Paul Van den Buick writes:
The European legal framework on the protection of personal data (Directive 95/46/Ec) is acknowledged as one of the strictest in the world. This tendency seems to be confirmed by the new draft regulation on the protection of personal data revealed by the European Commission in January 2012, which, once adopted, will certainly not enter into force before 2015. On the contrary, as opposed to American regulations, the current European Directive seems quite lenient when it comes to data breaches.
This said, in reality, should data breaches be treated differently in Europe than in the United States? The answer is “no.”
Read more on McGuireWoods.