Tracing Scammer Phone Numbers in the Philippines:
A Comprehensive Legal Guide (2025 Edition)

1 | Why phone‑based scams flourish—and why tracing matters

From one‑ring “wangiri” calls to full‑blown voice‑phishing (“vishing”) operations, phone scams cost Filipinos billions of pesos each year and corrode trust in legitimate digital services. While telcos’ call‑blocking tools are helpful, the only durable deterrent is identification and prosecution. That begins with legally tracing the phone number behind the scam.

2 | Core legal instruments you must know

Law / Issuance	Key Sections on Tracing	Practical Effect
R.A. 10175 — Cybercrime Prevention Act (2012)	§ 14 (Data Preservation) • § 15 (Real‑time Collection) • § 16 (Disclosure of Traffic/Subscriber Data)	Lets courts order telcos to preserve and disclose call detail records (CDRs) and subscriber information.
A.M. No. 17‑11‑03‑SC — Rules on Cybercrime Warrants (in force 1 Jan 2019)	Warrants to Disclose Computer Data (WDCD) • Produce Computer Data (WPCD) • Search, Seize & Examine (WSSECD)	Sets the exact procedure, forms, and 10‑day validity for cybercrime warrants.
R.A. 11934 — SIM Registration Act (2022) + IRR (Dec 2022)	§§ 9–12 (Law‑enforcement access) • § 13 (Retention)	Every active SIM must be tied to a verified ID; a central database is query‑able upon court or written law‑enforcement request.
R.A. 8484 — Access Devices Regulation Act (1998)	§ 9 (Fraudulent Access Devices)	Criminalizes use of a mobile number to obtain money or property by fraud.
R.A. 10173 — Data Privacy Act (2012)	§ 12(f) & (g) (Lawful Processing)	Allows telcos to release personal data when required by law or court order.
R.A. 7925 + NTC Memorandum Circulars	NTC MC 07‑12‑2014 (Record‑Keeping)	Compel carriers to retain CDRs and make them available “upon lawful order.”
Revised Penal Code	Art. 315 (Estafa) • Art. 318 (Other Deceits)	Traditional fraud provisions still apply to voice scams.

There are dozens of related issuances—e.g., DICT Dept. Circular 001‑2024 on voice‑over‑LTE spoofing—but the statutes above form the backbone of any tracing effort.

3 | Who may legally trace a number?

Law‑enforcement agencies (LEAs)
- Philippine National Police – Anti‑Cybercrime Group (PNP‑ACG)
- National Bureau of Investigation – Cybercrime Division
Courts (Regional Trial Courts designated as Cybercrime Courts).
Telcos and VAS providers when executing a court order or LEA request.
National Telecommunications Commission (NTC) for administrative inquiries.

Private citizens cannot compel telcos to divulge subscriber data. They must channel requests through the PNP, NBI, or a court.

4 | Step‑by‑step tracing workflow

Stage	What Happens	Legal Hook	Typical Timeline
1. Incident report	Victim files affidavit & evidence with PNP‑ACG/NBI.	★	1 day–1 week
2. Data‑preservation request	LEA serves Sec 14 RA 10175 letter; telco must preserve traffic data for 30 days (extendable to 60).	§ 14 RA 10175	Same day
3. Apply for WDCD / WPCD	Prosecutor or LEA applies ex parte; cybercourt issues warrant within 24 hours if probable cause exists.	Rule 3, A.M. 17‑11‑03‑SC	≤ 10 days
4. Telco disclosure	Telco turns over Subscriber Information (name, ID, address) and Call Detail Records (CDRs).	§ 16 RA 10175	48 hours–5 days
5. Correlation & field work	LEA cross‑checks SIM Registration DB, device IMEI, money‑transfer records; may apply for WSSECD to seize phones.	§ 15 RA 10175 • MLAT if offshore	Weeks–months
6. Arrest & prosecution	With sufficient evidence, inquest or formal charge under RPC Art 315, RA 10175, RA 8484, etc.	Rule on Cybercrime Warrants + Rules of Court	Varies

★ Philippine law does not require a preservation letter for a private complainant, but in practice LEAs will not act without one.

