摘要: 数字经济化背景下，平台通过格式条款的概括性授权，超出比例原则收集用户非必要信息，而现有规制路径面临概念界定模糊、格式条款效力判定困难、裁判标准不一的问题，致使司法实践难以有效遏制侵权行为。非必要信息收集的规制路径，不能局限于被动化的诉讼救济手段，而应当以《民法典》《个人信息保护法》的必要性要求和告知同意规则为基石，构建格式条款“同意”的实质化审查标准，确立平台信息交互的多重授权机制，细化信息风险披露的内容，实现从被动救济到主动防护的治理转型。

Abstract: Under the background of digital economy, platforms collect users’ non-essential information through general authorization terms and the principle of over-authorization. However, existing regulatory frameworks face challenges such as ambiguous conceptual definitions, difficulty in determining the validity of format terms, and inconsistent adjudication standards. This makes it difficult to effectively curb the infringement in judicial practice. The regulatory framework for the collection of non-essential information should not be limited to passive litigation remedies, instead, should be based on the necessity requirements and notification of consent rules outlined in the Civil Code and the Personal Information Protection Law. This framework should construct substantive review standards for the “consent” in standard form contracts, establish a multi-layered authorization mechanism for information exchange on platforms, and refine the content of information risk disclosures. These measurements aim to facilitate a shift from passive to active consent. Additionally, a multi-layered authorization mechanism for information exchange on platforms has been established, and the content of information risk disclosure has been refined, thereby achieving a governance transformation from passive relief to proactive protection.