Online privacy is problem looking for a solution, not the other way around
Root cause analysis of the problem indicates that several things are needed, most of which are not currently in place:
1) Clear definition of personal data ownership, on both a legal and commercial basis. Currently the data slurpers hold most of the cards here. This is a fundamental issue, which while being superficially addressed by some companies, still needs some work.
2) Mandatory anonymization of personal data objects so as to prevent targeted, collated profiling by second and third parties. This means a doctor, insurance company or government agency can check how many people have diabetes, but not who they are, where they live, etc. Supermarkets can check how much whiskey they are selling, but not who is buying it. Any removal of the anonymity shield would require a warrant or a very compelling public interest (life-threatening situations for example).
3) Clear and unambiguous laws about data retention time limits and the right to quickly correct any of your personally identifiable information held in commercial and public databases. There must be a time limit on how long slurpers can hold your data and you should be able to inspect and correct it any time or at fixed periods.
4) The implementation of data categorization rules by everyone in the public and commercial sphere. If a web site asks for your phone number, CC number, SSN, address or anything else that can identify you personally, they will be legally obligated to encrypt it, protect it and prevent its distribution to unauthorized parties, including their own staff. The civil and legal penalties for failing to do so should be serious enough that non-compliance is not an option. We can start with banks, credit card companies, and all merchants who accept credit cards.
Since the cat has already been out of the bag for a long time and is now roosting at the top of a tree, the best we can hope for now are solutions that will prevent future abuses.
I am not too sure politicians will ever get it, as this involves some amount of education and intellectual integrity. Consumers really need to vote with their wallets, and techies need to start designing solutions that can solve these problems. Databases can have rules applied to them, and these rules can be enforced. We need more tools for this stuff and a serious will to ensure that they are correctly used by data gatherers.