5 | Inside the SIM Registration database

Search keys. Number, ICCID, IMEI, or hash of government‑ID number.
Returned fields. Subscriber’s full name, birth date, address, ID type & number, selfie, activation dates.
Access control. LEA must cite a specific case; query logs are auditable by the National Privacy Commission (NPC).
Retention. Five (5) years after SIM deactivation, or longer if subject to an ongoing case (§ 13 RA 11934).

6 | Cross‑border and VoIP complications

Spoofed Caller IDs. Scammers often use SIP trunks to display Philippine mobile prefixes while routing the call from abroad; CDRs will show the point of ingress, not the true origin.

MLAT & Budapest Convention. The DOJ Office of Cybercrime may invoke the 2002 PH–US MLAT or the Cybercrime Convention (ratified 2018) for subscriber info held overseas.
Real‑time interception. Under § 15 RA 10175 and a Real‑Time Collection of Traffic Data warrant, LEAs may monitor live call routing metadata—never content—if the telco has the technical ability.

7 | Evidentiary essentials

Authentication — Rule on Electronic Evidence §§ 2–3: screenshots & recordings must be identified by a competent witness.
Chain of custody — Keep raw files; annotate date/time (Philippine Standard Time); secure a notarized Hash Value Certificate if possible.
CDR admissibility — Telco custodian must testify or certify under the Business Records exception (Rule 130, § 44).
Audio recordings — Require consent of at least one party or a lawful order; otherwise suppressible under Anti‑Wiretapping Act (R.A. 4200).

8 | Victim remedies beyond criminal prosecution

Remedy	How it Works	Typical Outcome
Civil action for damages (Art 19/20/21 Civil Code)	Sue scammer for moral & actual damages once identity is known.	Money judgment; rarely collected unless assets found.
Administrative complaint with NTC	Request blocking/deactivation of the number and sanctions vs. telco for lax KYC.	Faster—often within 30 days.
NPC complaint	If your personal data was misused or leaked.	NPC may fine the data controller up to ₱5 million per violation.
Telco consumer desk	Globe #StopScam, Smart Spam Alert 7777, DITO StopSpam portal.	Immediate call/SMS blocking; limited tracing power.

9 | Persistent challenges (2025 snapshot)

Pre‑2023 numbers with fuzzy data. An estimated 13 % of active SIMs were auto‑deactivated on 31 Jul 2023, yet many fraudulent accounts slipped through with forged IDs.
Bulk‑registered IoT SIMs. Lawful but poorly documented; create blind spots.
Deep‑fake voice scams. Ongoing DICT study group exploring a “Know‑Your‑Call” certificate to accompany VoLTE packets.
Privacy pushback. NPC Advisory 2024‑01 reminds LEAs that “fishing expeditions” in the SIM DB violate data minimization. Courts have begun to quash overbroad WDCDs.

10 | Practical checklist for would‑be complainants

Document everything: save full phone numbers, timestamps, screenshots, audio (with consent), and any money‑transfer receipts.
Sworn affidavit describing the scam, signed before a notary or barangay official.
Report quickly: PNP‑ACG (txt/call 0998‑598‑8116 or cybercrime@pnp.gov.ph) or NBI ‑ CCD (02‑8523‑8231 loc. 3455).
File for bank account freeze under BSP Circular 1108 if funds were transferred.
Follow up every 30 days; preservation orders lapse unless extended.

11 | Key take‑aways

Tracing is lawful but never DIY. Only courts and accredited LEAs can compel telcos.
SIM Registration is a game‑changer—yet only as strong as its ID‑verification layer.
Act fast: traffic data can be overwritten in as little as 30 days absent a preservation notice.
Balance privacy: warrants must be specific; mass data fishing is unconstitutional.
Stay informed: statutes evolve (e.g., the proposed “Digital Fraud Deterrence Act” pending in the 20th Congress could slash warrant lead times to 48 hours).

Disclaimer

This article is for general informational purposes and does not constitute legal advice. Laws and jurisprudence cited are current as of 21 April 2025 (PST, UTC+8). For advice on a specific case, consult a Philippine lawyer or the appropriate law‑enforcement agency.