once something hits the internet its out there, no privacy promise by a huge corporation is going to protect it.
BS. People send millions upon millions of email messages a day and have a reasonable expectation that their email providers and any SMTP hops along the way are going to keep them private. If a webmail provider suddenly decided that everyone's email address and all the addresses of all their contacts were to be public (unless you opt out), that would rightly be perceived as bad behavior and a violation of users' sensible assumptions. The path of least resistance opt-in flow for Google Buzz had the end result of publicly listing the names of some of folks frequent contacts (who'd also opted in). It created a big uproar and Google quickly changed the wording to make it clearer what would be public and how to keep it private.
I access my banking records through the Internet on a regular basis. I use this convenient system instead of paper and phone calls precisely because I trust the privacy promise provided by my bank. A bank that suddenly decided to make everyone's financial information available to the world on the web by default would quickly lose a lot of customers and get a big fine from the regulators. I don't think we need a Federal Department of Regulating Facebook, but I do think we have a right to expect companies to stick to their privacy promises and suffer customer-based consequences if they fail to live up to them.
One thing The Cloud can do better is give users control of their data. Google's Data Liberation Front is a good model: If a user decides they don't want to use a cloud provider's services for whatever reason, it should be easy to get all their data out of that company's control and import it in to a different cloud provider (if desired). Take it a step further: As a user of service A, I should be able to select certain information to share privately with my friend who uses service B. Like telephone companies and the post office, the service providers should transmit and present that information, but they should have no option to change the parties who can see it.
Caveat: Court orders and other legal actions can force a provider to reveal private information without the approval of that information's owner. This is true of banks, cloud providers, and internal IT departments. So yes, if you're planning an elaborate murder scheme on the Internet, don't assume it will only be seen by your co-conspirators. But if you're closeted at work and out to your friends, you have a right to expect your social network won't suddenly decide to make "Orientation: Gay" the first thing people see when they Google your name.