Legal Steps When Previous Owner Still Uses Reassigned Mobile Number Philippines

Legal Steps When the Previous Owner Still Uses Your Reassigned Mobile Number (Philippines)

Last updated: October 2025. Reassigned numbers happen when telcos recycle inactive SIMs. Problems arise if the former holder continues to use the number’s identity (e.g., messaging apps, OTPs, contacts), contacts your acquaintances, or accesses accounts tied to the number. This article explains your rights, immediate actions, regulatory remedies, and sample notices in the Philippine context.

1) Legal Foundations

  • SIM Registration Act (RA 11934) & IRR Requires SIMs to be registered in the current user’s true identity and imposes duties on PTEs (public telecommunications entities) to maintain accurate subscriber records and to deactivate/retain/reactivate in accordance with law and their service terms. Misrepresentation and the use of a SIM registered to another person can attract liability.

  • Public Telecommunications Policy Act (RA 7925) & NTC rules Empowers the National Telecommunications Commission (NTC) to regulate service standards, resolve subscriber complaints, and discipline carriers for service lapses and unfair practices.

  • Mobile Number Portability Act (RA 11202) Ensures the right to port your number between networks. If your present number was properly reassigned (i.e., issued to you by a carrier), the previous holder has no right to keep using it or to hold themselves out as that number’s owner.

  • Data Privacy Act of 2012 (RA 10173) Protects personal data; controllers (telcos, apps, banks, platforms) must ensure that SMS/OTP and account recovery communications go to the correct data subject. Continuing to route OTPs or disclosures to a former number holder after being notified can constitute unauthorized processing.

  • Cybercrime Prevention Act (RA 10175) Penalizes illegal access, computer-related fraud, and identity-related abuses (e.g., accessing your accounts via OTP or posing as you in electronic systems).

  • Civil Code & Revised Penal Code Provide bases for damages (abuse of rights, acts contrary to morals/good customs) and criminal liability for grave/coercion threats, unjust vexation, libel/slander, as factual circumstances warrant.

2) What “Previous Owner Still Uses the Number” Usually Looks Like

  1. Residual app control: Former holder remains logged in to OTT apps (e.g., Viber/WhatsApp/Telegram), messaging contacts using the identity tied to the number.
  2. Account takeovers: They request password resets to services (email, social, e-wallets) where the number is set as recovery; OTPs may route incorrectly or they leverage existing sessions.
  3. Impersonation: They text/call your contacts as “you,” causing reputational or financial harm (e.g., false solicitations).
  4. Dual service anomalies: Rare but severe—SIM cloning/eSIM fraud leads both parties to receive traffic or the former holder still receives call/SMS forwarded through misconfiguration.

Key principle: The current registered subscriber has the right to exclusive use. Any continued use by a previous holder is unauthorized.

3) Immediate Action Plan (First 24–72 Hours)

A. Secure Your Digital Perimeter

  • Replace the SIM at a carrier store under your name (if you suspect cloning), or re-provision the eSIM.
  • Set a strong device/SIM PIN; disable call/SMS forwarding and voicemail PIN exploits.
  • Change recovery phone numbers on critical accounts (email, banking, e-wallets, socials) to a different contact temporarily, then back to your number once secure.
  • Rotate passwords and enable app-based 2FA (authenticator codes); avoid SMS OTP when possible.
  • Force log-out of all sessions on messaging/apps; re-verify using new codes.

B. App-by-App Cleanse (Typical Steps)

  • WhatsApp/Telegram/Viber/Signal: Re-register with the number; enable two-step verification; review active devices/sessions and remove unknown ones.
  • Apple/Google IDs: Update trusted numbers and remove old devices; enable biometric + code; check account recovery methods.
  • Banks/e-wallets: Inform support of a reassigned number identity risk; request a hold on number-based changes for 48–72 hrs while you update KYC.

C. Evidence Preservation

  • Screenshot messages, caller IDs, OTP logs, app device/session lists, and account alerts. Maintain a timeline (dates, times, actions).

4) Demand Compliance from Your Carrier (PTE)

Send a written demand to the telco’s customer care and data protection office (DPO):

  • Confirm that the SIM/number is registered to you (RA 11934) and not to the former holder.
  • Ask for investigation of any SIM cloning/eSIM duplication/forwarding and immediate de-linking of any legacy features linked to prior accounts (voicemail, call forwarding).
  • Request written confirmation of remediation and incident report.
  • If you have proof of OTP leakage or dual reception, demand temporary number lock and fresh ICCID/eSIM issuance.

If unresolved within 15 business days (or sooner if harm is ongoing), elevate to the NTC with your documentary proof and the telco’s response (or lack thereof).

5) Stop Disclosure and Fix Routing with Other Controllers

Where a bank/platform/app continues to treat the former holder as the “owner” of the number (e.g., still sending OTP to contacts not yours, or honoring that person’s reset requests):

  • Invoke the Data Privacy Act: notify their DPO in writing that the number is reassigned and belongs to you; demand correction under the right to rectification and restriction of processing for security until fixed.
  • Require KYC re-validation before any number-based reset proceeds.
  • For high-risk services, ask that they switch your 2FA to an authenticator or security key and disable SMS OTP until the matter is fully resolved.

