The digital information technology revolution represented by the Internet，big data，and artificial intelligence has brought tremendous social changes，and the digital transformation of government governance. The transformation of digital administrative methods has exacerbated the inequality of information status between government and individuals in the “administration-citizen” information order，and citizens’ personal information security is exposed to greater risks. Before the “Personal Information Protection Law” was promulgated，legislative regulations on the collection and use of personal information by administrative agencies showed decentralized and fragmented characteristics. Although there have been some standardized elements that uniformly regulate the collection and processing of personal information by digital administrative methods. It still belongs to the regulatory model of the pre-digital era，and it is far from meeting the needs of regulating the information processing activities of administrative agencies and protecting citizens’ personal information under the transformation of digital administrative methods. After the “Personal Information Protection Law” was promulgated，a “general+special” regulatory model for the collection and use of personal information by administrative agencies has been established，and the regulations on the collection and use of personal information by administrative agencies have made considerable progress. At the same time，it should also be recognized that the current “Personal Information Protection Law” regulations governing the handling of personal information by administrative agencies still have some shortcomings such as over-principle and the “informed-consent” principle may become a formality. Space for further improvement. In digital administration，the protection of citizens’ personal information under the structure of the “administration-citizen” relationship should jump out of the path of protection based solely on subjective rights，and instead construct a regulatory model for the collection and use of personal information by administrative agencies from the perspective of the country’s objective protection obligations.