The European Commission has warned America that its data controls should be significantly strengthened.
Vera Jourova, the EU's Justice Commissioner, said present rules in America were "weaker" than in the European Union.
She said that although people were more relaxed in the US about privacy, that may change given the "wake up call" of the Facebook data breach.
"The tiger is out of the cage," she said.
Earlier this week, Ms Jourova, the EU commissioner with responsibility for data protection, travelled to Washington to meet regulators.
"When I look at the American legislation, I don't see such robust measures or a robust legislative framework [as the EU]," she told me.
"It will be interesting [to see] whether they will come in the future with stricter rules because this scandal really shocked many people who I met in Washington, be it the regulators, be it the enforcers, be it the people who have their Facebook accounts.
"We see in the US that the data protection is weaker there. We would like to see more robust and reliable legislation on the American side. I am not satisfied but we have to live with the legislation as it is now in the US."
The EU and the US have an agreement on data sharing across the Atlantic called the Privacy Shield.
Ms Jourova said that it was constantly under review and the EU would act if there was a "deterioration" in the relationship, but that "we are not there yet".
In May the EU will enact a significant strengthening of the data protection laws in Europe under the General Data Protection Regulation agreement.
It is seen as being much tougher than the rules in America where Facebook is headquartered.
The commissioner said she would be writing to Facebook demanding answers on how the data breach involving the British firm, Cambridge Analytica, happened.
"I think this is a big blow to the trust of people who entrusted Facebook with their data," Ms Jourova said.
She deleted her own Facebook account some time ago because it was an "open space" for hatred.
And she warned everybody to take extra care online and think about what they are sharing.
"I think that this is also a wake-up call for the people who simply have endless trust and who do nothing about the possible consequences," Ms Jourova said.
"In this concrete case, I think that we cannot blame the people, they have been victims of this behaviour and we have to regain trust as soon as possible, but it's not on us, on the legislators, but it's on the companies, Facebook first of all."
I asked her whether she was satisfied with Mark Zuckerburg's response to the data breach in a blog post published on Wednesday night.
In it, the Facebook founder admitted that mistakes had been made and that the company he heads will launch a review of how it protects users' information and whether other breaches had happened.
"I understand his effort to explain and to regain the trust, but I think that he himself must understand that it will take a much longer time," she said.
"What we want from Facebook is to obey and to respect the European laws.
"The second thing we want them to do is many, many things under the principle of social responsibility and this is where I need to trust Facebook more, that they are going to continue, for instance, deleting hate speech from their networks."