"A 'strong compromise' on how to ensure a high level of data protection across the EU was agreed by Parliament and Council negotiators in their last round of talks," from the European Parliament.
"Unfortunately, member states could not agree to set a 13-year age limit for parental consent for children to use social media such as Facebook or Instagram. Instead, member states will now be free to set their own limits between 13 and 16 years," said Parliament's lead MEP on the regulation Jan Philipp Albrecht.
One EU source said the issue was being blown out of proportion but media interest was intense given the massive use and growth in social networks and concerns about their possible negative impact on the young.
The set of rules that were agreed would be valid for authorities, companies and individuals as part of efforts to create what is known as the "single digital market."
The two draft laws in the package are scheduled for a confirmation vote in the Civil Liberties Committee on Thursday morning.
If it gets through the committee, it will have to come back to a full parliament vote in early 2016.
Personal data protection was always a concern, especially its transfer overseas by giant US companies such as Google and Facebook, but became an even hotter topic after revelations of mass intelligence snooping by the US and other countries.
"The draft regulation aims to give citizens control over their private data, while also creating clarity and legal certainty for businesses to spur competition in the digital market," the statement said.
Albrecht said that "today's negotiations hopefully have cleared the way for a final agreement".
"In future, firms breaching EU data protection rules could be fined as much as 4.0 percent of annual turnover for global Internet companies in particular, this could amount to billions", he said.
"In addition, companies will also have to appoint a data protection officer if they process sensitive data on a large scale or collect information on many consumers".