Camarines Sur Rep. and National Unity Party (NUP) president LRay Villafuerte is reminding mobile phone users of the country’s estimated 150 million Subscriber Identification Module (SIM) cards to register their cellphone numbers within the deadline to avoid the automatic deactivation of their SIM numbers.
Villafuerte at the same time expressed the hope that the Department of Information and Communications Technology (DICT) and National Telecommunications Commission (NTC) have come up with an “ultrasafe cybersecurity system” in the implementing rules and regulations (IRR) of the new law on SIM registration “to avoid any future breach in the sensitive data of registered cellphone subscribers and prevent PTEs (public telecommunications entities) or other groups from exploiting the would-be database for telemarketing purposes.”
“With the release of RA 11934’s IRR two weeks ago, all existing postpaid and prepaid SIM users are from here on required, under this law, to register within 180 days, or about six months, to avoid deactivation of their cellphone numbers.”
The president of the second biggest power bloc in the House of Representatives issued this statement at the start of effectivity today (Dec. 27) of Republic Act (RA) 11934 or the law on the mandatory registration of the SIM cards of all cellphone subscribers in the country.
“With the release of RA 11934’s IRR two weeks ago, all existing postpaid and prepaid SIM users are from here on required, under this law, to register within 180 days, or about six months, to avoid deactivation of their cellphone numbers,” Villafuerte, one of the principal authors of this law, said.
However, the IRR of RA 11934 states that this deadline may be stretched by a maximum of 120 days or four months.
Villafuerte said that to register, each individual cellphone user or SIM card owner will have to submit his or her full name, date of birth, sex, current or official address and official identification (ID) card and number to the PTE where he or she has a mobile phone subscription.
He said: “With the mandatory SIM registration, all mobile phone subscribers will be better protected against the plethora of phone-based scams like smishing, more so now when digital tricksters have managed to hack more personal information from their victims, including the actual names of these cellphone users they intend to swindle.”
“It will be easier for the authorities or PTEs to trace persons behind text scams and hold them accountable for breach of privacy along with cellphone-based fraud and other punishable offenses they are able to perpetrate by using unknown or unregistered mobile phone numbers,” he added.
‘Smishing’ refers to the short message service (SMS) phishing in which scammers try to hoodwink unsuspecting cellular phone (cellphone) users into giving them personal information, like passwords and credit card numbers, that these bilkers can use to commit identity theft to, for example, duplicate the victims’ credit cards or withdraw money from their bank accounts.
Villafuerte pointed out that RA 11934 has broad public support, judging from the outcome of the Sept. 29-Oct. 2 non-commissioned survey by the Social Weather Stations (SWS) in which 3 of 5 adult Filipinos expressed approval of the mandatory registration of their SIM numbers.
According to this SWS survey, 60% of its respondents favored SIM card registration, 23% were undecided and only 17% disapproved—for a net approval (approved minus disapproved) score of +44, which the pollster classified as “good.”
Section 12 of RA 11934 directed the NTC to draw up, in coordination with the DICT along with other concerned agencies and groups, this law’s IRR within 60 days of its signing into law.
President Marcos signed this measure into law—actually the first Act he had issued on his watch—last Oct. 10.
“Hence, it is high time that we secure our mobile SIMs from the proliferation of phone-based frauds through the mandatory registration of both prepaid and postpaid subscribers and their cellphone numbers.”
The NTC drafted the IRR in coordination with the DICT, Department of Trade and Industry (DTI), National Privacy Commission (NPC), Office of the Solicitor General (OSG), Cybercrime Investigation and Coordinating Center (CICC), Congress, and PTEs Globe Telecom, Smart Communications and Dito Telecommunity.
A media report quoted NTC deputy commissioner Jon Paulo Salvahan as saying during a Dec. 5 public hearing on the IRR that a technical working group (TWG) comprising members from the abovementioned agencies and PTEs took “painstaking efforts and conducted laborious deliberations” to draw up a practical and workable IRR draft.
Under the law, the registration of SIM cards shall be made through a platform or website to be put up by every PTE.
These PTEs, in turn, are tasked to work with government agencies in establishing registration facilities even in faraway places with limited Internet access.
