Abstract

The present essay deals with the issues of compliance of the US surveillance program of telecommunications data, called PRISM, with the European norms concerning the protection of personal data and privacy. The first part of the article is devoted to the analysis of the relevant European Union and United States norms, identifying their structural differences. In the context of these differences, in the second part of the paper, it is examined the validity of PRISM program. Such program, that is legal under US law, is not in compliance with the European principles concerning the protection of personal data and privacy. The mass surveillance of personal data, provided for by these program, is due not only to the incapacity of US system to protect privacy and to the differences between US and EU regarding the safeguard of privacy itself, but also to the current inadequacy of the pertinent EU norms to effectively protect privacy and personal data. In the conclusions, it is underlined the necessity to resume the negotiations of the US-EU Convention on the protection of personal data and to reform the pertinent European and United States laws.