The July Mass Uprising and the events of 5 August marked a historic turning point in Bangladesh’s political and civic landscape. After the Uprising, which toppled the authoritarian rule of Sheikh Hasina led by the Awami League, public attention turned to the systems that had shaped the previous decade. Many of those systems were glaringly visible, acts of suppression, the aggressive policing of speech, internet shutdowns, and the brazenly partisan abuses of state institutions. However, not all systems were loud and visible. There were other apparatuses of control, just as strong, but not as loud, which were mostly lived through screens, identity cards, and databases. However, despite being one of the most pervasive elements of those quiet systems of tyranny, biometric SIM registration remains curiously unscathed by the recent waves of reforms.

In 2016, the Awami League government introduced mandatory fingerprint collection for all mobile phone SIM card holders. It was sold as a modern necessity, a technological shield that would help law enforcement ‘trace criminals and block anonymous misuse’. The rollout blended national security rhetoric with a sense of technological inevitability. Fingerprints were presented as the future that a ‘Digital Bangladesh’ needed to keep up with. Soon, citizens (often supervised by poorly trained local agents with no accountability) had to line up in booths across the country, pressing their thumbs against hastily procured fingerprint scanners. And that’s how biometric identifiers of millions of people ended up in databases operated by the state and telecom operators, leaving citizens vulnerable to long term risks of profiling, privacy violations and state surveillance.

Over time, the system’s intrusiveness faded into the background and became part of Everyday Bangladesh. It felt nothing more than renewing an NID or filling out a form. When a surveillance system of such capacity attains this level of normalization, it gains political impunity. The public ceases to perceive it as a threat, and policymakers stop questioning it. Yet the world around Bangladesh is changing in ways that make the system and its rationale harder to justify. Global evidence shows that Bangladesh belongs to a small group of countries that insist on collecting biometrics for SIM ownership. No surprise, these countries overwhelmingly rank among the world’s least free digital environments.

There are more than 160 countries with mandatory SIM registration. But only around 35 collect biometrics, which is barely 18 percent of the world. This small group includes countries such as Saudi Arabia, Pakistan, Myanmar, Uganda, Nigeria, China, and the UAE. Apart from topping the list of least free digital environments, these are also the countries that are least democratic credible sources. And tellingly, out of all the countries that use or are moving toward biometric SIM registration, only two are rated “Free” in Freedom House’s Freedom on the Net index. Most of the remaining countries fall into the “Partly Free” or “Not Free” categories. Several have no Freedom on the Net data at all. In those cases, for most countries, their broader global freedom scores are also not high. Crucially, this group does not include Germany, Denmark, the United States, New Zealand, Canada, or any of the countries that dominate the top of digital freedom rankings. The aforementioned divide can serve as a useful heuristic to reach this conclusion that strong democracies don’t collect fingerprints for SIM cards. Bangladesh’s continued presence in the camp of countries that collect biometric information for SIM registration looks increasingly out of step with a society that just mobilized against unaccountable power.

More importantly, some countries had to discontinue their biometric SIM registration program over concerns of rights and privacy. In 2024, Mauritius postponed its biometric SIM rules after a wave of public uproar and a constitutional challenge and ordered telecom operators to delete images collected under the previous system. Mexico reversed its planned national biometric SIM registry after widespread protests, legal challenges, and warnings from privacy experts that the policy would create an irresistible tool for surveillance. Kenya faced backlash after its biometric-linked SIM policies were exposed as insecure, prompting the government to step back and pledge reforms. Even Pakistan, one of its earliest adopters, has struggled with repeated scandals involving fraudulent SIMs activated through stolen or spoofed fingerprints. This strong evidence, coming from global experiments, easily undermines the very claim that biometrics can protect users from misuse.

Biometric SIM systems have repeatedly failed to produce the public-safety outcomes governments promise. Criminal networks adjust almost instantly, moving their activities to encrypted messaging apps, VoIP services, foreign SIM cards, or anonymous marketplaces on the darknet. Instead of stopping it, compulsory biometric registration inadvertently opens the door to new forms of crime. Countries that enforce biometric SIM rules have actually seen a rise in identity-related offences and a thriving black market for private information.

For everyone else, the trade-off is far more permanent. Ordinary people are left carrying the weight of having their fingerprints linked to one of the most traceable technologies in daily life. A SIM card records where you are, where you move, and who you communicate with. Once fingerprints are added to that chain, the system becomes capable of following any individual with real-time precision, whenever the state decides to watch.

Bangladeshi citizens also experienced how fragile these systems truly are. The 2023 data breach showed that a government portal holding NID information had left millions of people’s records (including names, phone numbers, and ID numbers) exposed on the open internet. However, officials were unable to account for such a fundamental lapse or advise citizens on how to safeguard themselves afterward. This incident involved only non-biometric data. At the same time, reports emerged of criminal groups openly selling fingerprints for SIM registration.

Unlike a password, biometrics can’t simply be reset. Once someone’s fingerprint is copied or accessed, there is no real way to undo it; any attempt at “rectification” is either unrealistic or massively costly. The EU Fundamental Rights Agency, reflecting on similar national biometric databases, cautioned that the sheer scale and sensitivity of such information means a breach could gravely impact huge numbers of people. In the wrong hands, they warned, it becomes a tool that can undermine fundamental rights.

The most critical point, however, is that biometric SIM registration risks building a surveillance infrastructure that outlives any single government. Once this system is in place, its danger isn’t tied to who holds power today, but who might come next. Even if the current government appears more open, the link between fingerprints and SIM cards remains a dormant tool, one that any future administration could reactivate, expand, or exploit to monitor citizens more closely. A system doesn’t need to be actively used today to pose a threat tomorrow.

What makes the silence around biometric SIM registration so striking is how sharply it contrasts with the unprecedented outpouring of public concern over surveillance, privacy, and digital rights in recent times. This system, quietly recording the phone activity of nearly 180 million people, something that many other democracies have already rejected, remains neglected in our public discourse and policy debates, as if it has grown too entrenched to question.

Bangladesh is still trapped by the choices made in 2016, while civil society and human rights groups around the world, such as Privacy International, Access Now are pushing back even against SIM registration. They are upholding privacy rights against the encroachment of mass biometric collection. But, in Bangladesh, the interim government, with all its talks on change and transformation, remains locked into a system created under a government that used the same infrastructure of surveillance to enforce extrajudicial killings and disappearances. Sticking to biometric SIM registration would contradict the aspirations of democratic change born in the July uprising. The truth is, Bangladesh does not have to remain bound by those decisions; it can adopt modern, rights-respecting alternatives without building a permanent database of fingerprints tied to mobile numbers. All that is needed is policymaking guided by evidence, and executed with integrity.

If Bangladesh abolishes this system of biometric SIM registration, it will be a political statement about what kind of digital future the country wants. It will also signal that the state does not view every citizen as a potential suspect, that privacy is not something people must sacrifice to participate in modern life, and that a successful democratic transition means dismantling the quiet infrastructures of control that defined the previous era.

As Bangladesh reimagines its relationship with technology and power, it must confront the systems that were designed to monitor and control. Biometric SIM registration is one of the clearest remnants of that old logic. Letting it go would not only align the country with global best practices, it would also affirm that the rights of citizens are not conditional upon their fingerprints.