Since it was put in place in 2000 by the FCC, schools in the U.S. have had to maintain CIPA compliance. With the proliferation of the internet, CIPA became a necessary precaution to keep children safe online while at school. Over the years, the FCC has made updates to CIPA as the internet has changed a lot in the last 20 years.
CIPA stands for “Children’s Internet Protection Act.” The main goal of the act is to block “children’s access to obscene or harmful content over the Internet.” This protection act "must block or filter Internet access to pictures that are: (a) obscene; (b) child pornography; or (c) harmful to minors (for computers that are accessed by minors)".
A lot of students did not have internet access at home. To access the internet, students had to rely on their schools’ library computers.
In the late ‘90s, the world wide web started to become a major resource for students. Wikipedia was founded in 2001, and persuasive essays were never the same again. Computer classes became mandatory, homework required students to access certain websites, and by 2005 blogging was massively popular. Some students even had email!
Every student had a different reason to be online at school, and it wasn’t always to study. There was a danger of students accessing inappropriate content from violent and disturbing content to pornographic material.
And while data breaches wouldn’t start to become prevalent until 2004, there was a very real danger that students would inadvertently download a computer virus. While this is not a main component of CIPA compliance, it is worth noting.
Internet access at schools today
While a large majority of students certainly have internet access at home, compared to the low number in 2000, students still need to access the internet during school hours.
Students are doing homework during study halls and spending more time in classes where the traditional desk is replaced by a computer work station.
In fact, there are plenty of schools that now send children home with a school-issued laptop. Schools are also responsible for those devices. As in, they’re responsible for what those students access on those computers.
If anything, schools are even more accountable for students’ online behavior than ever before.
Why is CIPA compliance important?
CIPA doesn’t only apply to schools. It also applies to public libraries where children without an internet connection at home are likely to do their homework. CIPA compliance is mandatory for schools and libraries that wish to receive E-rate funding.
The E-rate funding program is a way for schools and libraries to receive affordable broadband or other discounts for internet access and internal connections.
CIPA requirements
Now that you understand the importance of CIPA compliance, what does it really consist of?
Schools and libraries are required to:
Implement internet safety policies (also known as Acceptable Use Policy or AUP)
Monitor the online activities of minors
Provide education for minors about appropriate online behavior (this includes behavior on social networks, chat rooms, as well as cyberbullying awareness and response)
Their internet safety policies must keep minors:
From accessing inappropriate content and materials harmful to them
Safe and secure while using email, chat rooms, or other direct online communications
From “hacking” or engaging in other unlawful activities
From disclosing personal information about themselves or their peers
To gain compliance, schools will need to deploy the right type of security software as well as keep up with regular education sessions about appropriate online behavior.
How DNSFilter supports CIPA compliance
At a glance, CIPA requirements focus on mitigating harm to students as well as harm done by students. This includes blocking access to:
The easiest and most affordable way to prevent students from accessing this type of content is implementing a DNS security solution. DNSFilter can help schools and libraries block all of these sites and more, keeping students safe and secure online.
Interested in learning more about how DNSFilter protects schools from cybersecurity threats? Read our case study.
Earlier this month I joined Mikey Pruitt, our Global Partner Evangelist, on the DNSFilter podcast dnsUNFILTERED to discuss my 2025 cybersecurity predictions. We had a lot of fun and covered all of the points I’ll outline here, but I wanted to go deeper. My 30 years of cybersecurity experience have given me a strong sense of where we’re heading as an industry—the shift to the cloud in many ways is a precursor in the adoption of AI and the future...
Most businesses only think about DNS security after an attack has already occurred. By then, the damage is done - downtime, lost revenue, compromised data, and a tarnished reputation. In an environment where cyber threats are constantly evolving, a reactive approach to DNS security simply isn’t enough.
Customer experience is the secret sauce that sets successful Managed Service Providers (MSPs) apart from the rest. In a market teeming with competition, you need to offer more than the best technology or the lowest prices. It's about how clients feel when they interact with your services. A stellar customer experience can transform a one-time client into a loyal advocate, while a poor one can send them running to your competitors. According to a ...
Explore More Content
Ready to brush up on something new? We've got even more for you to discover.
2025 Cybersecurity Predictions: It’s Not Just AI, Here’s How Cybersecurity Will be Transformed in 2025
From Reactive to Proactive: How to Create a DNS Security Strategy that Stops Attacks
How MSPs Can Enhance Customer Experience with Technology
