With the leap forward of the era of big data, libraries, as an important support for the development of public cultural undertakings, have also ushered in the opportunity and mission of digitization. However, user data security is constrained by the complexity and changeover of the network space. Therefore, it is necessary to think forward about the security of library user data. Focus on this topic using the framework of rights, obligations, responsibilities and precautions. On the one hand, data attributes are clearly defined and risk behaviors are analyzed, so as to accurately identify risks of user data. On the other hand, it clarifies the obligation and responsibility relationship between library and related subjects from three aspects: external intrusion, cooperation risk and internal anomy. As libraries move towards the era of big data, they should seek reasonable prevention path from the existing legal framework, and eliminate risks from the inside to the outside in a multi-dimensional way, mainly including the elaboration of "necessary measures", the presetting of service agreement and the regulation of librarians. On this basis, this paper puts forward the conception of the infringement of the boundary score data and the determination of the data rights, which provides the continuous system support for the later development of the digital library.