Skip Navigation

Federal Communications Commission

English Display Options

Commission Document

Protecting Children in the 21st Century Act Amendment

Download Options

Released: April 19, 2012
Federal Communications Commission
Washington, D.C. 20554
‘ April 19, 2012

DA 12-619

Small Entity Compliance Guide

Schools and Libraries Universal Service Support Mechanism; Implementation of

the Protecting Children in the 21st Century Act Amendment to Section 254(h) of
the Communications Act of 1934
Report and Order
FCC 11-125
CC Docket No. 02-6
GN Docket No. 09-51
Released: August 11, 2011

This Guide is prepared in accordance with the requirements of Section 212 of the
Small Business Regulatory Enforcement Fairness Act of 1996. It is intended to help
small entities—small businesses, small organizations (non-profits), and small
governmental jurisdictions—comply with the new rules adopted in the above-
referenced FCC rulemaking docket(s). This Guide is not intended to replace the
rules and, therefore, final authority rests solely with the rules. Although we have
attempted to cover all parts of the rules that might be especially important to small
entities, the coverage may not be exhaustive. This Guide may, perhaps, not apply
in a particular situation based upon the circumstances, and the FCC retains the
discretion to adopt approaches on a case-by-case basis that may differ from this
Guide, where appropriate. Any decisions regarding a particular small entity will
be based on the statute and regulations.

In any civil or administrative action against a small entity for a violation of rules,
the content of the Small Entity Compliance Guide may be considered as evidence of
the reasonableness or appropriateness of proposed fines, penalties or damages.
Interested parties are free to file comments regarding this Guide and the
appropriateness of its application to a particular situation; the FCC will consider
whether the recommendations or interpretations in the Guide are appropriate in
that situation. The FCC may decide to revise this Guide without public notice to
reflect changes in the FCC’s approach to implementing a rule, or to clarify or
update the text of the Guide. Direct your comments and recommendations, or calls
for further assistance, to the FCC’s Consumer Center:

1-888-CALL-FCC (1-888-225-5322)

TTY: 1-888-TELL-FCC (1-888-835-5322)

Fax: 1-866-418-0232

fccinfo@fcc.gov

Background and Objectives of the Proceeding

Under the schools and libraries universal service support mechanism (also known as the E-rate program),
eligible schools, libraries, and consortia that include eligible schools and libraries may apply for discounted
eligible telecommunications, Internet access, and internal connections services. Currently, the Universal
Service Administrative Company (USAC) is the administrator of the E-rate program and processes the
applications for discounted services. School and library applicants that seek to receive discounts on Internet
access or internal connections have been required to certify their compliance with the Children’s Internet
Protection Act (CIPA) since 2001. Congress adopted CIPA in 2001 as part of the Consolidated
Appropriations Act, 2001. Pub. L. No. 106-554. CIPA amended section 254(h) of the Communications Act
of 1934, as amended, 47 U.S.C. §§ 151 et seq.
CIPA requires schools and libraries that seek E-rate discounts for Internet access and internal connections to
certify that they have in place certain Internet safety policies and technology protection measures. As
required by CIPA, section 54.520(c) of the Commission’s rules requires that school and library Internet
safety policies must include a technology protection measure that protects against Internet access by both
adults and minors to visual depictions that are (1) obscene; (2) child pornography; or, with respect to use of
the computers by minors, (3) harmful to minors. In addition, section 54.520(c)(1)(i) requires a school to
certify that its Internet safety policy includes “monitoring the online activities of minors.” Applicants make
their CIPA certifications on the Receipt of Service Confirmation Form (FCC Form 486), or the Certification
by Administrative Authority to Billed Entity of Compliance with the Children’s Internet Protection Act (FCC
Form 479).
In the Report and Order in this proceeding, the Commission added the statutory language from the Protecting
Children in the 21st Century Act, a statutory amendment to CIPA, regarding the education of students about
appropriate online behavior, to the existing Commission rules implementing CIPA. (Protecting Children in
the 21st Century Act, Pub. L. No. 110-385, Title II, 122 Stat. 4096 (2008)). Specifically, the Protecting
Children in the 21st Century Act directs E-rate applicants to certify that their CIPA-required Internet safety
policies provide for the education of students regarding appropriate online behavior, including interacting
with other individuals on social networking websites and in chat rooms, and regarding cyberbullying
awareness and response. This requirement is applicable to schools only. The Commission implemented this
statutory language verbatim at 47 C.F.R. section 54.520(c)(1)(i). The last sentence of that rule now states
that “[b]eginning July 1, 2012, schools’ Internet safety policies must provide for educating minors about
appropriate online behavior, including interacting with other individuals on social networking websites and
in chat rooms and cyberbullying awareness and response.” The Commission also took the opportunity to
make minor non-substantive revisions to Commission rules to conform to existing statutory language from
the CIPA statute where necessary and two corrections to the Commission’s Schools and Libraries Sixth
Report and Order
(FCC 10-175).

