New Standard Clauses For Data Transfers To Data Controllers In Non-EU Countries

Client Alert | 1 min read | 01.24.05

The Data Protection Directive permits the transfer of personal data outside of the EU in certain circumstances, including where a data exporter (based in the EU) and a data importer (based elsewhere) enter into a written agreement guaranteeing that the data importer will adequately protect all personal data received from the data exporter.

In 2001 the European Commission approved standard contract clauses for use in such a situation. However, the clauses were widely regarded as being too onerous on data exporters. In response to a demand from businesses, the European Commission adopted new alternative standard contract clauses in December 2004 for use in contracts between data controllers.

The key differences between the 2001 and 2004 standard contract clauses relate to the liability of the data exporter for the activities of the data importer: The new standard clauses now impose liability for damage suffered by a data subject directly on the data importer, and the data exporter is now only liable where it has failed to use reasonable efforts to determine that the data importer is able to satisfy its legal obligations under the standard contract clauses.

Contacts

Kris D. Meade
Partner
He/Him/His
- Washington, D.C.
  - D | +1.202.624.2854
a21lYWRlQGNyb3dlbGwuY29t
Thomas De Meese
Partner
- Brussels
  - D | +32.2.282.1842
dGRlbWVlc2VAY3Jvd2VsbC5jb20=

Insights

Client Alert | 4 min read | 05.01.26

Federal Court Blocks Trump Administration Policies Restricting Wind and Solar Permitting

A coalition of regional clean energy trade associations — including RENEW Northeast, Alliance for Clean Energy New York, Southern Renewable Energy Association, and Interwest Energy Alliance — along with the Green Energy Consumers Alliance (GECA), filed suit in December 2025 against the Department of the Interior (DOI), the Bureau of Land Management, the Bureau of Ocean Energy Management, the U.S. Fish and Wildlife Service (USFWS), and the Army Corps of Engineers. The complaint alleged that five agency actions, issued in response to a series of executive orders and presidential memoranda beginning on January 20, 2025, violated the Administrative Procedure Act (APA) by arbitrarily halting or restricting federal permitting for wind and solar energy projects. Plaintiffs sought a preliminary injunction to halt enforcement of these policies while the litigation proceeds. See Renew Northeast, et al. v. U.S. Dep’t of Interior, et al., No. 25-cv-13961-DJC, (D. Mass. Apr. 21, 2026) ECF Dkt. 89....

Client Alert | 2 min read | 05.01.26
New Executive Order Promoting Fixed Price Contracting: What It Means for Federal Contractors
Client Alert | 8 min read | 05.01.26
Pre-Approved: ICO Publishes Guidance on "Recognised Legitimate Interests”
Client Alert | 6 min read | 04.29.26
CMS Seeks to Expand Interoperability Requirements to Drug Pre-Authorization (FAQ)

View All Insights