Title
Implementing Rules of SIM Registration Act
Law
Irr Republic Act No. 11934 (ntc Memorandum Circular No. 001-12-2022)
Decision Date
Dec 12, 2022
The SIM Registration Act in the Philippines requires end-users to register their SIM cards with their respective telecommunications providers, with failure to comply resulting in deactivation, in order to ensure the integrity and security of the country's telecommunications network.
registration guidelines
registration process
personal data

Legal Basis and Governance Structure

  • EO 546 created the National Telecommunications Commission (NTC) and authorizes it to supervise and regulate public telecommunications network and services.
  • Republic Act No. 7925 recognizes the essential role of telecommunication in the economic development and integrity and security of the Philippines and requires telecommunication development and administration that safeguards the national fabric, under the preamble.
  • Section 12 of Republic Act No. 11934 requires the NTC, in coordination with concerned agencies (including DICT, DTI, NPC), Public Telecommunications Entities (PTEs), and major consumer groups, to set guidelines for monitoring and proper implementation and to promulgate implementing rules.
  • The IRR directs relevant government agencies (including DICT, NTC, DILG, and DepEd) to facilitate SIM registrations in remote areas with limited telecommunication or internet access, under Section 4(f).
  • The NTC may issue supplemental circulars, guidelines, orders, and regulations to implement provisions of the IRR, under Section 23.

Core Definitions and Key Concepts

  • “Act” refers to Republic Act No. 11934, under Rule I, Section 3(a).
  • “Automatic deactivation” is the automated process of rendering a SIM incapable of being used for outgoing and incoming calls, internet access, or sending and receiving messages upon the registration period set forth under the Act and the IRR, under Rule I, Section 3(b).
  • “Barring” is temporarily deactivating a SIM to render it unusable for all incoming or outgoing calls and SMS or any mobile data services without permanently deactivating the SIM, under Rule I, Section 3(c).
  • “Consent” is a freely given, specific, informed indication of will whereby the subscriber/end-user agrees to processing personal data about and/or relating to him or her; consent must be evidenced by written, electronic, or recorded means and may be given by an agent specifically authorized by the subscriber/end-user, under Rule I, Section 3(d).
  • “Competent Authority” refers to law enforcement agencies, cybercrime prevention bodies, or prosecutorial offices with subpoena powers established by law and relevant orders, rules, circulars, and regulations, under Rule I, Section 3(e).
  • “Deactivated state” is the condition of a SIM rendering it incapable of use for outgoing and incoming calls, internet access, or SMS/messages, except for exclusively enabling and informing the SIM to be registered, under Rule I, Section 3(f).
  • “End-users” are existing subscribers and/or any individual or juridical entity that purchases a SIM from PTEs, their agents, resellers, or any entity, under Rule I, Section 3(g).
  • “Persons of Concern or POC” are refugees, asylum seekers, stateless persons, stateless applicants, and populations at risk of statelessness defined and covered under the 1951 Convention Relating to the Status of Refugees, its 1967 Protocol, the 1954 Convention Relating to the Status of Stateless Persons, and the 1961 Convention on the Reduction of Statelessness, under Rule I, Section 3(h).
  • “Postpaid subscription” and “Prepaid subscription” describe payment arrangements for mobile services, under Rule I, Section 3(i) and (j).
  • “Public Telecommunications Entity or PTE” is any person, natural or juridical, who dispenses or sells a SIM to an end-user, under Rule I, Section 3(k).
  • “Purchase of SIM” means acquisition of a SIM by an end-user for consideration or otherwise, including sale, barter, donation, or other means, under Rule I, Section 3(l).
  • “Reseller” dispenses or sells a SIM to an end-user, under Rule I, Section 3(m).
  • “Serial Number” is a unique PTE-generated registration reference or tracking number automatically generated in the SIM registration platform upon end-user registration, under Rule I, Section 3(n).
  • “SIM” is the Subscriber Identity Module that securely stores International Mobile Subscriber Identity (IMSI) and related keys or an electronic equivalent; for purposes of the Act and the IRR, it includes e-SIMs and other variations, under Rule I, Section 3(o).
  • “SIM Register” is the secure digital database containing required information under Section 5 of the Act for registered postpaid and prepaid subscribers/end-users, under Rule I, Section 3(p).
  • “Spoofing” is transmitting misleading or inaccurate information about the source of a phone call or text message with intent to defraud, cause harm, or wrongfully obtain anything of value, under Rule I, Section 3(q).

