Children's Internet Protection Act (CIPA)

What Is CIPA?

CIPA, the Children's Internet Protection Act, is a federal law that requires you to filter your library computers and have an Internet Safety Policy in place.

CIPA kicks in when your library accepts certain federal funds through the E-Rate discount program or through an LSTA grant award.  It applies only to public libraries and K-12 schools.

CIPA Requirements in a Nutshell


You must have an Internet filtering solution that covers every library computer, including staff computers. The filter does not need to cover patron owned laptops, tablets, or phones utilizing your library Wi-Fi.

  1. CIPA filtering must addresses visual depictions that are obscene, child pornography, --or, for minors, “harmful to minors”. The requirement does not speak to other commonly filtered content, such as hate speech or pornographic literature; it’s all about pictures and video. Social media sites and chat rooms are fine, though there are some additional training requirements for schools.

  2. Filtering cannot be turned off for minors (younger than 17).

  3. Filtering can -and should- be turned off for any adult upon demand.

Internet Safety Policy

You must adopt and enforce an internet safety policy that includes the use of the filtering solution.  The policy must be adopted at a public meeting with reasonable prior notice. This could be as simple as a regularly scheduled Trustees meeting, as long as public comment is allowed.

Keep a record of the meeting announcement as well as minutes showing discussion and actions taken.

For E-Rate, more specific requirements come from the Neighborhood Children’s Protection Act (NCIPA). Your internet safety policy would most likely cover most NCIPA requirements in any case. Use it as a checklist to make sure you have everything covered.

Remember, CIPA and NCIPA tell you that you must address areas in your internet safety policy, not how to address them.

Think locally. CIPA and later FCC guidance almost always show deference to local community standards.

Is it OK to Filter?

MBLC's Position

The Board of Library Commissioners considers filtering to be a local policy matter, made by your library trustees or governing authority.   The Board has taken no position for or against filtering per se.

Agency staff can help provide information about CIPA and its filtering requirements. However, we do not have detailed knowledge of specific filtering solutions.

ALA's Position

ALA reaffirmed in 2015 in its Internet Filtering: Interpretation of the Library Bill of Rights that it cannot recommend filtering.

However, ALA does leave room for your library to make a local determination:

…ALA recognizes that local libraries and schools are governed by local decision makers and local considerations and often must rely on federal or state funding for computers and internet access. Because adults and, to a lesser degree minors, have First Amendment rights, libraries and schools that choose to use content filters should implement policies and procedures that mitigate the negative effects of filtering to the greatest extent possible. The process should encourage and allow users to ask for filtered websites and content to be unblocked, with minimal delay and due respect for user privacy.

Do Massachusetts Libraries Filter?

MBLC asks public libraries about their Internet filtering practices as part of the State Aid to Public Libraries survey. From the FY18 Electronic Services Report (Excel):

  • 22 (6%) libraries filter the whole library
  • 48 (13%) filter in the children’s area only
  • 296 (80%) do not filter

E-Rate Certification

The Schools and Libraries Division (SLD) of USAC manages the E-Rate application process from start to finish. You apply to USAC, you receive discounts from USAC, and you certify CIPA compliance to USAC.

The actual certification comes toward the end of the application process, on Form 486.

You do have a one year grace period, called “undertaking actions” to come into compliance.


Your MBLC consultant is your friend. If your LSTA grant application starts to look like it might trigger a CIPA compliance question, a consultant will probably give you a call to discuss. This is rare since:

  1. MBLC does not allow grant funds to be used for Internet access
  2. MBLC generally does not approve grant funds for library computers or tablets.  However, there may be a grant where the purchase of computers is justifiable.


As part of every contract, recipients of every LSTA grant certify (MS Word) that they either comply with CIPA, or that CIPA does not apply.