How To Get Mobile Number Registered In Other Country

Which governments impose SIM-carte du jour registration laws to collect data on their citizens?

@pabischoff UPDATED: Feb 7, 2022

Which governments impose SIM-card registration laws to collect data on their citizens_

Just over v.2 billion people worldwide have mobile phones, accounting for almost 70 percentage of the entire global population, according to the GSM Association.

The bulk of national governments (effectually 160) require mandatory SIM-card registration, which means yous demand your real name and personal details to sign up for telephone service. And over 30 of these also require biometrics, due east.g. your fingerprints or a facial browse.

Just how individual is mobile telephone usage in each land? And how are governments using the data nerveless?

Here at Comparitech, we looked at a number of factors to determine where in the world SIM-card registrations are the virtually invasive. This includes if biometrics are required in the registration process, whether the data is stored by providers or shared with government agencies, what is (or is non) required for constabulary enforcement to gain admission to this data, for how long the data is stored, and whether any data privacy legislation protects this information.

This year'due south update also included whether or non these countries have mandatory IMEI databases.

This map includes all of the countries nosotros know of that have or do not accept SIM-card registration laws. Some of these accept been omitted from the overall study (with scoring and rankings) due to bereft information on the laws and processes in place. Therefore, it wouldn't be fair for us to include them as we cannot accurately score them for things like law enforcement admission, penalties, then on.

Please note: Due to a alter in the scoring (countries with lower scores are now accounted to have more invasive SIM-card registration laws) along with the addition of another category, we haven't compared results year on year.

Elevation xvi countries with the worst SIM-card registration policies

1. Tanzania (3 points)

Tanzania is the worst-ranked state for SIM-card registration policies with a score of three/eighteen. Information technology manages to scrape back but iii points as it allows citizens a maximum of eight sim cards (one per provider), doesn't have astringent invasive interception tools for law enforcement (merely they can withal admission data without a warrant), and doesn't take a mandatory IMEI database. In Tanzania, subscribers' data is submitted to the relevant authority once a month and registration includes fingerprints. This data isn't protected with storage limitations and with no information protection police force in identify, this leaves subscribers' data open to diverse vulnerabilities. Furthermore, those who don't comply with the law may observe themselves beingness fined vii one thousand thousand Tanzanian shillings (Us$3,000) and/or spending more than two years in prison.

2. Myanmar, Due north Korea (6 points)

Both Myanmar and Democratic people's republic of korea receive vi points. Both capture and store information and neither have a mandatory IMEI database.

Myanmar scores poorly for the lack of a data protection framework, also as limiting the number of SIM-cards immune (two per person). Myanmar also requires biometric data to be taken for SIM registration including both fingerprint and facial scans. The few points information technology does pick upwardly were for the need of a warrant for law enforcement to access personal information and for not having whatever severe penalties for not registering your SIM (just deactivation).

While Democratic people's republic of korea is only considering the implementation of biometric data for SIM-card registration, there are likely to be limitations on SIM-carte use due to their networks beingness government-run. For example, if a user accesses something that they shouldn't, they are sent an alarm, warning them that the government has noted this activity. Users who don't follow the registration procedure are besides at risk of up to iii years in prison house and/or hefty fines. Democratic people's republic of korea fails to protect registration information with no data protection laws or defined data retentivity periods. Furthermore, the authorities has ensured tourists aren't able to leave SIM cards with residents by deactivating the SIM card after their visit and charging tourists $250 per SIM carte.

3. Pakistan (7 points)

Islamic republic of pakistan scores two points each for police enforcement needing a warrant to access data and only enforcing subscriber deactivation every bit a penalty. A further iii points are given for its limit on storing subscriber data for a maximum of 1 year. However, Pakistan is one of sixteen countries that agree an IMEI database. The database requires all mobile telephone users to register their independent fifteen-digit number and is aimed at identifying apocryphal and illegally imported mobile devices that avoid revenue enhancement. Islamic republic of pakistan also uses a capture and validate registration system, has no data privacy framework, requires fingerprints upon registration, and only allows 5 SIM-cards per user.

