In some jurisdictions, you have to provide a privacy policy. Australia is one (for some businesses).

California too I think, if you're collecting personally identifiable information. http://en.wikipedia.org/wiki/Online_Privacy_Protection_Act

Privacy Policies are mandatory in any Country. Europe and USA in primis. The main difference is between opt-in and opt-out, but it does not affect the need of a Privacy Policy :)

Google provides diffs of their privacy policies, so I imagine it would be possible to tell whether any given practice was in violation of their stated policy at the time of the infraction by looking at the policy's history.

Also, I don't think it matters whether someone has read the privacy policy when they try to take you to court. Oh, you didn't read that I plan to share your information? Guess whose problem that is.

A world without Privacy laws would be similar to the one described in 1984, by George Orwell. Privacy was born as reaction to dictatorships in Europe, we can't forget it. About Privacy Policies, I think there is space to do much, making them finally readable, accessible to anyone.

I've noticed quite a few times on HN that people demand a new site/startup have a ToS - or they wont touch the service with a barge pole. That always struck me as a bit strange too. Particularly in the HN/startup community, I don't think having a ToS has ANY bearing on the integrity of the site or it's owner. It's a startup - chances are it'll be down next week anyway.

A privacy policy sets expectation which can be compared against. If they promise to not sell your data, then do, you can do something about it.

If you read this, you owe me 10 dollars.

So this is the email disclaimer argument. Email disclaimers are admittedly useless, but unless they stop being common-place, they will become accepted.