I thought along similar lines when I heard the Las Vegas high schoolers got hacked/dumped. Why not make standard the use of false/given names to these services which can't be trusted with PII but must transact in it? Part of enrolling for school should be getting your fake name & fake identity for the school DB, another pen name for Doctor 1, &c.

The DMV should provide New Identities as a Service, if the problem's going to be this bad.