If we focus on the real problem presented here (readability and awareness of stated intention, and possibly client-side enforcement - not compliance, that's a separate issue), the problem's really not that big to solve.
Some of the comments here point to some techniques and practices that could actually be cobbled together very cleanly.
We've got the Creative Commons generator for human-readable deeds, lawyer-spew, and machine-readable code. Not that hard to adapt a version with "We Don't Keep Your Credit Cards" or "All Your Identity Are Belong To Gator." More options, sure, but probably easy to extrapolate in a form.
Making it machine readable (or, hell, even Geek Code-formatted; SSL-128+, 419--, Spam^3) means you can extend P3P-savvy user agents to watch for the framing of the policy, alert you to behavior you're not comfortable with, and automatically flag you with a Firefox-style notification when it sees a diff.
Hell, even if we can't get that kind of progressive behavior from a vendor, there's other tools out there that can be adapted, right? I haven't tried AT&T's PrivacyBird yet (referenced in the P3P article on WikiPedia), but between that and other tools like EULAlyzer, how hard can it be to drop in a browser-level tool that either queries a third-party database for privacy analysis and warnings, or examines the policy directly and gives you some breakdown of potential bad behavior?
Let's go even further -- supposing your site's targeting North America and Western Europe, but either you, or the hosted content or partner links, are in nations with known, uh, *default privacy behavior* that overrides the vendor's. Why not have a "Holy Dammit You're Trying To Hit A Blog Site From China" or "AT Your World Delivered To The NSA" alert?
(Okay, maybe not an alert for that one, but at least a visual cue somewhere in the browser status bar. Maybe an All-Seeing Eye, or a Boot Stamping On The Face Of Humanity, Forever. Something unobtrustive like that.)
Frankly, Scarlett, I don't have a fix. -- Rhett Buggler