What is CIPA?
The Children's Internet Protection Act (CIPA) was enacted by Congress in the year 2000 to address concerns about children's access to harmful content over the Internet. CIPA has certain requirements that schools or libraries receiving discounts through the E-Rate program must comply with. E-Rate program participants must certify their compliance with CIPA to be eligible for E-Rate program discounts on Category One (internet access) and all Category Two (network infrastructure) services.
CIPA requirements include the following three items:
Internet Safety Policy
Schools and libraries are required to adopt and enforce an internet safety policy that includes a technology protection measure that protects against access by adults and minors to visual depictions that are obscene, child pornography, or – with respect to use of computers with internet access by minors – harmful to minors. “Minor” is defined as any individual who is under the age of 17. CIPA uses the federal criminal definitions for obscenity and child pornography. The term “harmful to minors” is defined as “any picture, image, graphic image file, or other visual depiction that – (i) taken as a whole and with respect to minors, appeals to a prurient interest in nudity, sex, or excretion; (ii) depicts, describes, or represents, in a patently offensive way with respect to what is suitable for minors, an actual or simulated sexual act or sexual contact, actual or simulated normal or perverted sexual acts, or a lewd exhibition of the genitals; and (iii) taken as a whole, lacks serious literary, artistic, political, or scientific value as to minors.”
Decisions about what matter is inappropriate for minors are made by the local community. E-Rate program rules specify that “[a] determination regarding matter inappropriate for minors shall be made by the school board, local educational agency, library, or other authority responsible for making the determination.”
Schools and libraries are required to adopt and enforce an internet safety policy that addresses all of the following:
Access by minors to inappropriate matter on the internet and World Wide Web.
The safety and security of minors when using electronic mail, chat rooms, and other forms of direct electronic communications.
Unauthorized access including “hacking” and other unlawful activities by minors online.
Unauthorized disclosure, use, and dissemination of personal information regarding minors.
Measures designed to restrict minors’ access to materials harmful to minors.
For schools, the policy must also include monitoring the online activities of minors.
Measures to educate minors about appropriate online behavior, including interacting with other individuals on social networking websites, chat rooms, cyberbullying awareness, and response.
Technology Protection Measure
A technology protection measure is a specific technology that blocks or filters internet access to minors in use of school computers. The school or library must enforce the operation of the technology protection measure during the use of its computers with Internet access. The E-Rate program rules specify that the authority for making the determination of what is inappropriate for minors is made by the school board, local educational agency, and/or library.
The content filtering must also apply to staff and faculty of a school. A school can provide separate internet access for students and staff/faculty.
Public Notice and Hearing or Meeting
The authority with responsibility for administration of the school or library must provide reasonable public notice and hold at least one public hearing or meeting to address a proposed technology protection measure and Internet safety policy. For private schools, public notice means notice to their appropriate constituent group. To be compliant with CIPA, additional meetings are not necessary (even if the policy is amended) unless those meetings are required by state or local rules or the policy itself.
What if my Organization is not CIPA-Compliant?
You will see the option to certify compliance with CIPA requirements when filing the Form 486 for Category One Internet access and/or any Category Two services during the E-Rate process.
If this is your first year applying for E-Rate, you do not need to be fully compliant with CIPA’s requirements at the time of certifying. You can certify that you are undertaking actions to be in compliance for the next funding year. You will have that first year to become compliant.
For more information on filing the FCC Form 486, see our blog post here.
Click here to learn more about the E-Rate process.
For help with applying for E-Rate, telecom optimization audits, or telecom project management, reach out to us at HWC Consultants!