On DPA and Cross Border Transfers
The DPA has no special obligations to PICs wishing to transfer personal data to another jurisdiction. This means that PICs that transfer personal data to a third party (PIC or PIP) have the same obligations whether the transfer was made locally or internationally. While the IRR to the DPA does direct that international transfers shall be "subject to cross-border arrangement and cooperation," NPC's general stance on model contractual clauses has been voluntary adoption.
It should be noted that since the Philippines is less strict about the transfer of data within and without the country, Philippine PICs shall have to abide by stricter CBDT rules of another country. For example, though Philippine PICs can transfer the personal data of Filipino citizens to EU countries similar to the transfer of Philippine PICs to another Philippine PIC, the same cannot be simply done in reverse with personal data of EU citizens, considering that the GDPR has stricter CBDT rules.