In a presentation at the research firm's annual security and risk management summit, Frank urged marketers to firm up their privacy policies and achieve compliance with the (DAA), an industry-led self-regulatory organization focused on educating consumers about how their information is collected and used and providing options for limiting tracking.

The likely alternative, Frank said, is more rigorous oversight of the industry at the hands of federal regulators.

"By now it's clear there are no easy solutions to the problem of how to reconcile marketing imperatives with privacy," he said. "You don't want regulatory practices to go and start to replace the self-regulatory practices, and this will happen if people aren't complying voluntarily."

The DAA, whose members include several of the leading advertising and marketing trade associations and the Council of Better Business Bureaus, has been working to spread its privacy framework throughout the industry in a bid to convince lawmakers and regulators that self-regulation is a viable path to protecting consumers.

Frank, a fan of the self-regulatory model, is advocating that businesses engaged in behavioral targeting sign onto the model backed by the DAA, which he described as a "serious" organization.