Privacy has been acknowledged to be a critical requirement for many business environments. A variety of uncertainty and mutability poses challenges when sharing resources must happen in collaborative environment. Therefore, the definition of an efficient access control model, based on which privacy policies can be specified, is crucial. In this work, we propose a trust-based access control model to protect privacy in collaborative environment. First, a trust value is evaluated based on both histories and peer recommendations. Second, purposes, obligations, and conditions are discussed in this paper, which leads our trust-based access control model to meet the requirements of modern corporation regulations and privacy laws. Third, our model handles uncertainty and mutability by dynamically re-evaluating the requester' trust and revoking the granted on-going access if access control rules are no longer met.