SIM Registration Coverage and Implementation

  • The IRR prescribes general rules and guidelines for the registration of new and existing SIMs of end-users with their respective PTEs, under Rule I, Section 2.
  • End-users must register their SIMs with their respective PTEs as a prerequisite to activation, under Section 4(a).
  • All covered SIMs provisioned by a PTE to provide SMS, voice, and/or data services are subject to registration, including embedded SIMs (eSIMs), other variations/technologies, future technologies, data-only SIMs, fixed wireless broadband modem and/or wireless local loop SIMs, and M2M and/or IoT services, under Section 4(a).
  • An end-user who fails to comply with registration requirements results in the SIM not being activated, under Section 4(b).
  • All SIMs sold or issued by PTEs, agents, resellers, or any entity must be in a deactivated state and are activated only after the end-user completes registration, under Section 4(c).
  • Tourists who are foreign nationals under Section 9(a) of Commonwealth Act No. 613, as amended may have SIMs valid only temporarily for thirty (30) days and the SIMs automatically deactivate upon expiration; validity may be extended only upon presentation/submission of an approved visa extension, under Section 4(d).
  • Foreign nationals with other types of visas can acquire SIMs without the thirty (30)-day temporary validity period and register them following the respective PTE registration process, under Section 4(e).
  • Relevant government agencies and concerned PTEs must facilitate SIM registrations in remote areas with limited telecommunication or internet access; DICT and NTC must initiate necessary coordination; registration facilities in remote areas must be established within sixty (60) days from effectivity, under Section 4(f).
  • SIM registration must be implemented at no cost to end-users, under Section 4(g).

Existing Subscriber Registration Requirements

  • All existing SIM subscribers/end-users must register within one hundred eighty (180) days from effectivity of the Act, under Section 5(a).
  • Registration may be extended by DICT for a period not exceeding one hundred twenty (120) days, under Section 5(a).
  • Failure to register existing SIMs within the required period results in automatic deactivation, under Section 5(a).
  • A deactivated SIM may be reactivated only after registration, and reactivation must be made not later than five (5) days after automatic deactivation, under Section 5(a).
  • PTEs must include the information and date of existing postpaid subscribers in the SIM Register to align with registration requirements; existing postpaid subscribers must confirm their information through the PTE’s platform or website established under the Act and the IRR, under Section 5(b).

Registration Form, Process, and ID Rules

  • The Registration Form must be accomplished electronically through a secure platform or website provided by PTEs to their respective subscribers, under Section 6(a).
  • The Registration Form must include a declaration by the end-user that presented identification documents are true and correct and that the person accomplishing the registration form is the same person, under Section 6(a).
  • The registration platform/website must consider user interface, user experience, and accessibility so the portal is easy to use and navigate, under Section 6(b).
  • A privacy notice must be made available on the platform/website explaining details of processing personal data for the SIM Register, under Section 6(c).
  • The registration process must be guided by the following parameters, under Section 6(d):
    • (i) Submission of an electronically and duly accomplished registration form using only the required data and information by category (individual, juridical entity, or foreign national), under Section 6(d)(i).
    • (ii) Presentation of valid government-issued ID card or similar photo document, under Section 6(d)(ii).
    • (iii) Inputting the assigned mobile number with its serial number, under Section 6(d)(iii).
  • PTEs must include processes to verify submitted information and data, subject to the Data Privacy Act and its IRR and other issuances of the National Privacy Commission, under Section 6(e).

Approved Identification by User Type

  • For individual end-users, ANY of the enumerated photo IDs/documents may be presented, including passport; Philippine Identification System ID; Social Security Service ID; GSIS e-Card; driver’s license; NBI clearance; police clearance; firearms license ID; PRC ID; IBP ID; OWWA ID; BIR ID; voter’s ID; senior citizen’s card; UMID; Persons with Disabilities card; or other valid government-issued ID with photo, under Section 7(a).
  • For juridical entity end-users, ALL must be presented: Certificate of Registration and, for corporations, a duly adopted resolution designating the authorized representative, or for other juridical entities, a special power of attorney, under Section 7(b).
  • For minor end-users, registration must be under the minor’s parent or guardian, and ALL must be presented: ANY ID card under Section 7(a) and consent of the minor’s parent or guardian, under Section 7(c).
  • For foreign nationals visiting as tourists under Section 9(a) of Commonwealth Act No. 613, as amended, ALL must be presented: passport (copy of bio-page and pages where the current 9(a) visa is stamped or shown); proof of address in the Philippines (hotel booking or equivalent, or affidavit/letter from the house/residence owner); and return ticket to own country or other ticket showing date and time of departure, under Section 7(d).
  • For foreign nationals with other types of visas, ALL must be presented: passport copy (bio-page and pages where the type of visa is stamped or shown); proof of address in the Philippines (booking, or affidavit/letter from owner, or contract of lease of residence/space); and other pertinent document, whichever is applicable, including Alien Employment Permit (DOLE), ACRI Card (BI) or other official ID by visa-issuing agency, school registration and ID for students, or for POCs, the type of travel/admission document validly issued by the Department of Justice, under Section 7(e).

