The government agency hopes to strengthen the Children’s Online Privacy Protection Act (COPPA) by including social networking sites, apps, and other platforms that weren’t around when the act originally passed in 1998. That law requires parental approval for kids under the age of 13 if they want to use sites aimed at children. Facebook and other sites can avoid complying with the law by opting to ban minors altogether.

But new rules, first proposed in August, seek to require that sites with “a disproportionately large percentage of children” —whether they’re aimed at children or not—also be required to follow COPPA. It also proposes that app developers, whose codes are used on sites aimed at children, also comply with COPPA’s rules. This could include sites like YouTube and Wikipedia, which, while not expressly aimed at children, often are used by them. Collecting information from those who use such high-trafficked sites could create privacy concerns that deter users from these sites rather than protect young users.

“We commend the FTC for trying to keep up with web technology, smartphones and apps,” says Deborah Caldwell-Stone, deputy director for the American Library Association’s (ALA) Office for Intellectual Freedom. “But what we’re concerned about is the First Amendment, and verifying age and identification might mount barriers to freely access information on the Internet.”

Since COPPA is aimed at commercial sites, it doesn’t impact public or school libraries. (Although, the ALA does suggest librarians understand the law so they can explain it to parents and children). However, the ALA is monitoring developments of the proposed rules and did sign on with the Center for Democracy and Technology (CDT) and added comments to the proposed rules last month.

“Both of these proposals are too vague to give operators and developers a clear understanding of their obligation under the law and would create significant burdens on free expression and innovation,” write the two groups.

To Anne Collier, the problem also involves privacy and data control. With parents having to submit information in order to open additional sites, more data is collected on minors, thus creating more opportunities for the data to be used or potentially taken.

“You have that data spread in more places,” says the co-director of ConnectSafely.org. “If you require parents’ permission at every layer in the food chain, you have more data and more storage—and that makes people’s information more vulnerable.”

The FTC closed the public comment period on September 10, with the commission aiming for a final vote by the end of this fall.