Based on the European model:
- Notice — data subjects should be given notice when their data is being collected
- Purpose — data should only be used for the purpose stated and not for any other purposes
- Consent — data should not be disclosed without the data subject’s consent
- Security — collected data should be kept secure from any potential abuses
- Disclosure — data subjects should be informed as to who is collecting their data
- Access — data subjects should be allowed to access their data and make corrections to any inaccurate data
- Accountability — data subjects should have a method available to them to hold data collectors accountable for not following the above principles