If a controller continues disclosures after notice, file a complaint with the National Privacy Commission (NPC) for unauthorized processing and seek compliance orders and administrative fines.

6) When Conduct Crosses into Crime or Civil Wrong

You can pursue criminal and civil routes in parallel:

  • Illegal access / computer-related fraud (RA 10175): If the former holder used the number to access your online accounts, reset passwords, or move funds/value.
  • Identity/impersonation harms: False solicitations or defamatory statements to your contacts may trigger libel/slander (or cyber-libel) and civil damages.
  • Unjust vexation/coercion: For persistent harassment via calls/messages.

File a blotter (PNP/ACG or NBI-Cybercrime) attaching your evidence timeline, screenshots, carrier letters, and app audit logs.

7) Regulatory Escalation Map

  1. NTC (service/technical routing, SIM issues, telco inaction)

    • Relief: directives to carrier, technical remediation, and administrative sanctions.

  2. NPC (privacy/OTP/account recovery disclosures to wrong person)

    • Relief: compliance orders, fines, mandated remediation and breach notifications.

  3. BSP/SEC/IC (if the erring controller is a regulated financial institution/insurer/HMO)

    • Relief: consumer assistance, supervisory sanctions for weak controls.

  4. PNP-ACG / NBI-Cybercrime (criminal acts)

    • Relief: investigation, preservation orders, prosecution recommendations.

  5. Civil courts

    • Relief: injunction (cease-and-desist from impersonation), actual/moral/exemplary damages, and attorney’s fees.

8) Evidence & Documentation Checklist

  • Proof that you are the current registered owner of the SIM/number (telco confirmation, SIM Registration acknowledgment, receipts).
  • Screenshots of impersonation attempts, OTP receipts, account alerts.
  • App device/session logs, security emails, and support ticket transcripts.
  • Telco incident numbers, letters to and from DPOs, and any NTC/NPC filings.
  • Affidavits from contacts who received messages/calls from the former holder posing as you.

9) Sample Notices

A. Letter to the Carrier (PTE)

Subject: Reassigned Number [09XX-XXX-XXXX] — Unauthorized Use by Former Holder; Request for Immediate Remediation I am the registered subscriber of [number] under [account/SIM reg details]. I am experiencing unauthorized use/impersonation by the former number holder, including [brief facts]. Under RA 11934 and applicable NTC rules, please:

  1. Confirm registration to my name and disable any legacy links (forwarding/voicemail/eSIM duplicates);
  2. Investigate and issue a written incident report; and
  3. If warranted, re-provision the number with a new SIM/eSIM profile and block cloning. Kindly respond within 5 business days due to ongoing risk. [Name, ID, signature, contact details]

B. Data Privacy Notice to a Bank/App

Subject: Data Privacy Rectification — Reassigned Mobile Number [09XX-XXX-XXXX] I am the current owner of [number]. You have sent OTPs/account recovery messages or honored actions initiated by a non-owner (former holder). This is unauthorized processing under the Data Privacy Act. Please: (a) rectify your records; (b) suspend SMS OTP to this number until my account is re-verified; (c) enable authenticator-based 2FA; and (d) confirm remediation in writing. Attached: proof of SIM registration; incident screenshots; gov’t ID. [Name/signature]

10) Special Situations

  • eSIM & multi-device links: Ask the carrier to reissue a fresh eSIM and invalidate all previous activation codes.
  • Work numbers: If the number belongs to your employer (corporate account), coordinate with IT/Telecoms and have the company issue the carrier demand; update HR directories and customer-facing records to cut off misrouting.
  • Number portability: If service issues persist, consider porting the number to another carrier (RA 11202) after remediation to prevent carrying over misconfigurations.

11) Preventive Hygiene (Going Forward)

  • Use app-based authenticators (not SMS) for critical accounts.
  • Maintain a secondary recovery channel (alternate email, hardware key).
  • Periodically review trusted devices and active sessions across platforms.
  • Keep a SIM/eSIM PIN and disable call/SMS forwarding by default.
  • When acquiring a new number, immediately claim all mainstream messaging handles tied to it to preempt impersonation.

12) Quick Recap

  • The current registered subscriber has exclusive rights to a reassigned number.
  • Former holders using that identity can trigger privacy, cybercrime, and civil liabilities.
  • Act fast: secure accounts, demand carrier remediation, rectify controllers’ records, and escalate to NTC/NPC/PNP/NBI as needed.
  • Preserve evidence; use the sample notices to speed resolution.

Plain-English Disclaimer

This article provides general legal information for the Philippines. Facts matter—technical logs, contracts, and timelines can change outcomes. For high-stakes cases (financial loss, ongoing impersonation, corporate exposure), consult counsel and, where appropriate, file with NTC/NPC and cybercrime authorities promptly.

Disclaimer: This content is not legal advice and may involve AI assistance. Information may be inaccurate.

Privacy Policy

Terms of Use

Lawyer Login

 
 
Privacy Policy         Terms of Use         Lawyer Login