Strengthen guidance for personal information users such as relevant platforms, urge them to take proactive measures, replace post remedy with prevention, and internalize personal information protection as a product "gene". Just a few days after the birth of a child, they receive sales calls for taking baby photos for a hundred days; Just as I placed an order for a book, someone called to promote a membership package... Nowadays, many people may have this feeling: personal information leakage is difficult to prevent, and the speed is astonishing. Not long ago, the Shanghai police uncovered a case that revealed how personal information was quickly leaked. A clerk and his colleagues from a maternity service company stationed in a hospital's obstetrics department will sell the maternal and child information collected from various hospitals to the legal representative of a children's photography institution. The latter also signed a contract with a telecommunications company, which used this information for sales promotion. A management loophole as big as a needle's eye reveals the wind of a big fight. The uncomplicated method of reselling has led to nearly 40000 pieces of parent-child information being leaked and sold in three years, which is thought-provoking. In recent years, especially since the implementation of the Personal Information Protection Law, China's personal information protection work has achieved significant results. But with the iteration of technology and the expansion of scenarios, the risk points of personal information leakage have increased, and the difficulty of governance continues to increase. Currently, the difficulty of personal information protection has shifted from overt infringement of rights to more covert technological abuse. The improper collection and illegal use of personal information are often associated with emerging businesses or service methods. For example, the scanning and ordering system of a well-known catering enterprise forces users to pay attention to the official account and induce them to fill in unnecessary information such as mobile phone number and birthday, and uses the data for precision marketing; A certain brand of smartwatch collects location information frequently without explicitly prompting the user, forming a user behavior profile. In the aforementioned case, the maternity service company dispatched personnel to obstetrics departments of more than ten hospitals in Shanghai to summarize newborn information every day. Originally, this was used for enterprise reconciliation, optimizing after-sales services, etc. However, the enterprise lacked careful consideration for information authorization and supervision, and did not formulate effective measures, which planted the hidden danger of information leakage. In the era of big data, consumers are facing more than ever the situation of a large amount of authorized use of personal information and insufficient security protection. In the face of this new situation, we need to further enhance the level of refined governance and strengthen the targeted and effective supervision. For some prominent issues that have been repeatedly banned, in addition to launching various special actions and striking hard, it is also necessary to strengthen the collaborative law enforcement mechanism to prevent some violators from using regulatory loopholes to "fight guerrilla". For those new problems that arise with the development of the times, it is necessary to increase institutional supply, continuously refine rules, minimize regulatory blind spots, and resolve hidden dangers in their infancy. For example, in response to issues such as mandatory facial recognition, the "Measures for the Security Management of Facial Recognition Technology Applications" released in March this year clearly stipulate the relevant principles for the application of this technology, and make detailed provisions in terms of notification methods, authorization and consent, impact assessment, and filing procedures to prevent technological abuse. With the rapid popularization of facial recognition technology, the introduction of this new regulation is undoubtedly timely for promoting the safe and healthy development of related industries and better protecting personal information rights and interests. To further enhance the initiative of governance, we also need to find ways to plug loopholes from the source and better utilize new technologies to help solve new problems. For example, a certain application has launched a new feature that allows users to easily trace their historical authorization and revoke their personal information with just one click; A certain e-commerce platform adopts "privacy computing" technology to ensure that data is "available but not visible". Strengthening guidance for personal information users on relevant platforms and urging them to take proactive measures, replacing post remedy with prevention, and internalizing personal information protection as the "gene" of the product, is the only way to break out of the vicious cycle of "cat and mouse games" in regulation. Protecting personal information rights is a must-have question in the digital age. By finding the balance between development and security, and building a three-dimensional governance system with rules as a bottom line, technological empowerment, and social governance, our digital life will inevitably achieve the unity of convenience and security. (New Society)