"I'm all for self-regulation, but only if self-regulators can say, 'If you fail to give better notice than what you have, you will be referred to a law enforcement agency,' " said FTC Chairman Robert Pitofsky this week at a congressional hearing.
A recent survey by the New York-based Direct Marketing Association (DMA) countered the FTC's notions that the industry needs new privacy laws, showing overwhelmingly that the Internet's largest players are indeed policing themselves.
"As an industry, we all support the notion of opting in for marketing [but] it has to be self-regulating," said Zack Nelson, president of ASP (application service provider) myCIO.com, in Sannta Clara, Calif.
Other Web site operators agreed.
"[Privacy] is not only an ethical issue, it's almost a requirement from a business perspective," said Bob Speicher, executive vice president of sales and marketing at portal site Nettaxi, in Campbell, Calif. "A company with a bad reputation for protecting the privacy of its users is not going to do very well."
Still, others view the push for oversight to be a done deal.
"I don't think this legislation will be lightweight -- I do think that it is inevitable," said Michael Santarcangelo, director of privacy consulting and information risk management at consulting firm IFsec, in New York.