“Right now we have a lawful system for tracking all of our movements online,” says Christopher Calabrese, legislative counsel for the American Civil Liberties Union. “And not only is it legal. It’s the business model.”

Calls for online privacy protections began with the Federal Trade Commission, which has challenged the industry to offer a digital tracking off switch. The FTC envisions something akin to the government’s existing “Do Not Call” registry for telemarketers. Consumers who don’t want to receive telemarketing calls can add their numbers to the list online or over the phone.

Companies including Microsoft and Mozilla have responded with various “Do Not Track” technologies. But an industry-wide solution is not close at hand.

That’s because putting the Do Not Track concept into practice is much more complicated than simply adding phone numbers to a database. The challenge is in reaching industry consensus on what Do Not Track obligations should mean, designing standard technology tools that are easy for consumers to use and setting common rules that all Websites and advertisers will follow.

One big part of the problem is that the industry needs to find a way to let consumers halt intrusive online marketing practices without preventing tracking critical for the Internet to function. After all, Internet companies rely on tracking not just to target ads, but also to analyze website traffic patterns, store online passwords and deliver customized content like local news. Nobody wants to stop those things.

Also complicating efforts to reach broad agreement is the lucrative nature of behavioral advertising.

Industry leaders argue that many consumers like targeted ads since they deliver personalized pitches that people may want. And because these ads tend to be more effective, advertisers are willing to pay more for them, says David Hallerman, an analyst with eMarketer.

Research firm eMarketer projects U.S. spending on online behavioral advertising will hit $2.6 billion by 2014, up from $775 million in 2008.