Image: Namibia Fact Check / IPPR
We checked statements about biometric and ITU requirements from a recent government media statement
Everyone using a Subscriber Identity Module (SIM) card to access telecommunications and internet services in Namibia were required to have registered their SIM card with their service provider by 31 December 2023.
However, on 29 December 2023, despite having earlier indicated that there would be no extension of the SIM card registration period beyond December 2023, the Ministry of Information and Communications Technology (MICT) issued a media release extending the registration period by three months, up to end-March 2024.
SIM card registration is being done in terms of regulations for Part 6 of Chapter 5 of the Communications Act 8 of 2009. The regulations are found in Government Gazette No. 7481 ot 15 March 2021.
The MICT media release of 29 December 2023, contains two statements that are not accurate.
These two statements are:
- Statement 1: “SIM card registration is required by the International Telecommunications Union, a United Nations Agency, of which Namibia is a member, and many African countries have already complied with this requirement.”
- Statement 2: “The Communications Regulatory Authority of Namibia issued a directive that the mandatory capture of biometric data will no longer be required for SIM card registration.”
Our findings
Statement 1
According to the statement Namibia must implement SIM card registration as it is a “requirement” of the International Telecommunications Union (ITU).
However, this is not the case, as UN bodies or agencies, such as the ITU, cannot force or compel states to implement anything. UN bodies or agencies can only make recommendations that states either choose to implement or not.
In terms of SIM card registration, various online sources point to the ITU having issued a recommendation in 2007 for states to implement SIM card registration as a means to enable telecommunications security for both service users and service providers.
While Namibia Fact Check has been unable to locate the specific ITU recommendation related to SIM card registration, we did locate a recommendation from November 2007 on the ITU website that called for the implementation of a process of identity authentication between a telecommunications service subscriber and service provider.
To be clear, the claim that SIM card registration is an ITU “requirement” is thus misleading.
Statement 2
This statement contains the claim that the collection of biometric data from SIM card owners had been a “mandatory” requirement of the SIM card registration process.
This is, in fact, not accurate, as no such requirement exists in law or regulation.
As explained in an article in September 2022, when registering a SIM card with a telecommunications service provider, the SIM card holder or purchaser will have to provide the following information, according to the regulations:
“(5) The following information must be obtained if the customer is a natural person –
(a) the full name of the customer;
(b) the address at which the customer ordinarily resides or if the customer ordinarily resides outside Namibia, the address at which the customer resides while he or she is in Namibia and the address at which the customer works or from which he or she conducts his or her business;
(c) a Namibian identity number or, if the customer in question does not have a Namibian identity number, the number of the document referred to in paragraph (d);
(d) a copy of –
(i) any identity document containing a recent photograph of him or her issued under any law governing the identification of persons in Namibia or any such official document of identity issued by the government of any other country;
(ii) if the customer ordinarily resides outside Namibia or does not have a document referred to in subparagraph (i), a passport issued to the customer;
(iii) if the customer in question does not have a document referred to in subparagraph(i) or (ii), a driving licence or permit containing a recent photograph of him or her, whether issued in or outside Namibia.”
Clearly, as the quoted text indicates, there is no mention of “mandatory” biometric data collection in the regulations.
Global digital rights advocacy group Privacy International describes biometric data as follows:
“‘Biometrics’ describes the physiological and behavioral characteristics of individuals. This could be fingerprints, voice, face, retina and iris patterns, hand geometry, gait or DNA profiles.”
Considering this, and what the regulations say, the MICT claim that biometrics were a “mandatory” requirement for SIM card registration at one point is also clearly misleading.