Rules That the Commission Amended

The Commission amended section 54.520(c)(1)(i), and made minor amendments to the Commission’s rules
with regard to CIPA, to conform with statutory language as follows:
-The Commission revised section 54.520(c)(1)(i) to include the new certification requirement added
by the Protecting Children in the 21st Century Act. This provision requires a certification that a school’s
Internet safety policy provide for the education of minors about appropriate online behavior, including
interacting with other individuals on social networking websites and in chat rooms and cyberbullying
awareness and response. It declined to define or interpret the terms provided in the new statutory language,
such as “social networking” or “cyberbullying.”
-The Commission revised section 54.500(k) to make it consistent with the statute that a secondary
school is “a nonprofit institutional day or residential school, including a public secondary charter school, that
provides secondary education, as determined under State law, except that the term does not include any
education beyond grade 12.” It also revised sections 54.501(a)(1), 54.503(c)(2)(i), and 54.504(a)(1)(i) to
refer consistently and identically to section 54.500 definitions of elementary and secondary schools.

-The Commission revised section 54.520(a)(1) to add “school board” to the definition of entities that
are subject to CIPA certifications. Although section 254(h) of the Act includes the term “school board” as an
entity to which the CIPA certifications may apply, the existing rules do not include this term.
-The Commission revised section 54.520(a)(4) to add the existing statutory definitions of the terms
“minor,” “obscene,” “child pornography,” “harmful to minors,” “sexual act,” “sexual contact,” and
“technology protection measure,” consistent with the statute.
-The Commission revised sections 54.520(c)(1)(i) and 54.520(c)(2)(i) – consistent with sections 254
(h)(5)(B)(ii), (h)(5)(C)(ii), (h)(6)(B)(ii), and (h)(6)(C)(ii) of the Act – to state that a school or library must
enforce the operation of technology protection measures while the school or library computers with Internet
access are being used.
-The Commission revised sections 54.520(c)(1)(i) and 54.520(c)(2)(i) to reflect language in sections
254(h)(5)(D) and (h)(6)(D) of the Act that permits an administrator, supervisor, or other person authorized by
the certifying authority to disable an entity’s technology protection measure to allow for bona fide research
or “other lawful purpose by an adult.”
-The Commission added section 54.520(c)(4) to require local determination of what matter is
inappropriate for minors. Although this is mandated by the statute, it had not been codified.
-The Commission added a rule provision requiring each Internet safety policy that is adopted
pursuant to section 254(l) of the Act to be made available to the Commission upon request. Although this
requirement is mandated by the statute, it had not been codified.
- The Commission revised sections 54.520(c)(1)(iii)(B), (c)(2)(iii)(B), and (c)(3)(i)(B) to clarify that,
in the first year of an entity’s participation in the E-rate program only, the entity’s Administrative Authority
may certify on the FCC Form 486 or 479 that it will complete all CIPA requirements by the following
funding year and still receive funding for the current funding year.
-The Commission also added a rule provision at 54.520(h) requiring a local public notice and a
hearing or meeting to address any Internet safety policies newly adopted pursuant to CIPA. Although this is
mandated by the statute and was discussed in the CIPA Order, it had not been codified. The requirement
only applies to an entity that has no previous Internet safety policy or did not provide public notice and a
hearing or meeting when it adopted its Internet safety policy. Unless required by local or state rules, an
additional public notice and a hearing or meeting is not necessary for amendments to Internet safety policies,
including the changes to schools’ Internet safety policies required by the Protecting Children in the 21st
Century Act.

Other Clarifications and Findings

The Commission made several additional clarifications or findings pertaining to CIPA:
- As required by CIPA, section 54.520(c) of the Commission’s rules requires that school and library
Internet safety policies must include a technology protection measure that blocks visual depictions that are
(1) obscene; (2) child pornography; or, with respect to use of the computers by minors, (3) harmful to
minors
. The statute provides that “[a] determination of what matter is inappropriate for minors is one that
should be made by the school, school board, local educational agency, library, or other authority responsible
for making the determination.” 47 U.S.C. § 254(l). In the Report and Order, the Commission clarified that
although individual Facebook or MySpace pages could potentially contain material harmful to minors, it did
not find that these websites are per se “harmful to minors” or fall into one of the categories that schools and
libraries must block.
The Commission also determined that the maintenance of the Internet safety policy should be in
accordance with the existing audit and recordkeeping requirements of rule section 54.516(a) and existing

