Everybody can agree that the privacy of children needs to be protected when they use the Internet.

Young children invite trouble by logging on, posting pictures of themselves, giving out their cellphone numbers, birthdays, home addresses and other personal information — even on websites geared to their age group — if that data isn’t protected.

The question is, whose responsibility is it? Regulators and Web-based companies don’t agree how to do it, and their battle is being waged through the Federal Trade Commission.

Back in 1998, Congress passed the Children’s Online Privacy Protection Act of 1998, or COPPA, which requires operators of websites to notify parents and obtain their consent before collecting, using or disclosing personal information about children younger than 13.

The FTC, which has the authority to issue regulations and enforce COPPA, wants to update the law to address innovations in the online world, including social media and new mobile devices. The updated regulations are expected by the end of the year.

But the commission is being met with pushback from Facebook, Google, Microsoft, Apple, Viacom and a host of tech industry insiders. The industry position amounts to this: Due to the amorphous nature of the Internet, the FTC proposals impose unreasonable burdens.

Consider the use of plug-ins — software that allows one website to offer a link to a page from another website. Simply by clicking their mouse, users can link to a video, an app, a photo or some other cyber experience. The popular ability to “like” another site via Facebook is an example.

The problem is where does responsibility lie for COPPA compliance? Which entity is the legal operator of the content and is responsible for following rules that restrict information from children?

The FTC is attempting to stretch the responsibility when websites are aimed at children or when companies have “reason to know” they are dealing with children. In reply, the tech firms say the FTC doesn’t get that website publishers operate separately from plug-in providers and the two can’t be linked for accountability purposes.

A persistent problem facing Web companies is verifying a user’s age. Facebook, for example, has an estimated 7.5 million users under the age of 13 and 5 million under the age of 10, according to a Consumer Reports study from 2011. Many of these kids skirted the company’s age restriction with the help of their parents.

The industry worries that the burden of potential liability will impede development of social media and other Web-based commerce. Facebook warned that “changes to the COPPA rule that seem simple in theory could have unintended and profound effects in practice.”

Yet it’s clear the rules need to keep up with new technology. The FTC recently announced a $1 million civil settlement against a Web company that had operated fan pages for Justin Bieber, Rihanna, Selena Gomez and Demi Lovato. According to the FTC complaint, the firm registered more than 25,000 kids under the age of 13 as fans — without parental permission — and collected personal information from nearly 75,000 more kids who started to register but never finished.

Protecting children’s privacy — to say nothing of that of adults — from the information-gathering powers of Internet marketers is no simple matter, especially for the marketers who wish to follow the rules. But that is no excuse for not complying.

The back and forth of the FTC’s extended comment period for the new regulations is all for the good. Ultimately, though, the industry needs to understand that the Web should not be an autonomous, self-regulating realm. Corporations are working hard to influence how people — including children — use cyberspace, and — let’s not kid ourselves — their objective is to make massive profits.

Web enterprises are doing a good job figuring out new ways to make money. Now they need to focus some of their brainpower on how to do that while responsibly protecting children’s privacy.