You assume the false advertisement would be done lawfully. People who hack places to publish list of embarrassing information don't do so legally, so why should we assume that people who abuse data mining services would only be lawful entities?
The false advertisement might say something like "save 50% of your next amazon purchase" or "try out our new car service by getting the first trip free" or any other ways of getting people to voluntarily filling in information which looks completely innocent. All you need is the additional information of name and address, which for the user feels completely separate from the sensitive information which was surreptitiously inferred through the targeted advertisement.
This assuming they can't simply push some malware and get the name that way. We constantly hear about tor hidden service attacks done by de-annonymize people with flash/java/browser exploits.
It seems a little unusual to question the merits of data protection law on the basis that sometimes people can circumvent it by committing crimes!
Do you not realise how low response rates to ads and promotional mailshots are? Try as you may, you cannot possibly hope to obtain anything more than a tiny fraction of the data held by a third party by advertising your phishing page on their network, even if the third party actively supports your goals. And even if you get some useful personal information, if you publish it without consent, you've committed a crime.
Banning the sharing/selling of data without consent imposes significant obstacles to legal and illegal hassling of people whose data has been mined.
The false advertisement might say something like "save 50% of your next amazon purchase" or "try out our new car service by getting the first trip free" or any other ways of getting people to voluntarily filling in information which looks completely innocent. All you need is the additional information of name and address, which for the user feels completely separate from the sensitive information which was surreptitiously inferred through the targeted advertisement.
This assuming they can't simply push some malware and get the name that way. We constantly hear about tor hidden service attacks done by de-annonymize people with flash/java/browser exploits.