Internet Filtering Laws and Guidance

Children's Internet Protection Act (CIPA)

CIPA was signed into law on December 21, 2000. E-Rate applicants must enforce a policy of Internet safety and certify compliance with the Children's Internet Protection Act (CIPA) to be eligible for E-Rate discounts. To receive support for Category One, Internet access, and all Category Two services – internal connections, managed internal broadband services, and basic maintenance of internal connections, school and library authorities must certify that they are enforcing a policy of Internet safety that includes measures to block or filter Internet access for both minors and adults to certain visual depictions. The relevant authority with responsibility for administration of the eligible school or library (hereinafter known as the Administrative Authority) must certify the status of its compliance for the purpose of CIPA in order to receive universal service support.



In general, school and library authorities must certify either that they have complied with the requirements of CIPA, that they are undertaking actions, including any necessary procurement procedures, to comply with the requirements of CIPA, or that CIPA does not apply to them because they are receiving discounts for telecommunications services only.

Schools and libraries that plan to utilize E-rate discounts on Internet access and/or internal connection services after July 1, 2002 must comply with CIPA. CIPA requires schools and libraries to filter their Internet services and have implemented formal Acceptable Internet Use Policies. The FCC administers CIPA for E-Rate purposes and provides general guidelines to achieve CIPA compliance.

Requirements:

CIPA requirements include the following three items:

1. Internet Safety Policy
   
   Schools and libraries receiving universal service discounts are required to adopt and enforce an Internet safety policy that includes a technology protection measure that protects against access by adults and minors to visual depictions that are obscene, child pornography, or – with respect to use of computers with Internet access by minors – harmful to minors. "Minor" is defined as any individual who is under the age of 17.
   
   
   
   The Internet safety policy must address all of the following issues:  
   
   - Access by minors to inappropriate matter on the Internet and World Wide Web
   
   - The safety and security of minors when using electronic mail, chat rooms, and other forms of direct electronic communications
   
   - Unauthorized access including "hacking" and other unlawful activities by minors online
   
   - Unauthorized disclosure, use, and dissemination of personal information regarding minors
   
   - Measures designed to restrict minors' access to materials harmful to minors
   
   
   
   For schools, the policy must also include monitoring the online activities of minors. Note: As of July 1, 2012, as part of their CIPA certification, schools are also required to certify that their Internet safety policies have been updated to provide for educating minors about appropriate online behavior, including interacting with other individuals on social networking websites and in chat rooms, cyberbullying awareness, and response.
   
    
2. Technology Protection Measure
   
   A technology protection measure is a specific technology that blocks or filters Internet access.
   
   
   
   The school or library must enforce the operation of the technology protection measure during the use of its computers with Internet access, although an administrator, supervisor, or other person authorized by the authority with responsibility for administration of the school or library may disable the technology protection measure during use by an adult to enable access for bona fide research or other lawful purpose. For example, a library that uses Internet filtering software can set up a process for disabling that software upon request of an adult user, through use of a sign-in page where an adult user can affirm that he or she intends to use the computer for bona fide research or other lawful purposes.
   
   
   
   CIPA uses the federal criminal definitions for obscenity and child pornography. The term "harmful to minors" is defined in the statute and in the E-rate rules as "any picture, image, graphic image file, or other visual depiction that – (i) taken as a whole and with respect to minors, appeals to a prurient interest in nudity, sex, or excretion; (ii) depicts, describes, or represents, in a patently offensive way with respect to what is suitable for minors, an actual or simulated sexual act or sexual contact, actual or simulated normal or perverted sexual acts, or a lewd exhibition of the genitals; and (iii) taken as a whole, lacks serious literary, artistic, political, or scientific value as to minors."
   
   
   
   Decisions about what matter is inappropriate for minors must be made by the local community. E-rate program rules specify that the library or other authority for making the determination shall make "[a] determination regarding matter inappropriate for minors."
   
    
3. Public Notice and Hearing or Meeting
   
   The authority with responsibility for administration of the school or library must provide reasonable public notice and hold at least one public hearing or meeting to address a proposed technology protection measure and Internet safety policy. For private schools, public notice means notice to their appropriate constituent group. Additional meetings are not necessary – even if the policy is amended – unless required by local or state rules or the policy itself.

For further information visit: http://usac.org/sl/applicants/step05/cipa.aspx

NEW - Rhode Island Act Relating to Education - Health and Safety of Pupils

Section 1. Title 16 of Rhode Island General Laws entitled “Education” was amended and signed into law on July 12, 2016. The law states that each school district shall adopt a written policy addressing the use of Internet filtering measures for computer access in its schools. The policy shall:

• Include the specific categories of websites that are blocked by the Internet filtering measures in use; the basis for including those categories; and the individuals who are responsible for making those decisions;
• Establish a procedure for teachers to request that a blocked website be unblocked in a timely manner
• Specify the criteria used for overruling a request to allow access to a website that is blocked by the Internet filtering measures, and require that the teacher making the request be provided particular reasons any time a request is denied
• Each school district shall maintain a public record of any request to allow access to a website that is blocked by the Internet filtering measures and the responses provided, and submit an annual report to the school committee on the number of requests granted and denied to unblock a website.
• Each school district shall annually review the requests made in the preceding year in order to determine whether the categories and standards contained in the policy adopted should be revised.
• The Rhode Island Department of Education shall develop model Internet filtering policy for the guidance of school district, state schools, charter schools, and mayoral academies. The model plan shall, to the extent consistent with federal law, promote academic freedom in the classroom, and shall be communicated to all school districts in the state and posted on the department web site.

