Children's Internet Protection Act Requirements
SLD will be posting detailed guidance in the near future on the requirements
for recipients of service and for Billed Entities under the Children's Internet
Protection Act (CIPA). These requirements will affect recipients of funding
commitments for Funding Year 2001 and later. Because schools will soon be closing
for the summer, SLD is addressing one specific question immediately:
If Funding Year 2001 applicants intend to certify on their Form 486 that
they are undertaking actions in Funding Year 2001 to comply with the requirements
of CIPA by Funding Year 2002, what should they do now?
This posting answers ONLY the above question.
Overview of CIPA
The Children's Internet Protection Act (CIPA) was signed into law on December
21, 2000. Under CIPA, no school or library may receive discounts unless it certifies
that it is enforcing a policy of Internet safety that includes the use of filtering
or blocking technology (see below). This Internet Safety Policy must protect
against access, through computers with Internet access, to visual depictions
that are obscene, child pornography, or (in the case of use by minors) harmful
to minors. The school or library must also certify that it is enforcing the
operation of such filtering or blocking technology during any use of such computers
by minors. The law is effective for Funding Year 2001 (07/01/2001 to 06/30/2002)
and for all future years. Schools and libraries receiving only Telecommunications
Services are excluded from the requirements of CIPA.
For the first Funding Year (Funding Year 2001 for Year 2001 applicants), applicants
must certify on their Form 486 either that they are in compliance with CIPA,
or that they are undertaking actions to put into place an Internet Safety Policy
and to procure the filtering or blocking technology. For the second year (for
most applicants, Funding Year 2002), they must certify on their Form 486 that
they are in compliance with CIPA in order to receive universal service discounts.
However, if state or local procurement rules or regulations or competitive bidding
requirements prevent the making of the required CIPA certifications, applicants
may seek a waiver and provide notification that they will be in compliance before
the start of the third Funding Year (for most applicants, Funding Year 2003.)
In general, local communities are responsible for determining what constitutes
prohibited material and appropriate actions by schools and libraries.
Appropriate certification for "undertaking actions"
Here is the appropriate certification for "undertaking actions" from the FCC
Order released April 5, 2001:
I certify that, as of the date of the start of discounted services, ... pursuant
to the Children's Internet Protection Act, as codified at 47 U.S.C. § 254(h)
and (l), the recipient(s) of service represented in the Funding Request Number(s)
on this Form 486 is (are) undertaking such actions, including any necessary
procurement procedures, to comply with the requirements of CIPA for the next
funding year, but has (have) not completed all requirements of CIPA for this
Note that the certification applies to the start date of discounted services.
This language allows the Billed Entity to certify on or before October 28, 2001,
that this certification applies back to a Service Start Date as early as July
1, 2001, the first day of Funding Year 2001. It also means that recipients of
service must have undertaken action toward compliance with CIPA by the Service
Note that actions undertaken to comply with CIPA must occur on or before the
start of services. For services starting on July 1, 2001, the first day in Funding
Year 4, such an action must have occurred on or before that date in order for
discounts to be paid back to that date. The certification of "undertaking actions"
must be made on a Form 486 by October 28, 2001 for services starting on or before
October 28, 2001.
Compliance with the requirements of CIPA
"Undertaking such actions" refers to actions related to implementation of the
CIPA requirements that should be in place for Year 2002. These requirements
1. Technology Protection Measure
A Technology Protection Measure is a specific technology that blocks or filters
Internet access. It must protect against access by adults and minors to visual
depictions that are obscene, child pornography, or - with respect to use of
computers with Internet access by minors - harmful to minors. It may be disabled
for adults engaged in bona fide research or other lawful purposes. For schools,
the policy must also include monitoring the online activities of minors.
2. Internet Safety Policy
The Internet Safety Policy must address the following issues:
- access by minors to inappropriate matter on the Internet and World Wide
- the safety and security of minors when using electronic mail, chat rooms,
and other forms of direct electronic communications;
- unauthorized access, including so-called "hacking," and other unlawful activities
by minors online;
- unauthorized disclosure, use, and dissemination of personal information
regarding minors; and
- measures designed to restrict minors' access to materials harmful to minors.
3. Public Notice and Hearing
The authority with responsibility for administration of the school or library
must provide reasonable public notice and hold at least one public hearing to
address a proposed Technology Protection Measure and Internet Safety Policy.
Documentation for "undertaking actions"
For a school or library to be able to make the certification quoted above,
it must be able to demonstrate that action was taken by the start of services
for Funding Year 2001. SLD will not request this documentation as part of the
Form 486 filing process, but the school or library must maintain this documentation
in its files for audit purposes.
An undertaken action is an action which can be documented and which moves the
school or library toward compliance. Note that if a school or library has already
provided reasonable public notice and at least one public hearing or meeting
relating to an Internet Safety Policy and Technology Protection Measure that
meets all the requirements listed above, that school or library has complied
with the public notice and hearing requirements of CIPA. If a school or library
has not met those conditions, the statute requires that the school or library
provide the required notice, and hearing or meeting.
Following are a few examples of documentation that could demonstrate that a
school or library is "undertaking actions" to comply with CIPA:
- A published or circulated school or library board agenda with CIPA compliance
cited as a topic.
- A circulated staff meeting agenda with CIPA compliance cited as a topic.
- A Service Provider quote requested and received by a recipient of service
or Billed Entity which contains information on a Technology Protection Measure.
- A draft of an RFP or other procurement procedure to solicit bids for the
purchase or provision of a Technology Protection Measure.
- An agenda or minutes from a meeting open to the public at which an Internet
Safety Policy was discussed.
- An agenda or minutes from a public or nonpublic meeting of a school or
library board at which procurement issues relating to the acquisition of a
Technology Protection Measure were discussed.
- A memo to an administrative authority of a school or library from a staff
member outlining the CIPA issues not addressed by an Acceptable Use Policy
currently in place.
- A memo or report to an administrative authority of a school or library
from a staff member describing research on available Technology Protection
- A memo or report to an administrative authority of a school or library
from a staff member which discusses and analyzes Internet Safety Policies
in effect at other schools and libraries.
This list is not meant to be exhaustive.
Remember that such actions must occur before the start of services in
order for discounts to be paid back to the Service Start Date reported on the
Although such steps constitute examples of actions undertaken in order to be
able to make the necessary certification in Funding Year 2001, schools and libraries
should be prepared to take all subsequent measures, so that by the start of
services in Funding Year 2002, they will be in full compliance (unless they
obtain a waiver). Although applicants may withdraw their requests for discounts
in Funding Year 2002, or at any time, for any reason, applicants that expect
to receive discounts for Funding Year 2002, and subsequently, should ensure
that they are in full compliance by the start of services in that year.
Please watch this web site for additional guidance on CIPA.
Content Last Modified: May 2, 2003