The way they can do this is by giving their users access to, and editing permissions over, the data they keep. I’ve written about a “Data Bill of Rights” here.
Another idea is to use a simple, but totally different architecture for data: keep all the data on the client side, and use a key to hand off access to the server (ie the web application/search engine).
John Battelle, battellemedia.com

Transparency is key. Every search-and-sort mechanism, online or off, requires some level of filtering – choosing what belongs and how to present information. For search engines to sustain user trust, they must be transparent about the filtering they use to display results, capture information and disclose biases. At the same time, users are charged with the responsibility to build up their search engine literacy, to be knowledgeable about how they function and what their limitations may be.
Gary Price, resourceshelf.com

Search engines have to make it clear that they don’t store any data whatsoever. The only way they can do that is if search is their only business. Email, personalized home pages, mobile clients, IM clients, search history – they are the enemies of private searching.
Om Malik, GigaOM.com

User trust is built by giving users control…next generation search engines will empower users to manage and improve the relevancy of their own search results.
J Michael Arrington, techcrunch.com

It’s quite simple. I don’t want to be identified. What AOL did was a tragedy: They publicly released the search data of thousand of individuals, initially arguing this was ok since they weren’t releasing the names of the individuals. Yet, by adding two and two together, some researchers were able to look at the search data and identify the individuals anyway. I’ll never be a customer of AOL again. Somehow you’ve got to protect identities, and if you’re collecting information about us, you should let us know what you’re collecting, and where to find it.
Matt Marshall, venturebeat.com

I think the number one best practice is to engage the community and have conversations with them. The success of blogs and other forms of social media has been due to the fact that people can have one-on-one conversations with other people with similar interests. Nobody wants to have a conversation with a corporation, but we want to talk to the people inside the corporation. Once that starts to happen, people begin to trust corporations more. Want to know how people will react to user privacy? Ask them! Next-generation search engines that want to foster trust from their users, need to reach out to those same users (a.k.a. real people) and engage in two-way conversations with them.
Richard MacManus, readwriteweb.com

The compliment of power must always be control; a search engine that learns from you must also trust you by you giving you the tools to curate and prune your search history and to opt-out at will. Even better, give users the ability to encrypt their own search history with their own keys. Expose an API that allows users and communities to learn from the way their interaction with the search engine contributes to the overall experience.
Ars Technica, arstechnica.com

It is not the data or cookies…it is the intent in handling them. The problem is purely in communications. Search engines must openly declare what they are doing with the data and all tracking devices, almost like a confession. Alternatively, they can ask users’ permission when the data is being captured and the privacy line could be seemingly crossed. Once such clarity is exercised, then it is a fair environment.