摘要: 随着数字经济与电子商务的高速发展，消费者个人信息已然成为网络交易的核心资源，对其进行的收集、处理和利用，不但促进了商业模式的创新，却也带来了信息泄露、滥用等潜在风险。现行法律虽已对个人信息保护作出一定规范，但在执行和体系建设上仍然存在不足。本文以电子商务场景作为研究对象，界定消费者个人信息的概念和特征，梳理当下保护机制的困境，并重点分析企业安全意识不足、责任追究机制薄弱以及立法碎片化等现实问题，针对性地从强化企业主体责任、完善惩戒体系、搭建统一的法律体系等方面提出规制个人信息保护的路径，旨在为电子商务环境下个人信息法律保护体系的完善提供参考依据。

Abstract: With the rapid development of the digital economy and e-commerce, consumers’ personal information has become a core resource in online transactions. The collection, processing, and utilization of such information have not only promoted the innovation of business models but also brought potential risks such as information leakage and abuse. Although current laws have made certain regulations on personal information protection, there are still deficiencies in their implementation and system construction. This paper takes the e-commerce scenario as the research object, defines the concept and characteristics of consumers’ personal information, sorts out the current protection mechanism’s predicaments, and focuses on analyzing the practical problems such as insufficient enterprise security awareness, weak accountability mechanisms, and fragmented legislation. It then proposes regulatory paths for personal information protection from aspects such as strengthening enterprises’ primary responsibility, improving the punishment system, and establishing a unified legal system, aiming to provide reference for the improvement of the legal protection system for personal information in the e-commerce environment.