Text of the approved bill can be found at: http://webserver.rilin.state.ri.us/BillText16/SenateText16/S2172.pdf

Frequently Asked Questions

Q: Why are we concerned with Internet Filtering in the first place?

Safety of the students in our care is paramount whether on school grounds or in an online environment. Website content is easily accessible these days but may be inappropriate for students to visit for obvious reasons. The Children’s Internet Protection Act (CIPA) requires school systems to block certain types of web sites, for example. Conversely, there are many educationally appropriate reasons that students may need to visit sites blocked by Internet filtering systems. The questions then shifts to: When do we unblock certain sites that, at first glance, appear inappropriate, but with further examination are indeed appropriate for the learning process? Who makes that decision? How do we manage that in a timely way?

Q: We have procedures in place that we use already. What should be included in the written Internet Filtering policy?

To meet the requirements of the new RI law, at a minimum, the Internet Filtering policy must include:

• Specific categories of websites that are blocked
• Established procedure for teachers to request that a blocked website be unblocked
• Specific criteria used for overruling a request

To meet federal CIPA requirements, at a minimum, the following is required:

• Internet Filtering Policy which addresses:
  • Access by minors to inappropriate matter on the Internet and World Wide Web
  • The safety and security of minors when using electronic mail, chat rooms, and other forms of direct electronic communications
  • Unauthorized access including "hacking" and other unlawful activities by minors online
  • Unauthorized disclosure, use, and dissemination of personal information regarding minors
  • Measures designed to restrict minors' access to materials harmful to minors
• Technology Protection Measure
• A Public Notice and Hearing or Meeting

For more information about CIPA refer to the above accordion pane.

Q: Why doesn't the use of filtering software take care of any concerns about the sites that are being blocked?

Because of the limits of the technology, filtering software can often block constitutionally protected and educationally appropriate web sites. Under those circumstances, it is important to have mechanisms in place that both limit unnecessary barriers to reaching those sites and allow them to be unblocked in a timely manner when they are blocked.

Q: Does RIDE have a list of recommended categories of websites that should be blocked?

The majority of RI public schools use cyber security tools such as iBoss or Content Keeper to manage Internet filtering to meet Federal requirements. These are either hosted locally or by their Internet Service Provider. The Internet filtering tools list a variety of categories and allow districts to select specific categories and sub categories to block or white-list. School personnel are able to balance the level of content filtering that is most suitable for their situation while at the same time allowing academic free in the classroom. Thought and conversation among the school community yields the best outcomes when making these decisions. 

Q: Can the categories be adjusted for adults?

Yes. Login credentials typically identify the role of the user. The Internet filtering software can be set to filter the same categories for all users; or set to recognize the login credentials and adjust the categories accordingly. 

Q: What type of report needs to be given to the school committee annually?

Many Internet filtering tools allow the administrator to produce a report listing the categories that are blocked. The tool will also capture a digital request for a site to be unblocked as well as the explanation for a denial if that is the case. If the Internet filtering tool does not allow for an automated process, the district administrator will need to list this information out manually.

Q: How do I set up my Internet filtering tool to capture this information automatically?

OSHEAN, the current Internet Service Provider (ISP) for the majority of districts, provides specific guidance for the iBoss tool currently in use. Their solution establishes a procedure for requesting that a blocked site be unblocked through the district ticketing system allowing for reporting annually to the school committee. Specific directions are found here: 

• iBoss Shared Environment Documentation [PDF, 754 KB] 
• iBoss School Owned Appliance Documentation [PDF, 754 KB] 
• iBoss Documentation to gather "Block" and "Allow" categories and lists [PDF, 754 KB] 

Contact your hosting ISP if you are using a different tool for Internet filtering. Contact your network administrator if the Internet filtering tool is hosted locally.

Q: What is the recommended criteria to have in place to overrule a request?

It is recommended that the policy include language explaining an appeals process if there is a dispute. Ultimately, a person of authority in the district can make a decision to overrule a request with a documented response. In the majority of situations, a conversation between the person making the request and the network administrator will bring understanding to the request, allowing for an agreeable outcome. 

Q: What other requirements of the law do schools or districts need to keep in mind?

• Schools / Districts must maintain a public record of any requests to allow access to a blocked website and the responses provided.
• Schools / Districts must submit an annual report to the school committee on the number of requests granted and denied to unblock a website.

Q: Does this written Internet Filtering Policy have to be posted on the school or district website?

The written policy should be readily available along with other written policy. If written policy is housed and available on the website, this too should be included in that policy. If written policy is housed elsewhere, the Internet filtering policy should accompany the school/district policy.

SAMPLE District Internet Filtering Policy

The following sample Internet filtering policy language is intended as a starting place for district technology teams to build their local policy. This language may accompany local Acceptable Use Policy language.

• SAMPLE District Internet Filtering Policy [PDF,517KB]