摘要: 大数据技术的飞速发展在推动社会治理效能提升、促进数字经济繁荣的同时，也对个人信息安全构成严峻挑战。个人信息泄露、滥用、非法交易等问题频发，既侵害公民合法权益，也扰乱社会治理秩序。本文结合大数据时代个人信息处理的法律界定差异与体量庞大、流转快速、采集隐蔽等特征，系统分析当前我国个人信息安全保护面临法律规则细化不足、新型侵权规制滞后、数据全生命周期安全隐患、企业与个人主体责任缺位、监管协同与技术手段滞后等问题，为破解困境，提出相关建议：需从提升公民防护与维权能力、强化技术防护、细化法律规范、优化行政监管等方面构建多元协同保护体系，在保障公民合法权益的同时，促进数据合理利用，助力数字经济与社会治理高质量发展。

Abstract: The rapid advancement of big data technology, while enhancing the efficacy of social governance and fostering the prosperity of the digital economy, poses severe challenges to personal information security. Frequent incidents involving personal information leakage, misuse, and illegal transactions not only infringe upon the legitimate rights and interests of citizens but also disrupt social order. Considering the legal definitional discrepancies in personal information processing and characteristics such as massive volume, high-speed circulation, and covert collection in the big data era, this paper systematically analyzes the current challenges in personal information security protection in China. These include insufficient refinement of legal regulations, lagging oversight of emerging infringements, security risks throughout the data lifecycle, deficiencies in the accountability of enterprises and individuals, and inadequate regulatory coordination and technical measures. To address these challenges, relevant recommendations are proposed: it is necessary to establish a multi-stakeholder, collaborative protection framework by enhancing citizens’ protective and remedial capabilities, strengthening technical safeguards, refining legal norms, and optimizing administrative oversight. This approach aims to safeguard the legitimate rights and interests of individuals while promoting the reasonable utilization of data, thereby contributing to the high-quality development of the digital economy and social governance.