4. Bangladesh, Cathay, Jordan, Nigeria, Saudi Arabia, Singapore, Sri Lanka, Uganda, United Arab Emirates (8 points)

Bangladesh requires fingerprints to be taken for registration, and law enforcement can gain access without a warrant. In 2021, both People's republic of bangladesh and Nigeria implemented an IMEI database.

Sri Lanka and Jordan are the only two countries in this group that don't have a data privacy framework in place and Sri Lanka doesn't require biometric registration different all other countries that scored viii points.

Singapore offers the lowest number of SIM-Cards allowed for citizens (3 per person), doesn't require a warrant for law access, and might see individuals put in prison for multiple years if constitute buying and registering SIM-Cards nether false names.

Nigeria and China don't subject citizens to a limit on the number of SIM cards they own but instead crave facial scans/images during the registration process. If anyone is constitute fraudulently using SIM-Cards, they are highly likely to face imprisonment in Cathay and explicitly so in Nigeria.

Imprisonment is also threatened in the UAE and subscriber data is stored for two years. Uganda had the almost extensive specified storage menses of all these countries (five years).

5. Bahrain, Kenya, Tajikistan (9 points)

All three countries are awarded a point for having a information privacy framework, for having a higher limit of between 8 and 10 SIM-cards per person, for not having an IMEI database, and for not giving law enforcement invasive admission to the databases (warrants aren't always required, though).

Both Bahrain and Tajikistan require extensive biometric information to be collected upon registration. Still, deactivation is the only penalisation for non complying with the regulations. In Republic of kenya, offenders face up prison for up to 6 months or a large fine of 100,000 shillings ($1,000).

Type of ID required by land

The countries that currently have biometric registration laws are Bahrain, Bangladesh, Belarus, Republic of benin, China, Ghana, Hashemite kingdom of jordan, Lesotho, Mexico, Myanmar, Nigeria, Oman, Pakistan, Peru, Saudi arabia, Singapore, Tajikistan, Tanzania, Thailand, Uganda, United Arab Emirates, Venezuela, and Republic of zambia. Those who are in the planning stages of implementing biometrics are Ethiopia, Republic of indonesia, Nippon, Lebanon, Liberia, Jordan, Lebanon, Liberia, North Korea, and Russian federation. In Mozambique, subscribers can provide their fingerprints if they don't have adequate ID.

In China, anyone registering a new phone number at present needs to submit a facial browse. This is also happening in Myanmar, Nigeria, and Singapore (which uses engineering science from Singtel, making ID verification possible through an app). Thailand also accepts a facial scan as an alternative to fingerprint scanning.

In all of the remaining countries (that we conducted our in-depth study on) where biometrics aren't notwithstanding implemented, photo ID is a requirement in order to register. If someone doesn't have ID, government often implement rules stipulating they register through another person or seek a sponsor who volition vouch for them.

In many countries, other requirements are stipulated alongside the ID, including a permanent address, date of birth, nationality, and gender (many personally identifying factors that may too be included on the ID). However, sure countries also accept other unique stipulations. For example, in Chile and Sudan, your female parent's proper name is required on the registration course. Kosovo, Liberia, and Mali also desire to know your profession, while Cameroon requires you lot to submit a localization map to confirm your state of residence.

Countries without mandatory SIM-bill of fare registration laws

Those without any SIM-card registration requirements are Bosnia and herzegovina, Canada, Cabo Verde, Union of the comoros, Republic of croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, Iceland, Ireland, Israel, Republic of kiribati, Latvia, Liechtenstein, Lithuania, Maldives, Malta, Marshall Islands, Micronesia, Moldova, Namibia, the Netherlands, New Zealand, Nicaragua, the Philippines, Portugal, Romania, Serbia, Slovenia, Sweden, the United kingdom of great britain and northern ireland, the U.s., and Vanuatu.

