The protection of children’s personal data as part of their right to privacy and information autonomy is extremely important. Year in, year out, the number of children using the Internet and services increases. This means that there need to be special tools and techniques established to protect children’s right to privacy. It is particularly important when children use services provided by companies after other, than local, jurisdiction. As they may not fully understand risk associated with exposing themselves in the Intranet, this is crucial for governmental authorities to ensure that children are protected. The aim of the article is to review current legislation protecting children’s personal data both in European Union and State of California. This particular state has been chosen for two reasons: firstly dozens of internet services providers are based in this state, secondly it would be difficult to ignore that this state was the first to introduce new data protection regulation which in many aspects brings US data protection law closer to European standards. Taking into consideration European Union regulation it is necessary to assess whether the current data protection regime in California answers adequacy requirements and whether data may be freely transferred to this territory.