摘要: 5G时代的深入发展使电商平台成为社会经济活动的重要枢纽，其在收集与处理海量用户个人信息的过程中，也带来了日益突出的隐私侵权风险。本文以《电子商务法》为规范框架，旨在系统剖析电商平台在消费者隐私权与个人信息保护中所承担的双重法律义务——即兼具私法契约属性与公法“守门人”角色的复合责任。研究发现，实践中存在平台规则不公、数据安全防护薄弱、实体与程序保护义务履行不足等结构性困境，导致消费者面临举证与救济难题。《电子商务法》的出台构建了平台责任的基本体系，强化了审核、安全保障及个人信息处理规范，为消费者保护提供了关键法律依据。然而，该法仍存在与特别法衔接不足、责任梯度设计不够、法律威慑力有限等问题。未来需从细化平台分类监管、强化技术治理与协同执行机制等方面进一步完善。

Abstract: The deepening development of the 5G era has made e-commerce platforms an important hub of social and economic activities. In the process of collecting and processing massive amounts of users’ personal information, these platforms have also brought increasingly prominent privacy infringement risks. This article uses the “E-commerce Law” as a regulatory framework, aiming to systematically analyze the dual legal obligations that e-commerce platforms bear in protecting consumer privacy and personal information—namely, the compound responsibility of possessing both private contractual attributes and a public law “gatekeeper” role. The study finds that in practice, structural dilemmas exist, such as unfair platform rules, weak data security protection, and insufficient fulfillment of substantive and procedural protection obligations, leading consumers to face difficulties in providing evidence and seeking remedies. The introduction of the “E-commerce Law” establishes a basic system of platform responsibilities, strengthens regulations on review, security protection, and personal information processing, and provides key legal grounds for consumer protection. However, the law still faces issues such as inadequate coordination with specific laws, unclear design of responsibility gradation, and limited legal deterrence. In the future, improvements are needed through measures such as refining platform classification supervision, strengthening technological governance, and enhancing collaborative enforcement mechanisms.