1. Home
  2. |Insights
  3. |New Standard Clauses For Data Transfers To Data Controllers In Non-EU Countries

New Standard Clauses For Data Transfers To Data Controllers In Non-EU Countries

Client Alert | 1 min read | 01.24.05

The Data Protection Directive permits the transfer of personal data outside of the EU in certain circumstances, including where a data exporter (based in the EU) and a data importer (based elsewhere) enter into a written agreement guaranteeing that the data importer will adequately protect all personal data received from the data exporter.

In 2001 the European Commission approved standard contract clauses for use in such a situation. However, the clauses were widely regarded as being too onerous on data exporters. In response to a demand from businesses, the European Commission adopted new alternative standard contract clauses in December 2004 for use in contracts between data controllers.

The key differences between the 2001 and 2004 standard contract clauses relate to the liability of the data exporter for the activities of the data importer: The new standard clauses now impose liability for damage suffered by a data subject directly on the data importer, and the data exporter is now only liable where it has failed to use reasonable efforts to determine that the data importer is able to satisfy its legal obligations under the standard contract clauses.

Insights

Client Alert | 3 min read | 07.13.26

Amici Rally Behind Liberty Global, Urging Tenth Circuit to Rein in Economic Substance Doctrine

Following the 10th Circuit's April 21, 2026, decision affirming the disallowance of Liberty Global’s $2.4 billion deduction under the codified economic substance doctrine, I.R.C. § 7701(o), Liberty Global filed a petition for panel rehearing or rehearing en banc on June 5, 2026. That petition has since drawn significant amicus support from various industry groups representing large taxpayers, as discussed below....