It's a framework of ideas, so the "exactly" is hard to pin down if you're asking about how to do it. At the core, the idea that Privacy (like security and many other concerns) should be considered from the first steps of a product instead of being retrofitted after the design process. The latter leads to questions like "How can we make practice X more secure/more private?", when the better answer might be "X isn't a good idea, how can we achieve the same goal differently"<p>I quite liked Heather Burn's article fro Smashing about it: <a href="https://www.smashingmagazine.com/2017/07/privacy-by-design-framework/" rel="nofollow">https://www.smashingmagazine.com/2017/07/privacy-by-design-f...</a> (written in the context of GDPR)
To me, it means that the thing being designed is private in a way that can not be meddled with.<p>I.e. encrypted messages, that a company couldn't give to the government even if they wanted to.<p>In practical terms, this might look like building a system where you purposely don't store or give the ability to access personal content, instead relying on systems that are either local (i.e. not online), encrypted or otherwise fully obfuscated.