That said, I favor the recent approach taken by the U.S. Federal Trade Commission, which issued its guidelines in the spring. Instead of using the legislative stick to compel companies to respect a person's SPD, it is promoting the carrot of self-regulation so companies will reach out to consumers to explain their privacy policies, how they use SPD, and give them an easy method to opt out of having their SPD used.
Elsewhere, browsers, such as Firefox and Internet Explorer, have Do Not Track features built in, with Microsoft going so far in its next browser release as to set Do Not Track as the default. And third-party tools to protect a person's online activity from prying eyes are abundant.
I believe that consumers are very concerned about their SPD. But I'd argue they're more concerned about it falling into unintended hands. That is, people who have good relationships with businesses are happy to share SPD with them because the services and goods they receive are improved in the process. But they want those companies to keep a tight lid on that information. They want bullet-proof security of their SPD. When security fails, that's when their privacy concerns are heightened. If companies could protect their data 100% of the time - that is, if they never suffered a security breach - I'd wager privacy issues would all but disappear among the vast majority of consumers.