Telcos throw support behind SIM card registration amid rights and privacy concerns

Subscriber identity module (SIM) cards.
The STAR/File

MANILA, Philippines — Three telco companies have expressed their support for the SIM Card Registration Act, a measure which, if passed into law, will require all buyers of SIM cards to submit their personal details to these firms, who will store the information in a SIM card database.

The bill, which is up for President Rodrigo Duterte's signature, has drawn criticism from cybersecurity experts who said the measure raises more privacy and security concerns and might not even work.

The legislation seeks to curb the rise of SIM card, internet or electronic communication-aided crimes such as terrorism, text scams, bank fraud and anonymous online defamation, among others.

"We support it 100 percent... The objective of the law is very good — to protect everyone from [those who] use telecom services to perpetuate illegal activities...It's about time; let's make them accountable for their actions," DITO Telecommunity Chief Technology Officer Rodolfo Santiago told Philstar.com in an online conference call. 

He said he hopes the government will allow the firm to actively participate in drafting the implementing rules and regulations (IRR) of the law so they can contribute their insights. 

Smart Commmunications and Globe Telecom earlier voiced their support for the SIM Card Registration Act.

"We welcome this development from Congress. We have always maintained our stance that the SIM card registration bill will help quash the proliferation of fraudulent spam messages, Smishing cases and fraud, and will boost telecom security efforts to keep subscribers safe," Smart Communications Vice President for Regulatory Affairs Roy Ibay said in a statement on February 3. 

Like DITO, Smart said it is ready to support and help in the crafting of the law's IRR to ensure effective implementation of the bill. 

Last week, Globe President and Chief Executive Officer Ernest Cu said the firm "fully supports" the SIM Card Registration Act, but warned of how easy it was to get fake IDs. Because of this, he pushed for the quick rollout of the government's national ID system. 

"We need a very rational implementation of the SIM registration law because this country lacks reliable IT systems," Cu said in the firm's fourth quarter financial results briefing. 

"We don't want anyone to think that the silver bullet of registration will solve all fraud, terrorism, and crime-related identification...May I also call on the government to hasten the implementation of APIs (application programming interfaces) into the national ID system that allows checks once registration has been implemented?"

APIs are codes used to identify and authenticate users. 

An alternative to the 'SIM card database'

The bill requires consumers to fill up an electronic registration form detailing their personal information, which may include their full names, birth dates, addresses and pictures of their valid government IDs, before purchasing and activating a SIM card.

Public telecommunications entities (PTEs), like DITO, Globe and Smart, will collect these electronic registration forms and store them in a central database.

DITO's Santiago said telco providers, in essence, are accountable to subscribers in terms of protecting their personal transactions while using the service. 

According to him, PTEs should not be compelled to know the personal details of their subscribers, aside from their government ID numbers.

"The PTEs should not know the personal details of the subscribers particularly, the prepaid subscribers. For prepaid, while the SIM is registered, the PTEs should not care who the owner is, but there should be a structure that ties the sim to a specific person when there is a legal requirement to do so," Santiago said.

"For example, it would be enough for [a subscriber] to provide a government issued ID number. We don't care what your personal details are for as long as we can validate that ID number — whether its an SSS (Social Security System) ID, GSIS (Government Service Insurance System) ID, a passport, a drivers license, or national ID," he added. 

That way, if the SIM card database gets hacked, the details collected cannot be traced to an individual, Santiago said.

Group: Bill is a threat to human rights

Earlier this week, the Foundation for Media Alternatives (FMA), a non-profit based in Quezon City, urged Duterte to veto the measure as it "poses a serious threat to human rights, particularly on the right to privacy and free expression."

The group is pushing to junk the legislation because:

  • The potential for abuse is high, especially when the registration information is used for surveillance.
     
  • The measure seeks to establish a sim card register which is a major security risk which can become the target of malicious individuals. In the wrong hands, access to the database could become a "potent tool for mass surveillance and authoritarianism, especially when coupled with other draconian measures like the controversial Anti-Terror Law."
     
  • The registration process poses an unnecesssary burden for mobile phone users and third party resellers which consist of small businesses. 
     
  •  Other countries that have implemented SIM card registration did not see an improvement in law enforcement. In some regions, the system drove the emergence of black markets where stolen or counterfeit SIM cards are sold, and an increase in handset theft incidents.

The SIM Card Registration Act also contains a provision which penalizes SIM card and social media users who do not use their real names when creating accounts on platforms.

The bill states that those who use "fictitious identities" to register for social media accounts or SIM cards could face prison time of no less than six years or a fine of up to P200,000, or both.

LGBTQ+ activist group Bahaghari previously questioned the inclusion of social media registration, saying it would trample the right to free expression, and invalidate the victories which the LGBTQ+ sector has won. 

Bahaghari Chairwoman Rey Valmores-Salinas previously told Philstar.com that many transgender individuals and other members of  the LGBTQ+ community choose to carry their lived names, which are different from their legal names or what they call their "dead names." For them, this is a crucial step in their journey towards self-expression.

"Tagging transgender people's lived names which they might use in social media and elsewhere as fictitious identities, especially when many of us either do not have the means to change our legal name or would be placed in danger should we publicly come out, would effectively force transgender people to adopt their dead name to avoid imprisonment," Valmores-Salinas said. 

In its statement, FMA said the mandatory registration of social media accounts prevents internet users from exercising anonymity, and will prevent others from expressing themselves and freely associating with others. 

Show comments