NPC Circular No. 2020-02 sets out the grounds, procedure, and process for the National Privacy Commission (NPC) to issue Cease-and-Desist Orders (CDO) for data privacy violations. The Circular has some interesting points: it reiterates the Commission's practice of conducting "Privacy Sweeps" and "On-Site Visits" through its Compliance and Monitoring Division (CMD), it sets out that the CMD itself may be an applicant for a CDO, and finally, it also sets out how CDOs may be issued ex parte (without participation of the other party). Companies, particularly those that belong in the NPC's list of personal-data heavy industries, ought to take the Circular as a sign that the NPC has no plans of slowing down on its enforcement efforts.
The Philippine National Privacy Commission (NPC) recently issued NPC Circular No. 2020-02 on the Rules on the Issuance of Cease and Desist Orders (Circular). The Circular applies to all applications for a Cease-and- Desist Order (CDO) on the processing of personal data and other matters cognizable by the NPC.