The California Attorney General's office today released its long awaited report Privacy on the Go (pdf) with recommendations for application developers, platforms, and ad-networks. It is a must read– both for the easy to understand language and clear suggestions, and because it promotes implementations than generally are not considered "required by law." This is the future of privacy design. I urge you to take a look.
Limit collection: Avoid or minimize the collection of personally indentifiable data that you do not need to provide your service and limit the time you keep it. Or as I tell my clients, make a fair bargain with your users! Have policies that make sense and describe them in a way so the user thinks the exchange of their data for your service is reasonable.
Surprise Minimization: Don't collect data or use it in a way that will surprise your users. In other words– notice early, contextually, and repeatedly!