With industry players aligning around a set of self-regulatory principles meant to protect consumer privacy on the Internet, some lawmakers are wondering if online marketers and other \n\nWeb players can be trusted to responsibly police their own data-collection operations.At a Senate hearing this week, commerce committee Chairman John Rockefeller (D-W.V.) gave air to those concerns, suggesting that \n\nlawmakers might have a role to play legislating privacy protections in spite of the efforts that industry groups have been making and the \n\nguidance that has emerged from a pair of reports from the executive branch."I recognize that consumer information is the currency of the Web," Rockefeller said. "Thanks to advertising revenue, much of the rich \n\ncontent of the Internet is available to consumers for free. I also understand that advertising is more effective and valuable to companies when it \n\nis tailored to match consumers' individual interests and tastes. But there has to be some balance. Consumers should have some degree of \n\ncontrol over their personal, often sensitive, online information."The hearing came amid the backdrop of an ongoing drive to implement effective self-regulation led by the Digital Advertising Alliance (DAA), a consortium of industry trade groups and member \n\ncompanies working to implement standard practices allowing consumers to opt out of data-collection programs and offer more visibility into \n\nwhat information is collected and how it is used.Meantime, the White House \n\nand Federal Trade Commission have \n\neach issued their own sets of guidance about privacy best practices, variously calling on industry members to offer more meaningful notice to \n\nconsumers about their privacy policies and implement a so-called do-not-track mechanism.Rockefeller noted the news this week that the travel site Orbitz would begin offering different product listings to consumers depending on the type of computer they are using. So Mac users, which Orbitz has identified as a more affluent \n\ndemographic, would be shown pricier travel options than visitors using a PC.That announcement, Rockefeller said, "should remind all of us that companies will always be tempted to misuse the consumer information \n\nthey collect."Rockefeller said he was pleased that member companies of the DAA would offer consumers the ability to opt out of their online tracking \n\nprograms, but took issue with the exemptions relating to activities concerning "market research" or "product development.""These exceptions are so broad, they could swallow the rule," he said. "'Market research' and 'product development' could encompass almost \n\nanything."Bob Liodice, president and CEO of the Association of National Advertisers, a member of the DAA, argued that certain tracking methods are \n\nnecessary to support cybersecurity and curb fraud, while other limited marketing activities have won the blessing of Federal Trade Commission \n\nChairman Jon Leibowitz and staffers."The Internet operates on some collection of data. And if a consumer opts out of any kind of information gathering, there are necessary \n\nexceptions in order to be able to ensure that fraud protection, crime prevention, other systems that currently operate on the Internet need to \n\ncontinue to ensure that those law enforcement capabilities continue to exist," Liodice said.Rockefeller challenged the notion that cybersecurity should serve as a license for sophisticated data collection, calling that notion a "red \n\nherring" that furnishes marketers a license to compile detailed consumer profiles.Liodice, however, allowed that the industry is obligated to provide a certain measure of consumer choice and options to limit the collection \n\nof data."We would agree that boundaries need to be placed in this arena because consumers need boundaries in order to understand exactly what \n\ntheir rights are, what their privileges are and what their decisions need to be based upon," he said.Liodice also argued against more restrictive regulations along the lines of what European Union officials are backing, warning that overly \n\nprescriptive privacy protections threaten to calcify the industry at a time when the technologies and standards in play are swiftly evolving."That is essentially the core fear, that we lock in place what we currently have and not leave ourselves open to the evolution of technology," \n\nhe said. "Creativity and innovation is the basis for the Internet, and we recognize that as part of our self-regulatory principles we have to allow \n\nenough room and flexibility to adapt to a changing economy and rapidly changing technologies."Another witness, Alex Fowler, the global privacy and policy leader at Mozilla, questioned the urgency of the privacy issue in the mind of \n\nconsumers. Fowler told the committee that online privacy has not yet gained the consumer momentum as previous legislative efforts in the \n\nareas of spam emails and telemarketing."I don't think we're at the point yet where we have the same kind of consumer backlash that we've had with CAN-SPAM and Do-Not-Call," \n\nFowler said. "I think there's still an opportunity here, and some research backs this up -- that we have a polarized set of consumers on both \n\nends that are very surprised and uncomfortable by tracking online and others who are very excited about engaging in personalized content and \n\nservices. And we have a much larger -- and in fact the bulk of the consumer -- market that's somewhere in the middle and ultimately will decide \n\nbased on the value that they receive and how transparent those mechanisms are.""We have an opportunity to address this through technology and changes in industry practices that create more transparency," he \n\nadded.Kenneth Corbin is a Washington, D.C.-based writer who covers government and regulatory issues for CIO.com. Follow everything from CIO.com on Twitter @CIOonline, on Facebook, and \n\non Google +.