I have been advocating startups build privacy in to their systems as differentiation points over their competitors. As privacy breaches make the headlines, it makes for PR that you can piggyback on to fairly effectively.
At Blekko we've been very aggressive at building privacy in from the start, and we talk about that with folks all the time.
When I was at Sun I was deeply involved in doing security work both in the kernel and on the network. There were lots of places to improve.
In both the Blekko and Sun cases the 'better' version doesn't seem to carry a lot of retail influence. Which is to say if you offer a consumer a choice, the 'secure' one which costs a bit more (either in cash or in complexity) or the 'insecure' one which is cheaper, not enough people pick 'secure' to make the investment pay off. You have to pay for your investment somehow, and the fewer people who are willing to pay for a feature, and the more it costs to implement, means a higher per-consumer price for that feature. Security often pushed that cost threshold over the limit into 'non-business'.
When we were discussing implementing the best privacy policy and technology in any search engine I was pretty clear that having the 'best privacy policy of any search engine' was a nice add-on feature but you couldn't base your business on it. We had to have a search engine that was just as good or better than the competition, and the fact that 'oh by the way its got the best privacy policy' could be icing on the cake, but for the majority of people it would not be their reason for using it.
You can see this sort of effect in lots of different communities.