SIM Register and Certification of Registration

  • Each PTE must maintain its own database containing information required under the Act and using the database strictly as a SIM Register for processing, activation, or deactivation of SIMs/subscriptions, and not for any other purpose unless otherwise provided under the Act, under Section 8(a).
  • Successful submission and acceptance of the required registration form serves as certification of registration by the end-user, under Section 8(b).

End-User Duties and Restrictions

  • End-users must undertake registration of their own SIMs within one hundred eighty (180) days from effectivity of the Act, without prejudice to possible DICT extension up to a maximum of one hundred twenty (120) days as provided under the Act, under Section 9(a).
  • End-users must immediately report to their respective PTEs:
    • any change in application information,
    • lost or stolen SIM using the required details (name, address, date of birth, mobile subscriber number, and other relevant and reasonable information required by the PTE to establish ownership), under Section 9(b).
  • In case of death, immediate family or relatives must immediately report to the respective PTE, under Section 9(c).
  • End-users must submit requests to their respective PTEs for SIM activation/deactivation, under Section 9(d).
  • End-users must not sell or transfer registered SIMs without complying with the registration requirements under the Act and the IRR, under Section 9(e).

PTE Duties, Security, Reporting, and Audits

  • PTEs must establish their own secure online SIM registration platform that is user-friendly and easy to use; PTEs must also include additional means to assist persons with disabilities, senior citizens, pregnant women, and/or persons with special needs, and must include procedures to verify submitted data, under Section 10(a).
  • PTEs must maintain a SIM register of their respective end-users and include data of existing postpaid subscribers, under Section 10(b).
  • PTEs must send notice of successful submission and acceptance of the registration form to end-users on the same day, under Section 10(c).
  • PTEs must effect changes in SIM register information requested by the end-user, loss or theft of a SIM, or requests for deactivation, under Section 10(d).
  • PTEs must immediately effect barring of any SIM reported lost or stolen, rendering it unusable for incoming/outgoing text, calls, and mobile data service; the SIM must be permanently deactivated upon issuance of a new SIM to the verified end-user or within twenty-four (24) hours (whichever comes earlier), under Section 10(f).
  • PTEs must deactivate temporarily or permanently SIMs used for fraudulent texts or calls upon due investigation, under Section 10(g).
  • PTEs must deactivate all prepaid SIMs for sale to the public upon effectivity of the Act; otherwise the PTE is liable for penalties prescribed under the Act, under Section 10(h).
  • PTEs must retain for ten (10) years from the date of deactivation the relevant data and information of any deactivated SIM, under Section 10(i).
  • PTEs must treat information of any deactivated SIM as absolutely confidential and must not disclose it to any person, under Section 10(j).
  • PTEs must provide a user-friendly reporting mechanism for end-users to report potentially fraudulent texts/calls, changes of information, lost or stolen SIMs, or death of a registered end-user, under Section 10(k).
  • PTEs must ensure end-users’ data is secured, encrypted, and protected at all times and comply with minimum information security standards prescribed by the DICT consistent with internationally accepted cybersecurity standards and relevant laws, under Section 10(l).
  • PTEs must report to the DICT within twenty-four (24) hours of detection any incident of cyber-attack on the SIM register; if the attack results in a personal data breach, PTEs must comply with personal data breach notifications and reporting under the Data Privacy Act of 2012 and issuances of the National Privacy Commission, under Section 10(m).
  • PTEs must allow DICT to perform an annual audit on compliance with information security standards, under Section 10(n).
  • PTEs must submit to the NTC, DICT, and both Houses of Congress, on or before the 30th day of April of each year, an annual report on implementation for the previous calendar year, under Section 10(o).
  • PTEs must facilitate SIM registration in remote areas with limited telecommunications or internet access together with relevant government agencies, under Section 10(p).
  • PTEs must comply at all times with the Data Privacy Act of 2012 and NPC issuances, including:
    • mandatory privacy impact assessment on SIM Registers prior to entering any personal data or within a reasonable time thereafter,
    • implementation of reasonable and appropriate physical, organizational, and technical security measures throughout the data lifecycle,
    • enabling mechanisms for exercise of data subject rights,
    • ensuring lawful processing consistent with legitimate purpose criteria and not contrary to law, morals, public order, and public policy, under Section 10(q).

