The Federal Trade Commission (FTC) on Wednesday issued a policy statement advising industry that it will not bring enforcement actions against website and online service providers who collect, use and share personal data using age verification technologies.

Companies have historically worried that collecting data for age verification could violate the FTC’s Children’s Online Privacy Protection Rule (COPPA Rule), which requires commercial websites and online service operators to obtain parental consent before collecting, using or disclosing personal information of children under 13.

There are caveats in the statement which make clear that the COPPA exemption only applies if sites do not use or disclose a user’s age for any reason other than to verify their age; do not retain the information after verification; provide clear notice to parents and children whose information has been collected for age verification; and disclose the data only to third parties they are certain will maintain confidentiality.

Companies also must “employ reasonable security safeguards” for information collected for age verification purposes and take “reasonable steps to determine that any product, service, method, or third party utilized for age verification purposes is likely to provide reasonably accurate results as to the user’s age,” according to an agency press release.

The FTC plans to review the COPPA Rule to address age verification, the policy statement said.

The announcement comes nearly a month after agency officials hailed age verification as an important child protection technology and promised to issue a policy statement assuring industry that they can safely verify age without violating COPPA.