Children’s Internet Protection Act

  • December 20, 2024
  • Erate

Children’s Internet Protection Act

Every E-Rate applicant that participates in the E-Rate program must be CIPA compliant.

If this is the first time your school or library is applying for E-Rate funding, you have 1 year from the start of your first funding year to become CIPA compliant. For those schools and libraries who have applied for E-Rate funding before, you should currently be CIPA compliant. CIPA is not an annual thing; it is a one-time thing.

To be CIPA compliant you must have the following (as per USAC’s website):

  1. A Technology Protection Measure (Filter)
  2. Internet Safety Policy that addresses the following:
    1. Access by minors to inappropriate matter on the Internet and World Wide Web.
    2. The safety and security of minors when using electronic mail, chat rooms, and other forms of direct electronic communication.
    3. Unauthorized access including “hacking” and other unlawful activities by minors online.
    4. Unauthorized disclosure, use, and dissemination of personal information regarding minors.
    5. Measures designed to restrict minors’ access to material harmful to minors.
    6. For applicants, the policy must also include monitoring the online activities of minors. Beginning July 1, 2012, when applicants certify their compliance with CIPA, they will also be certifying that their Internet safety policies have been updated to provide for educating minors about appropriate online behavior, including interacting with other individuals on social networking websites and in chat rooms, cyberbullying awareness, and response.
  3. Public Notice and Hearing or Meeting
    1. The applicant administration should provide reasonable public notice and hold at least one public hearing or meeting to address a proposed technology protection measure and Internet safety policy. For private schools, public notice means notice to their appropriate constituent group. Additional meetings are not necessary – even if the policy is amended – unless required by local or state rules or the policy itself.

For more details on what is required in a CIPA policy, please visit the USAC website: http://www.usac.org/sl/applicants/step05/cipa.aspx

 

Documenting CIPA Compliance

It is important for applicants to have documentation to demonstrate their CIPA compliance. This should include, but is not limited to:

An Internet Safety Policy that addresses the criteria required by FCC rules (described above and available on the USAC website through the link above). This should include a plan for educating minors about appropriate online behavior, including interacting with other individuals on social networking websites, in chat rooms, and cyberbullying awareness and response (required for schools).
A record of the public notice for the hearing/meeting that was held to establish the Internet Safety Policy.
A description of the technology protection/filtering measure being used. This should include purchase or subscription invoices and filtering logs.
For applicants who do not have public board meetings, we would recommend that you let your constituents know about your CIPA policy in whatever way you let them know about other important topics. Again, please make sure you keep documentation of the notice. We also recommend that you keep copies of your CIPA policy in your office, in case anyone wants to see it.

CIPA compliance is not to be taken lightly. If USAC asks an applicant to prove its CIPA compliance and the applicant is unable to do so, USAC will seek to recover its approved/disbursed funds from the applicant.

 

Below are some of the questions that auditors have recently asked regarding CIPA compliance. This comes from an analysis done by E-Rate Central.

  • Who was responsible for creating the Internet Safety Policy? Who was responsible for updating the Internet Safety Policy? When was it created? When was it last revised? How often is it updated?  Was the applicant aware of the elements required to be included in the Internet Safety Policy? How did they ensure that the elements were incorporated in the plans? What reviews were made to ensure their inclusion?
  • What was the format of the meeting (e.g., board meeting, town hall, etc.)? How was the public meeting advertised?  Was a copy of the public meeting notice maintained along with copies of meeting notes to demonstrate the meeting was held?
  • When the filtering was installed, was documentation of the purchase/renewal maintained?  How often is the filtering contract renewed?  Were there any breaks in the service?  How are the logs maintained?  How does the applicant ensure that filtering is working correctly, and that inappropriate sites are being blocked?
  • Schools should also be able to document steps that have been taken to fulfill this requirement concerning the education of minors.

 

If you have any questions, please feel free to contact us or email us at info@erateadvantage.com.

 

«
»