Confidentiality, Authorized Disclosures, and Data Retention

  • Any information and data obtained in the SIM registration process must be treated as absolutely confidential and not disclosed to any person, under Section 11.
  • PTEs must still disclose the end-user’s full name and address only in specified instances, under Section 11(a)-(d):
    • compliance with laws obligating disclosure consistent with Republic Act No. 10183 or the Data Privacy Act of 2012,
    • compliance with a court order or legal process upon finding of probable cause,
    • compliance with Section 10 of the Act and Section 12 of the IRR,
    • disclosure with the subscriber’s written consent, with the rule that waiver of absolute confidentiality shall not be made a condition for approval of subscription agreements with PTEs.
  • The confidentiality clause takes effect at activation and continues after deactivation and as long as PTEs retain the end-user’s data; activation is when the PTE receives the required data/information from the registering subscriber/end-user, under Section 11.
  • PTEs must provide information obtained in registration only upon issuance of a subpoena by a competent authority pursuant to an investigation based on a sworn written complaint that a specific mobile number was or is being used to commit a crime or used to commit a malicious, fraudulent, or unlawful act, and the complaint cannot ascertain the identity of the perpetrator, under Section 12.
  • No PTE is held administratively, civilly, or criminally liable for disclosures made in compliance with the Act, under Section 12.
  • PTEs must keep relevant data and information for ten (10) years from the time the subscriber/end-user’s mobile number is deactivated, and only for the purposes under Section 10 of the Act, under Section 12.

Criminal Offenses and Penalties

  • Penalties apply for violations of the Act’s provisions, under Rule VI.
  • Providing false or fictitious information or using fictitious identities or fraudulent identification documents to register a SIM results in imprisonment ranging from six (6) months to two (2) years, or a fine of not less than PHP 100,000.00 but not more than PHP 300,000.00, or both, under Section 13.
  • Selling or transferring a registered SIM without complying with required registration results in imprisonment ranging from six (6) months to six (6) years, or a fine of PHP 100,000.00 to PHP 300,000.00, or both, under Section 14.
  • Spoofing a registered SIM results in imprisonment of no less than six (6) years, or a fine of PHP 200,000.00, or both, unless the transmission is exempted in connection with (1) authorized activities of law enforcement agencies or (2) a court order specifically authorizing caller ID manipulation, under Section 15.
  • Failure or refusal by a PTE to register a SIM without valid reason despite end-user compliance results in fines, under Section 16:
    • First offense: PHP 100,000.00 to PHP 300,000.00,
    • Second offense: PHP 300,000.00 to PHP 500,000.00,
    • Third and subsequent offenses: PHP 500,000.00 to PHP 1,000,000.00 for every offense thereof.
  • Sale of stolen SIMs creates criminal liability for any PTE, its agents, resellers, or entity that sells stolen SIMs, under Section 17, with penalty of imprisonment ranging from six (6) months to two (2) years, or PHP 100,000.00 to PHP 300,000.00, or both; if the offender is a corporation, partnership, or juridical person, the penalty is imposed on responsible officers who participated in or, by gross negligence, allowed the crime, under Section 17.
  • Breach of confidentiality by a PTE, its agents, or employees who directly or indirectly reveal or disclose any end-user information/data obtained during registration, unless otherwise permitted by the Act or other laws, results in a fine of not less than PHP 500,000.00 but not more than PHP 4,000,000.00, under Section 18.
  • Breach of confidentiality due to negligence by a PTE, its agents, or employees who due to negligence reveal or disclose any end-user information/data obtained during registration results in a fine of not less than PHP 500,000.00 but not more than PHP 4,000,000.00, under Section 19.
  • Abetting or aiding any Act offense makes the person liable as a co-principal, and prosecution under the Act is without prejudice to liability under the Revised Penal Code or special laws, under Section 20.
  • Complaints for any enumerated criminal offenses must be filed by the proper party before the relevant agency, prosecution office, or court with competent jurisdiction, under Section 21.

Interpretation, Supplemental Rules, and Effectivity

  • Doubts in interpreting any provision must be resolved in a manner that accords the highest respect for privacy and is liberally interpreted mindful of the rights and interests of SIM subscribers/end-users, under Section 22.
  • The NTC may issue orders, circulars, guidelines, and/or regulations to supplement implementation, under Section 23.
  • All circulars, orders, memoranda, or parts inconsistent with the IRR are deemed repealed or amended accordingly, under Section 24.
  • If any clause, sentence, provision, or section is held unconstitutional or invalid, the remaining provisions remain in full force and effect, under Section 25.

Analyze Cases Smarter, Faster
Jur helps you analyze cases smarter to comprehend faster, building context before diving into full texts. AI-powered analysis, always verify critical details.

About Privacy Terms