MANILA, Philippines – The National Privacy Commission (NPC) met with telecommunication companies to address Filipinos’ data privacy concerns in relation to the implementation of the SIM Card Registration Act, the NPC said on Friday, December 30.

Privacy Commissioner John Henry Naga called for the meeting held on Thursday, December 29, to shed light on concerns raised, such as notices and tick boxes on telcos’ websites asking for users’ consent to use their personal data for marketing, profiling, or sharing with third-party partners.

“Telcos must ensure the secure, ethical, and responsible handling of data, especially in all data processing being conducted in compliance with the SIM Registration Act,” said Naga.

“Their obligation to comply with the SIM Registration Act comes hand in hand with ensuring that data privacy and protection is upheld. Such includes the implementation of mechanisms that would allow the assurance to its data subjects that the data being collected are for the purposes of the SIM Card Registration,” the privacy chief added.

Must Read

Watch what you consent to: Telcos may use SIM registration data for marketing

In the registration process of Globe, for example, users are asked to agree to a list of conditions. These include an optional agreement to “receive commercial and promotional alerts, personalized advertisements, financial service offers, surveys, and similar communications via SMS, email, in-app notifications, and other means.”

SIM registration for Smart users also includes an optional condition that reads: “I would like to receive customized offers, recommendations, and promotions from SMART through my contact details, using channels such as SMS, voice call and emails. I understand that this would require SMART to analyze my usage information to create a personal profile about me.”

Ronald Gustilo, national campaigner of digital advocacy group Digital Pinoys, earlier warned that the new law is unlikely to eliminate spam messages, and perhaps it may even worsen these due to possible compromising of data.

The Junk SIM Registration Network, another advocacy group, told Rappler in an email on Friday: “As we’ve seen in other countries, having a centralized database of our personal information can be dangerous, especially if the telco’s databases are breached and our data leaked.”

In the Thursday meeting, Smart representatives clarified that the tick boxes are optional, and were included to determine whether the SIM card was being used by an individual or a juridical entity. Similarly, Globe highlighted that its marketing-related tick boxes were optional.

Naga directed the telcos to separate the notices and tick boxes unrelated to SIM card registration onto a different page – especially those pertaining to data sharing with third-party partners.

He also directed Smart, Globe, and Dito Telecommunity to modify and improve their websites to better comply with the Data Privacy Act of 2012.

According to the NPC, the telcos agreed with Naga’s directives, and committed to implementing changes on its SIM registration websites and mobile apps “as soon as possible.”

The NPC said that protecting citizens’ data privacy was “one of the cornerstones” for the successful implementation of the SIM card registration. It added that it would continue to coordinate with telcos and other stakeholders.

In a bid to combat fraud, President Ferdinand Marcos Jr. approved on October 10 the SIM Card Registration Act, which requires Filipinos to register their SIM cards along with any government-issued identification document.

Full implementation of the law began on Tuesday, December 27. – with reports from Lance Spencer Yu/Rappler.com