Amendments to Penalties and Fines in Revised Penal Code

Key terms include: Act (RA 11934), Automatic Deactivation, Barring, Consent, Competent Authority, Deactivated State, End-users, Persons of Concern (POC), Postpaid and Prepaid Subscription, PTEs, Reseller, Serial Number, SIM, SIM Register, and Spoofing.
SIM includes electronic equivalents like e-SIMs.
Consent requires informed, freely given approval, evidencible by electronic or written means.

SIMs start in deactivated state, activated only after end-user registration.
Foreign tourists’ SIMs have a 30-day validity, extendable with visa extension.
Registration is free and facilities must be accessible including in remote areas.
Existing subscribers must register within 180 days; possible extension of 120 days.

Registration to be done electronically on PTE platforms designed for usability and accessibility.
Required data for individuals: Full name, date of birth, sex, address, ID type and number.
Juridical entities provide business name, address, and authorized signatory.
Foreign nationals must submit passport, visa documentation, and proof of address.
Verification procedures will be applied observing data privacy laws.

Acceptable IDs for individuals include government-issued IDs like passports, driver’s license, social security ID, voter’s ID, etc.
For juridical entities: certificate of registration and authorization documents.
Minors’ SIMs registered under parents/guardians with required consent.

Register SIM within the prescribed period.
Report changes in information, lost or stolen SIMs, death of subscriber.
Requests for activation/deactivation must be submitted to PTE.
Prohibited from selling or transferring registered SIMs without proper re-registration.

Provide secure, user-friendly online registration platforms.
Maintain accurate SIM registers including postpaid data.
Send immediate notification upon successful registration.
Implement processes to update information, block lost/stolen SIMs, deactivate fraudulent SIMs.
Retain deactivated SIM data for 10 years, ensure confidentiality.
Facilitate SIM registration in remote areas.
Comply with Data Privacy Act requirements, including privacy impact assessments and data security.
Report cyber incidents promptly to DICT and National Privacy Commission.

Registration data is strictly confidential.
Disclosure allowed only under court order, legal process, lawful government request, or with subscriber consent.
Confidentiality persists post-SIM deactivation as long as data is retained.
PTEs must comply with subpoenas for crime investigations involving SIMs.

False or fraudulent registration: Imprisonment (6 months-2 years) and fines (₱100,000-₱300,000).
Sale/transfer of registered SIM without registration: Imprisonment (6 months-6 years) and fines.
Spoofing SIMs: Min. 6 years imprisonment or ₱200,000 fine.
PTE refusal to register SIM: escalating fines up to ₱1,000,000.
Sale of stolen SIMs by PTEs or agents: Imprisonment (6 months-2 years) and fines.
Breach of confidentiality (intentional/negligent): Fines range from ₱500,000 to ₱4,000,000.
Liability applies as co-principal for accomplices and without prejudice to other criminal laws.

Interpretation of the regulations favors privacy protection and end-user rights.
NTC empowered to issue supplemental guidelines.
Repeals inconsistent issuances; separability clause applies.
Effective 15 days after publication.