There are sure countries where SIM card registration is nether give-and-take, eastward.one thousand. Cabo Verde and Estonia. And, in some countries, bills and even laws have been introduced merely retracted. This includes Namibia, the Philippines, Romania, and Vanuatu.

How does SIM-carte du jour registration threaten privacy?

Creating a database of citizens and their mobile numbers restricts private communications, increases the potential of them being tracked and monitored, enables governments to build in-depth profiles of their citizens, and risks private information falling into the wrong easily.

A SIM bill of fare is more than than a phone number. It allows authorities to easily track people'due south locations and movements. All of their online action—websites visited, search queries, purchases, and more—can be traced back to their device. Regime could selectively throttle, censor, or block cyberspace connections of specific people or groups of people, giving way for harassment and persecution.

Without laws to protect registration data, personal details could exist shared with third parties. These could include advertisers, other governments, or tax collection agencies, for example. This puts data at a college risk of theft and abuse.

In China, SIM-bill of fare registration is combined with real-name registration for online accounts and services. When you sign upwards for a social media account or chat app, for example, you lot're required to provide your existent name and telephone number. In combination with SIM-card registration, the policy prevents anyone from making bearding accounts online or communicating in hole-and-corner.

Furthermore, Spain recently conducted a big study of its citizens' phone tracking data in a bid to better its public services. Even though this information was "anonymized," it still demonstrates the intrusive means governments may choose to use mobile data that'due south made bachelor to them. At that place were as well some suggestions that the information was used against privacy laws as people hadn't given their consent for the data to be used by the government.

Some experts too suggest that having mandatory registrations in place for SIM cards only seeks to fuel their illicit use. It creates the need for a black market equally people want to communicate anonymously and it besides encourages identity fraud as people try to evade the system.

Identity theft is also a threat to this system. Criminals might have piddling problem finding someone else'south photo and other information required to sign up for a new SIM. This could cause a lot of problem for the victim with little upshot to the impersonator.

Methodology

To comport this written report we take used various sources (listed below) to find out whether or not SIM-card registration is mandatory or not. We then followed this up by taking an in-depth wait at each country's laws to discover out how this data was used, stored, accessed, and so on.

Where we were unable to find this data, we take omitted the country from the report.

Scoring

Registration Requirements:

Registration required = No (1 points), Yes (0 indicate), Optional (0.5 points)
Capture and Store = i signal
Capture and Share = 0 points
Capture and Validate = 0 points

Data Privacy Framework:

Yes (1 indicate)
No (0 points)

Biometric Bank check:

Fingerprints and/or Facial Scans (0 points)
Fingerprints used for limited groups (i.e. those without ID (i points)
In progress (2)
No biometrics (3)

Sim Card Limit:

5 or less (0 points)
6 to 10 (1 points)
Over 10 or other restrictions (ii point)
No limit (3 points)

Police Enforcement Access:

Astringent interception capabilities (0 points)
Without warrant (1 point)
With warrant (2 points)

Penalties:

Subscriber prison sentences and/or penalties (0 points)
Subscriber penalties/fines (1 indicate)
Subscriber deactivation (2 points)

Data Storage:

half dozen or more years (0 points)
4 to 5 years (1 bespeak)
ii to 3 years (ii points)
Up to ane year (3 points)
Length of contract and up to six months after (4 points)

If no data storage timescales are given, countries are allocated 0 points if at that place is no data protection law and a ii if at that place is a data protection police force in place (every bit this will put some safeguards in place despite no timescales existence given).

IMEI Registration:

Mandatory (0 points)
Not Mandatory (i point)

Countries where no SIM-carte or IMEI registration is required automatically received a score of 18.

Sources

https://www.gsma.com/mobilefordevelopment/wp-content/uploads/2021/04/Digital-Identity-Access-to-Mobile-Services-and-Proof-of-Identity-2021_SPREADs.pdf

For a full list of sources, please request access hither.

Data researcher: Charlotte Bond