certification number 10 on the FCC Form 486, which require schools and libraries to retain documents for at
least five years after the last day of service delivered in a particular funding year.
-The Commission determined that USAC should give applicants the opportunity to correct minor
errors that could result in violations of the Commission’s CIPA rules before instituting recovery of E-rate
funds, but such errors must be immaterial to statutory CIPA certification compliance.
The Commission took the opportunity to make minor corrections to the Schools and Libraries Sixth Report
and Order
(FCC 10-175).
-In the discussion of dark fiber in the Sixth Report and Order, the seventh sentence in paragraph 9
read: “We emphasize that selecting a telecommunications carrier as a service provider does not absolve
schools and libraries of their obligation to adhere to the Children's Internet Protection Act (CIPA)
requirements when they use that service to obtain Internet service or access to the Internet.” The
Commission revised the last part of that sentence to read: “. . . when they use USF funding to obtain
discounted Internet access service.”
- The Commission also corrected 54.507(g)(1)(i) of the final rules to the Schools and Libraries Sixth
Report and Order to change “Schools and Libraries Corporation” to “Administrator” and to reflect that voice
mail, although eligible for E-rate discounts, does not need to be listed as an individual eligible service in our
rules. The revised rule states: “(i) The Administrator shall first calculate the demand for services listed under
the telecommunications services, telecommunications, and Internet access categories on the eligible services
list for all discount levels, as determined by the schools and libraries discount matrix in § 54.505(c). These
services shall receive first priority for the available funding.”

Impact on Small Business

Although the Commission encouraged schools to update their Internet safety policies as soon as
practicable, it made this requirement effective beginning July 1, 2012, giving schools adequate time to
amend their Internet safety policies and to implement procedures to comply with the new requirements.
Many schools already participate in the E-rate program and have existing Internet safety policies. Unless
required by local or state rules, schools are not required to issue an additional public notice and hold a
hearing in order to update these policies. Also, the Commission determined that if a school’s existing
Internet safety policy contains language sufficient to encompass the new requirements of the Protecting
Children in the 21st Century Act, then no amendment to the policy would be required.
With regard to development of a program to provide for the education of students regarding
appropriate online behavior including interacting with other individuals on social networking websites and in
chat rooms, and regarding cyberbullying awareness and response, the Commission declined to detail specific
procedures or curriculum for schools to use. It decided that these are determinations that are better made by
the local schools implementing this policy.
The other rule revisions included in the Report and Order should have little impact on small
businesses because those schools and libraries receiving E-rate funds for the provision of Internet access and
internal connections are already required to comply with CIPA. Even though some of the provisions of the
CIPA statute were not codified previously, current E-rate beneficiaries have already implemented and have
been operating under these requirements. Currently, schools and libraries file the FCC Form 486 or FCC
Form 479 to certify their compliance with the requirements regarding Internet safety policies and technology
protection measures. Because schools and libraries will continue to use the same forms to certify their
compliance with these requirements, there will be no additional forms to file or other reporting requirements.

Steps a School Must Take for Implementation

The certification required by the Protecting Children in the 21st Century Act requires a school to adopt an
Internet safety policy or amend an existing Internet safety policy that, among the other requirements for

CIPA, provides for educating minors about appropriate online behavior. This certification, which includes
the appropriate online behavior for interacting with other individuals on social networking websites and in
chat rooms and cyberbullying awareness and response, is required only of schools beginning July 1, 2012.
When schools certify their compliance with CIPA, by filing FCC Forms 486 or 479, they will also be
providing a certification that their Internet safety policies provide for the education of minors about
appropriate online behavior. In order to make this certification, they will have needed to update their Internet
safety policies with the plan they are using to provide education about appropriate online behavior.

Weblink and Citations

A copy of the Report and Order is available at http://fjallfoss.fcc.gov/edocs_public/attachmatch/FCC-11-
125A1.pdf
, FCC 11-125, 26 FCC Rcd 11819 (2011).
The required forms to demonstrate CIPA compliance are available at:
http://www.usac.org/_res/documents/sl/pdf/486.pdf (FCC Form 486)
http://www.usac.org/_res/documents/sl/pdf/486i.pdf (FCC Form 486 -Instructions)
http://www.usac.org/_res/documents/sl/pdf/479.pdf (FCC Form 479)
http://www.usac.org/_res/documents/sl/pdf/479i.pdf (FCC Form 479 - Instructions)

Note: We are currently transitioning our documents into web compatible formats for easier reading. We have done our best to supply this content to you in a presentable form, but there may be some formatting issues while we improve the technology. The original version of the document is available as a PDF, Word Document, or as plain text.

close
FCC

You are leaving the FCC website

You are about to leave the FCC website and visit a third-party, non-governmental website that the FCC does not maintain or control. The FCC does not endorse any product or service, and is not responsible for, nor can it guarantee the validity or timeliness of the content on the page you are about to visit. Additionally, the privacy policies of this third-party page may differ from those of the FCC.