That is, maybe if FB own the data, advertisers buy it and states/others hack into it... the right solution is to "push the arrow through" rather than extract it. Make the data (or most of it) public. Publish it. It's not really "private" in a meaningful way. The subject (object?) does not have control of and/or knowledge of the dataset describing them. Also (this relates to my last point) data is not the sum of its part. A lot of what the data is only exists at the aggregate level, and without publication users can never have control, ownership or any rights to these crucial aspects of their data..
To put it in the form of a question: Are there ways of arriving at a better state, with less distrust and paranoia that involves opening data, rather than just better protecting it.
I'm not suggesting that it's simple or that I know exactly how it should work. But, if advertisers had the same access everyone has, I think it'd be less of an issue. If the default was "data is public," I suspect we'd find better ways of dealing with data that truly needs to stay secret.
As an aside, unconnected to privacy, data has become a new class of IP. We may legally consider it copyrighted (raw data) or patent-able (trained NNs), but as a practical matter it is a new type of IP... of rapidly growing importance. There are massive, world changing examples of what can happen when we manage to create cultures of "public IP" or sharing. The scientific revolution was (arguably) directly related to the new culture of publishing experimental results. CS was irrevocably changed by free and/or open source software, especially compilers, operating systems, libraries... The WWweb, in lots of ways. The pace of the current ML explosion is directly related to and enabled by open source, free software, scientific publishing and "open IP" generally.
Imagine how held back we would have been, if those cultures of sharing hadn't emerged. I think data sharing is probably similar in this regard to compiler code or scientific experiments. Openness creates value, potentially a lot of it.
Privacy is a meaningful reason/excuse for closed data. I think it's worth trying to solve these two together. Dunno how to phrase a question for that.