ineffective and will expose us to more risk,” she said.
Duterte veto
In April this year, then President Rodrigo Duterte vetoed the first ratified version of SIM card registration bill because it also included mandatory registration of social media accounts.
Duterte’s Communications Secretary Martin Andanar, said the former President was worried that the registration of social media users might lead to “dangerous state intrusion and surveillance, threatening many constitutionally protected rights.”
Former Senate Minority Leader Franklin Drilon, who had pushed for that provision, said constitutional rights were protected. The provision was intended to prevent “trolls,” scammers and “online bullies” from hiding behind fake names, he said.
—WITH REPORTS FROM TYRONE JASPER C. PIAD AND INQUIRER RESEARCH
RELATED STORIES
SIM card registration: Fighting cyber criminals or breaching privacy?
House ratifies SIM card registration, barangay-SK polls suspension bills
Proposed SIM card registration bill to exclude social media regulation —Poe