摘要: 本文以电子商务中消费者个人信息保护为研究对象，结合文献研究、规范分析与案例分析方法，系统梳理我国以《个人信息保护法》为核心的多层次法律保护体系，指出当前存在的立法界定模糊、法律衔接不畅、侵权责任可操作性不足，监管权责不清、手段滞后、行业自律缺失，以及消费者举证难、维权成本高、群体救济机制不健全等核心问题。在此基础上，从立法(明确信息定义分类、强化法律衔接、细化侵权责任)、监管(厘清部门权责、创新技术监管、压实平台责任)、救济(推行举证倒置、完善公益诉讼、构建便捷维权渠道)三个维度提出针对性法律对策，以期为完善相关法律体系、平衡个人信息安全与数字经济发展提供理论参考。

Abstract: This paper takes the protection of consumers’ personal information in e-commerce as the research object. Combining literature research, normative analysis and case study methods, it systematically sorts out China’s multi-level legal protection system centered on the “Personal Information Protection Law”, and points out the core problems currently existing, including vague legislative definition, poor legal connection, insufficient operability of tort liability, unclear regulatory powers and responsibilities, backward regulatory means, lack of industry self-discipline, as well as difficulties in burden of proof for consumers, high cost of rights protection, and inadequate collective relief mechanisms. On this basis, targeted legal countermeasures are proposed from three dimensions: legislation (clarifying the definition and classification of information, strengthening legal connection, and refining tort liability), supervision (clarifying departmental powers and responsibilities, innovating technical supervision, and consolidating platform responsibilities), and relief (implementing inversion of burden of proof, improving public interest litigation, and building convenient rights protection channels), aiming to provide theoretical reference for improving the relevant legal system and balancing personal information security and digital economic development.