随着大数据时代的跃进，图书馆作为公共文化事业发展的重要支撑，也迎来了数字化的机遇与使命，但用户数据安全却因网络空间的复杂多变而时有掣肘。因此，需要对图书馆用户数据之安全防范问题做出前瞻性的思考。针对这一议题，主要运用权利、义务、责任与防范的框架加以研究。一方面，明确数据属性和分析风险行为，从而做到对用户数据风险的准确识别；另一方面，从外界侵扰、合作风险与内部失范三个层面厘清图书馆和关联主体之义务、责任关系。迈向大数据时代的图书馆，应当从现有法律框架中探寻合理的防范路径，由内而外多维度化解风险，主要做到细化“必要措施”、预设服务协议与规制馆员行为。在此基础上，提出界分数据侵权与确定数据权利之构想，为数字图书馆的后期发展提供持续制度支持。

With the leap forward of the era of big data, libraries, as an important support for the development of public cultural undertakings, have also ushered in the opportunity and mission of digitization. However, user data security is constrained by the complexity and changeover of the network space. Therefore, it is necessary to think forward about the security of library user data. Focus on this topic using the framework of rights, obligations, responsibilities and precautions. On the one hand, data attributes are clearly defined and risk behaviors are analyzed, so as to accurately identify risks of user data. On the other hand, it clarifies the obligation and responsibility relationship between library and related subjects from three aspects: external intrusion, cooperation risk and internal anomy. As libraries move towards the era of big data, they should seek reasonable prevention path from the existing legal framework, and eliminate risks from the inside to the outside in a multi-dimensional way, mainly including the elaboration of "necessary measures", the presetting of service agreement and the regulation of librarians. On this basis, this paper puts forward the conception of the infringement of the boundary score data and the determination of the data rights, which provides the continuous system support for the later development of the digital library.