One of the certifications you make as part of FCC Form 486 is that you meet the requirements of the Children's Internet Protection Act (CIPA) as a condition of receiving E-rate funding for Internet services.
What is CIPA?
CIPA stands for the Children's Internet Protection Act. This is a law that was established in 2000 and helps to protect minors from obscene content and abuse on the Internet, among other things. To receive E-rate funding for Category One Internet access and all Category Two services, you must certify that your institution is in compliance with this law.
CIPA Requirements
So how do you comply with CIPA requirements? There are three actions (four for schools) you must take to comply with CIPA. You must:
1. Create an Internet safety policy
You must have an Internet safety policy that addresses all of the following issues:
Access by minors to inappropriate matter on the Internet,
- The safety and security of minors when using email, chat rooms, and other forms of direct electronic communications,
- Unauthorized access including "hacking" and other unlawful activities by minors online,
- Unauthorized disclosure, use, and dissemination of personal information regarding minors, and
- Measures designed to restrict minors' access to materials harmful to them.
2. Install a technology protection measure (a filter)
You must have a technology protection measure that blocks or filters certain Internet access and content. There are a variety of acceptable filters. You can download software, use hardware, or even use one your service provider may offer.
Regardless of how you obtain the filter, you must have one active on all computers — including staff computers. However, authorized representatives of schools and libraries can turn the filter off upon request for adults wishing to do legitimate research (or other lawful activities). The local community, school, or library determines which websites or material to filter and how (if applicable) the filter can be turned off.
3. A public notice and meeting
You must have one public meeting where you discuss your approach to an Internet Safety Policy.
Before the meeting, you're required to advertise the meeting. This can be through an email, a flyer, a phone call, or any way you deem appropriate for your school or library. The meeting announcement should specifically reference the fact that Internet safety will be covered. "Public" here refers to your constituency, whether that's students and parents for schools or library patrons for libraries. For efficiency, you can combine this meeting with another, such as an open school board meeting.
Q: Do I have to have one public meeting per year?
A: No! The school/library is only required to have the meeting once, ever.
Remember to retain the meeting announcement and an agenda or meeting minutes with your E-rate documents.
4. Education for students (schools only)
Schools (not libraries) have the additional requirement of providing some form of education for their students on Internet safety. The method of education can take any form - classes, outside instructors, or required reading material.
You must include information on cyberbullying awareness and response, social networking, and chat rooms. Any other items covered in this education are up to the discretion of the local community or school.
First Year in E-rate?
If this is your first year participating in the E-rate Program and your institution is not currently CIPA compliant, you have one year to become compliant. On the FCC Form 486, you should indicate that you're working towards compliance.