Tim Cook, in an op-ed for Time:

Last year, before a global body of privacy regulators, I laid out four principles that I believe should guide legislation:

First, the right to have personal data minimized. Companies should challenge themselves to strip identifying information from customer data or avoid collecting it in the first place. Second, the right to knowledge — to know what data is being collected and why. Third, the right to access. Companies should make it easy for you to access, correct and delete your personal data. And fourth, the right to data security, without which trust is impossible.