I will just add that the problem of authentication is a big part of this issue. It's being addressed by industry and the marketplace and government. I'm part of a working group that Industry Canada is chairing on principles for electronic authentication. It's a huge challenge.
One accepted principle is single-factor authentication, that is, like a simple password is insufficient. It's easily cracked. We need to move, and companies are moving, to multi-factor authentication.
Another big problem is that often people want to go with a kind of simplistic form of authentication that involves collection of personal information. In fact, technologists, engineers, and computer science experts have come up with reliable methods of authentication that do not require collection and storage of any personal information. It can be done through computer algorithms, and so forth. The challenge there is to have industry adopt those measures that minimize the collection of personal information rather than the more simplistic ones that don't.