https://iab.org/wp-content/IAB-uploads/2011/03/fred_carter.pdf
- The Privacy by Design approach must adopt a proactive rather than reactive stance and aim at preventing privacy risks and not at addressing them after they occur;
- Privacy is to be used as a default setting;
- Privacy must be embedded into design;
- Privacy by Design ensures full functionality and seeks to achieve both privacy and security;
- Security must be made an integral part of the systems throughout their whole lifecycle;
- It seeks to achieve visibility and transparency;
- Systems are to be kept user-centric and users interests and needs must be taken into account.