I've long argued that authenticating identity "online" is a government function, just as it is a government function to issue me a birth certificate or a driver's license or a passport. A government-run single sign on (or, better, a network of single-sign-on's depending on where your citizenship lies) could be prohibited by law from collating information, and sites that used it could be forbidden from using it for sharing of data. Similarly, sites that wanted to use it could be legally prohibited from abusive practices, sharing your information, etc.
The reality is that privacy is OVER -- and it's been over for a long time. Unless you've bought a tin-foil hat, you're in many dozens (if not hundreds) of databases, many of which share information. The problem? You don't know it, and you have no access to this wealth of information. So let's drag as much of our critical information as possible under government control, where there's at least SOME accountability. Millions of details ... like how to preserve some sort of anonymity if there's an overarching SSO -- but the economic benefits of establishing one would be huge.
Finally, let it be noted that the situation with sso now is analogous to the situation with "information services" back in the 1980's. We could have built an awesome shared information service (a la France's Minitel), but the companies in the space (AOL, CompuServer, BIX, Genie, etc.) were all trying to beat the others by locking you into their product. The free market is not the solution to every problem.