Just days before implementation of the law that requires schools and libraries receiving eRate discounts to use web filters and adopt internet safety policies, the Federal Communications Commission (FCC) has released its rules for compliance.

The Children’s Internet Protection Act (CIPA), effective April 20, was passed by Congress in December, despite opposition from education and civil rights groups that say it is unconstitutional. The American Library Association (ALA) and American Civil Liberties Union (ACLU) have both filed lawsuits against CIPA.

Nevertheless, the FCC on April 5 released its regulations that explain how CIPA will be upheld and enforced.

Under the rules set out by the FCC, schools and libraries must certify that they have an internet safety policy and are using internet filtering technology to be eligible for eRate discounts.

Schools or libraries that knowingly fail to comply with CIPA are required to reimburse any eRate discounts they received during the time the law was in effect, the FCC said. A school or library found to be noncompliant can become eligible again for the eRate if it becomes certified.

Internet safety policies and filters

The FCC said schools and libraries will have to certify that they have adopted, and are enforcing, an internet safety policy that includes measures to block or filter access to content that is obscene, pornographic, or harmful to minors on internet-connected computers used by minors.

Schools must certify that their internet safety policy requires the online activities of minors to be monitored. The policy also must address:

  • Access by minors to inappropriate content on the internet and world wide web;
  • The safety and security of minors when using electronic mail, chat rooms, and other forms of direct electronic communications;
  • Unauthorized access, including so-called “hacking,” and other unlawful activities by minors online;
  • Unauthorized disclosure, use, and dissemination of personal information regarding minors; and
  • Measures designed to restrict access to materials deemed “harmful to minors.”

Schools must provide reasonable public notice of the policy and must hold at least one public hearing or meeting to address the policy.

Schools and libraries that already have such a policy, have notified stakeholders, and have held at least one hearing or meeting about their internet safety policies are in compliance with CIPA’s public-notice requirements and are not required to repeat them, the FCC said.

An authorized person may disable the blocking or filtering measure during any use by an adult to enable access for bona fide research or other lawful purpose, the agency added.


Because applying for the eRate is already complicated, the FCC said it designed its rules to use existing processes where possible, to avoid creating greater burdens for schools and libraries.

The agency considered using Form 471 for the certification but decided that because not everyone who fills out Form 471 is assured of funding, it was best to complete certification on a modified Form 486.

For the current funding year (Year Four), schools and libraries must certify by Oct. 28 that they either have the required policies and technology in place, or are in the process of putting them in place for the following year. If schools and libraries are not certified by the October deadline using FCC Form 486, they will not be eligible for funding and will have to reimburse any funds they have received in Year Four of the eRate.

The Schools and Libraries Division (SLD) of the Universal Service Administrative Co., the group that administers the eRate, will accept certifications from a single “billed entity” on behalf of its members—whether this entity is a school, school board, library, or consortium. (The “billed entity” terminology derives from the fact that schools and the other institutions are the entities billed by vendors for services that then are discounted under the eRate.)

Each member of a consortium, however, must submit a new form—called Form 479, Certification to Consortium Leader of Compliance with the Children’s Internet Protection Act—to the billed entity of its consortium, which keeps these forms on file. The billed entity certifies on Form 486 that it has received completed Form 479 certifications from all of its members and will make them available upon request.

The FCC added that, because the billed entity in a consortium is required to certify only that it has received a signed and completed certification from each of its members, it is not responsible for verifying the accuracy of these certifications.

Because it’s not fair to the whole consortium if some members fail to comply with CIPA, the FCC decided that only those schools or libraries that fail to comply should return any eRate discounts they received while out of compliance.

eRate discounts themselves cannot be used to pay for filtering technologies; the only federal funding source permitted to pay this expense is funding provided by the Elementary and Secondary Education Act, the FCC said.


As required before issuing its final rules for CIPA compliance, the FCC asked for public comment. Though some respondents said schools and libraries should have to post their internet safety policy, the name of their filtering vendor, or instructions for registering complaints publicly, the FCC decided not to require these measures.

“Because the statute does not require these disclosures, we decline to impose additional burdens on schools and libraries,” the FCC said.

One respondent asked the FCC to certify the effectiveness of a school district’s internet policy and filtering technology, but because the law doesn’t require this, either, the FCC declined.

Others said filters are inconsistent, and block too much or too little.

The FCC responded, “We presume Congress did not intend to penalize recipients that act in good faith and in a reasonable manner to implement available technology protection measures. Moreover, this proceeding is not the forum to determine whether such measures are fully effective.”

Both the ACLU and ALA have filed lawsuits against CIPA, claiming the law is unconstitutional.

The FCC included this response in its report: “In general, administrative agencies are to presume that the statutes that Congress directs them to implement are constitutional. We therefore defer to Congress’s determination that section 254(h) and (l) is constitutional and comply with Congress’s direction to promulgate implementing regulations.”

Reaction from the ALA was immediate. “We were profoundly disappointed by what the FCC did,” said Emily Sheketoff, executive director of the ALA’s Washington office. “They didn’t comment on the constitutionality of it, they just proceeded [in rule-making].”

ALA asked the FCC to not make CIPA retroactive to Year Four, but it did. Sheketoff said many schools and libraries will have to forfeit funding, despite completing the application process for Year Four, which started back in November.

Even though schools have the option to prove they’re in the process of installing filters, Sheketoff said, “This is not just a 15-minute procurement issue. … You’re making an affirmative statement to the government that you’re complying with this law.

“There’s no money for schools and libraries to pay for this or the staffing that it’s going to take to implement it. We have to get over the major burden of putting in these technology filters at all,” Sheketoff added.

“In this country, there’s always been a commitment to local control in schools and libraries. This is really throwing a monkey-wrench in that,” Sheketoff said. “I hope this doesn’t lead to more of a loss of local control.”


CIPA regulations

American Library Association