The Myanmar Internet Project (MIP) has issued an urgent security warning following the military junta’s announcement that it will begin mandatory International Mobile Equipment Identity (IMEI) registration through its new Central Equipment Identity Register (CEIR) system.
Starting the first week of March 2026, the program aims to link every mobile device to its user’s national ID and SIM card, a move that digital rights researchers say significantly upgrades the junta’s mass surveillance capabilities. While the junta claims the CEIR system is a standard measure to curb illegal imports and ensure tax compliance, the MIP warns that it provides the state with the tools to precisely track user locations, remotely control devices, and target individuals for communication blocks.
“The junta has been implementing and using digital surveillance methods for quite some time. This new program is an additional upgrade to their digital surveillance mechanisms,” said Ko Thit Nyan, a digital freedom researcher from MIP, speaking to Mizzima.
“What we can recommend is for people to remain aware of security risks and improve their digital literacy,” he added.
According to MIP’s statement, the junta has already obtained biometric data of many citizens through the electronic identification (E-ID) process. SIM card registrations have also previously been conducted using citizens’ national registration numbers. With the new IMEI registration, the SIM card, national ID number, and IMEI will be linked together, making it possible to precisely identify who is using a particular device.
The statement also noted that a SIM card usually connects to at least three nearby cell towers, which will significantly increase the ability to track the approximate location of users.
Therefore, MIP recommended that users avoid making direct phone calls through SIM cards whenever possible and instead use encrypted messaging applications such as Signal through Wi-Fi connections. It also advised storing important information in secure cloud storage rather than directly on phones, using Airplane Mode when necessary to temporarily disconnect from mobile towers, and for greater security, wrapping phones in aluminium foil to block signals between the device and cell towers.
In addition, MIP suggested that users connect devices without registered IMEI numbers to trusted Wi-Fi networks without inserting SIM cards, avoid granting unnecessary location permissions to applications, and use more secure two-factor authentication (2FA) methods such as Google Authenticator instead of SMS-based verification.
MIP also advised users to transfer important data from their phones to secure storage and delete it completely before IMEI registration. Android users should check whether their phones are encrypted and enable encryption if not already done. It further recommended always using a lock screen and consistently using reliable VPN services.
However, the junta stated that the system is intended to ensure that mobile phone users in the country can safely use devices that meet official standards and have paid the required taxes.
Authorities also said that mobile phones currently in use by the public will be automatically added to the CEIR whitelist. To ensure inclusion in the list, users must insert and activate SIM cards from mobile operators (MPT, ATOM, U9, and Mytel) in their devices by 31 March.
Starting from 1 April, devices not included in the approved list will only be allowed temporary access to mobile networks for 30 days from the time they first connect. Within that period, users must pay the required taxes and penalties in order to continue using the devices.
