The first problem with your analogy is that a residence requires a door to function, the companies collecting the information do not need it to function, they simply wish to monetize it. And I'm fine with that, with the provision that if they're going to collect it, they had better secure it, preferably under pain of legal penalties.
This isn't exactly a novel or radical proposal. Pre-internet, the assumption was that the individual owned his own information. If a media company caught you on camera, they couldn't broadcast or publish it without you signing a release. When was the last time you saw that happen?
The point here is, the commercial entities are holding something that reasonably should belong to you, not to them. And if they're exposing you to risk by holding it, they need to be held accountable when that risk materializes.
I perfectly understand the trade-off of surrendering your personal information in return for goodies. And that's all well and good. But I don't see why the companies collecting it should be getting a free lunch, either. The trade-off on their part is that if they collect it, they're responsible for protecting it. After a few companies pay some staggering fines for data breaches, I'll bet they either learn to secure their customer's data, or they get a lot less enthusiastic about collecting it.