In the big data era，the contradiction between personal information security and data circulation becomes more and more seriously，the design of consent mechanisms and privacy provisions is an important approach to balance the protection of personal information and the efficiency of information transfer. In the “Personal Information Security Standard”（GB/T 35273-2017）published on December 29，2017，the consent mechanism plays an important role. China has learned from the rules of the EU and has made its own new rules in respect of distinguishing the form of consent and so on. However，comparing with the EU “Guidelines”，China's Standard is not comprehensive enough. China should further provides guidance on the consent mechanism and refine the criteria of consent to protect the right of information and choice of data subject.