Privacy is just an additional burden, in particular these days? Let's relax the GDPR requirements, is what lobbying associations are currently claiming. This talk is pleading for why the privacy principles, in particular the concept of privacy by design, are also supporting and protecting companies' information and business secrets. Privacy by design - meaning taking privacy into account throughout the whole engineering process - is a concept that was developed 10 years ago by the former Information and Privacy Commissioner of Ontario, Ann Cavoukian. In 2018, when the GDPR was becoming effective, Privacy by Design was for the first time an enforceable concept in the European Union (EU) and for the member states of the European Economic Area (EEA). Violations can be punished with fines of up to EUR 10,000,000 or up to 2 % of the total worldwide annual turnover of the preceding financial year, whichever is higher. Nevertheless, the obligations of controllers to comply with the principle of privacy by design seem to be either falling under the radar of many companies or are just not as prominent as popular and visible obligations like information requirements or data processing agreements. The following will engage with why the principle of privacy by design shouldn’t be underestimated.