Solid?
Here's the about and here's the spec. Looks like DAV with an Outh2 type layer on top for authentication. Not a bad thing, it's fairly simple and works on existing tech. I see the plan is that you can host your own "pod" (aka webserver) or have it hosted for you, which should keep everyone happy.
Re "Optimism" above - if you're expecting the problem of "which is amoral companies and entities trying to get at your data by any means necessary", I'd present the entirety of human history to justify why that won't happen. So I'm not sure castigating this for a failure to remedy is fair.
It looks... fine, I suppose. The kind of workflow being described isn't a million miles off the kind of "Sign in with Google" workflow we have now, which is possible with OAuth2. It does work, provided there is a web-client involved in the process, and it hides a lot of complexity behind a few clicks.
My chief doubt is whether our apathetic species cares enough about privacy to migrate their data to it wholesale.