The Privacy-by-Design approach has gained an increasing acceptance for privacy management in the privacy community. However, there is still a research gap in methodologies for implementing this approach and a need to develop frameworks and systems to support Privacy-by-Design practice. In an attempt to bridge this gap, this paper uncovers hidden issues of the Privacy-by-Design approach as a means to derive privacy requirements for implementing information systems with privacy embedded by design.