The technical issues are workable, the really difficult issue is none of the big stakeholders really care about the level of privacy you describe. Priorities like audit compatibility, cost of deployment, etc all end up governing what standards get adopted.

Edit: And as Doctorow points out there are a host of other issues that arise from actually deploying a working system.