Villafuerte said, “The Philippines has been dubbed as the fastest-growing digital economy among major ASEAN (Association of Southeast Asian Nations) member-states, registering a whopping 93% year-on-year expansion from 2020 to 2021. This figure speaks volume of how Filipinos have become heavily reliant on the advances of technology, especially when it comes to the convenience of online transactions.”
“But the apparent helplessness of our authorities in stopping cyber criminals from preying on the owners of over a hundred million cellphones through smishing and other scams has become the dark side of the digital transformation in our country where there are more mobile phones than people,” Villafuerte said. “Hence, it is high time that we secure our mobile SIMs from the proliferation of phone-based frauds through the mandatory registration of both prepaid and postpaid subscribers and their cellphone numbers.”
Earlier, the House approved House Bill (HB) 14—authored by Speaker Ferdinand Martin Romualdez with Senior Deputy Majority Leader Ferdinand Alexander Marcos III and Tingog Reps. Yedda Marie Romualdez and Jude Acidre—in consolidation with 15 other bills, including HB 2213 that Villafuerte had written with three other Camarines Sur representatives.
HB 2213’s other authors are Reps. Miguel Luis Villafuerte and Tsuyoshi Anthony Horibata and Bicol Saro Rep. Nicolas Enciso VIII.
Villafuerte explained that Section 6 of RA 11934 directs PTEs to maintain their own database containing the information required under this law, and such shall strictly serve as a SIM Register to be used by these companies to process, activate or deactivate SIMs or subscriptions.
He said that in the record-keeping of information, the law mandates PTEs to ensure that the end-users’ data are secured and protected at all times., and requires these companies to comply with “the minimum information security standards prescribed by the DICT consistent with internationally accepted cybersecurity standards and relevant laws, rules and regulations.”
The DICT, in turn, is mandated by the law to conduct an annual audit on the PTEs’ compliance with information security standards.
Villafuerte supported the plan by DICT Secretary Ivan John Uy to let both prepaid and postpaid subscribers register their respective cellphones’ Subscriber Identity Module (SIM) numbers online, to avoid the scenario of them getting stuck in long queues to sign up at would-be registration centers of Globe, Smart and Dito.
“We are hoping the IRR provides for enough safeguards to prevent the personal data of the owners of more than 150 million SIM cards from becoming vulnerable to hacking or attacks from cybercriminals and other unscrupulous groups here and abroad that would just torpedo the very purpose of RA 11394, which is to protect our people from the almost daily deluge of text scams and other cellphone-based fraud,” he said.
“The DICT and NTC should be 100% confident that by the time our cellphone owners have registered their SIM numbers, the would-be national database of SIM data is truly fool-proof against attacks from devious local and foreign groups that hide behind the cloak of anonymity in perpetrating crimes with the use of cellphones,” he said. “These agencies must bear in mind that they will be dealing here with private and sensitive data of would-be registrants that are stored in possibly as many as 150 million SIMs or more.”
Uy had said in media reports that there are about 144 million to 150 million prepaid cards that have been issued to date, although about 40 million of these SIMs are possibly no longer used as they could have expired already or been discarded by their owners.
To get an idea of how prevalent cellphone-based scams have become, especially during this pandemic season, Villafuerte said Globe, for example, reported a record high in its monthly tally of blocked spam and scam messages in September, filtering out more than 270.5 million messages after it started implementing its new measure against person-to-person messages with clickable links.
Globe said its figures reportedly peaked after a consistent uptrend over the first 9 months of 2022, with the total reaching 1.3 billion by end-September, or surpassing 2021’s full year total of 1.15 billion.
The monthly total of its blocked SMS also went up by almost 300% over the same nine-month period, from 68.34 million in January to 270.5 million in September, according to Globe.
Meanwhile, citing data from the Philippine National Police (PNP) Anti-Cybercrime Group, PNP chief Gen. Rodolfo Azurin Jr, has said the police recorded a total of 4,254 SIM card-related offenses over the January-September period.
This number reportedly excluded cases handled by other PNP units and other government agencies and financial institutions, as well as cases unreported by victims of “smishing”