Policy | Feature

The New CIPA Deadline

July 1 is approaching; that's the day when your E-rate-funded school better have a plan in place for teaching students about online safety and cyberbullying.

• By Dian Schaffhauser
• 05/16/12

Starting in just a little over six weeks, the Child Internet Protection Act (CIPA) has a new regulation that schools receiving E-rate funds must adhere to or risk losing their discounts. That's the addition of a requirement that all students from grades K through 12 be educated on online behavior and safety and cyberbullying.

What's unique about this is that the bulk of the effort falls on the academic side of the school, not the IT side. And that's causing a professional development challenge. Districts need to find ways to teach teachers--who may already feel maxed out--about online safety.

The New Rules
Previously, CIPA required schools and districts to show they were compliant by having a written Internet safety policy, content filtering of obscene materials on machines accessed by minors, and some kind of forum to allow the public to weigh in about the organization's approach to the CIPA Internet rules.

The additions, which go into effect on July 1, 2012, are part of a broader law, the Broadband Data Improvement Act, put in place in 2008. Now the safety policy needs to cover something else, which can be condensed down to a single sentence included in the Federal Communications Commission's order: "This Internet safety policy must also include monitoring the online activities of minors and must provide for educating minors about appropriate online behavior, including interacting with other individuals on social networking websites and in chat rooms and cyberbullying awareness and response."

Brian Stephens, senior technology and regulatory analyst for Funds For Learning, an E-rate consultancy, points out that the start date for the new regulations coincides with the start of the new E-rate funding year. E-rate is the name of the FCC's program to help school districts and libraries gain access to voice, video, and data communications technologies and related services at a discount. For the most part, those services involve the Internet--with the purchase of services, switches, routers, cabling, or related network infrastructure gear. When they do, they must comply with CIPA rules, including certifying that compliance once a year on FCC Form 486.

But the newest rule poses "a different type of compliance," Stephens said. "With Web filtering, you're looking at some type of hardware or software purchase that an applicant is going to have to make. That falls more into the IT administration [arena] so to speak. Then you have this new requirement that's more on the curriculum side or education side of the operation of a school district." In other words, not only must the policy reference the teaching of online safety and cyberbullying, but that teaching also has to be performed. Ironically, he noted, in neither case can E-rate funds be applied to the expense of providing either Web filtering or online safety lessons.

Finding Content
As Stephens noted, the FCC rules are intentionally vague in specifying how to satisfy the new requirements. The documentation leaves the decisions about how best to educate students on appropriate online behavior and cyberbullying to the schools themselves. The order mandates neither topics, a particular type of education, nor even an amount of time the lessons should last.

If there's anything tricky about the new stipulations, it's not coming from the FCC, he said. What could be complicated is putting them in place by the July deadlines. "For some of these applicants, updating an Internet safety policy is not terribly difficult. For others, just because of how heavily regulated they are, the size of the district, or different policies they have in place, it may require committee approval, then school board approval, then public hearings. There are all sorts of thing that can get tied to that."

Then there's the curriculum itself. What should it consist of? For those with the resources to develop their own lessons, the FCC's site OnGuardOnline.gov provides a page specifically for educators with links to tools, slide presentations, videos, articles, and games to teach online safety.

A number of companies have developed prepackaged curriculum, both free or fee based. Two popular sources--among many others--are i-SAFE and Common Sense Media, both non-profit organizations.

i-SAFE sells "age-appropriate" curriculum to schools in every state. The material includes an interactive program to be followed by the student, as well as lessons with activity pages and class discussion topics. The high school curriculum is a video webcast hosted by teens in video and DVD formats. Pricing is modest; for example, a 45-minute DVD-based video on cyber bullying, appropriate for school assemblies from grades 5 through 12, is $28.50.

Teachers are expected to become "i-SAFE certified," by attending a professional development program or taking it online or in a self-paced mode. Then the school needs to submit an implementation plan to the company to gain access to program materials online. These aren't simply administrative hurdles; they also provide a way to gauge student understanding of the topics by providing pre-, post-, and delayed assessments. A new feature of the service allows a school or district to track teachers' curriculum usage in class, an important consideration should the school be audited for adherence to the new rule.

The i-SAFE curriculum package is in use at Freeport School District in Illinois specifically for grades 7-12. A best practice technology coach will be working with principals and teachers in all of the district's schools to figure out how the lessons should be taught. The stakes are high. As the superintendent noted in a recent memo to the district, "Failure to implement this requirement could result in our losing federal aid amounting to over $2 million and communication service discounts amounting to more than $300,000."

A Common Sense Approach
In Maine, which runs the only statewide 1-to-1 computer program in the United States, the Department of Education has encouraged districts to use Common Sense Media's materials. An "Integration Mentor" from the Maine Learning Technology Initiative works with teachers around the state face to face and via webinar to do professional development using the Common Sense resources.

Common Sense Media distributes its curriculum free to schools with the help of sponsorships from organizations such as the National School Boards Association Technology Leadership Network, the National Cyber Security Alliance, and other supporters.

The lessons are provided online and are segmented by grade level. Each includes student materials and specific directions for teachers. For example, a lesson intended for grades K-1 helps children learn that computers--like other objects--are property and should be respected. It includes a coloring sheet for students and specific activities for the teacher to do in the classroom, such as going around the room pointing at specific items and having the students identify them and their owners. One of the lessons on cyberbullying for grades 9-12 provides a scenario problem worksheet for students in which one person seeks revenge on another person by setting up a fake social networking page. Once the teacher guides the students through answering the questions from the scenario, he or she is encouraged to have students share their own stories.

Keeping Records
Beyond delivery of the lessons and what that encompasses, the school or district has to follow a process for document retention to be able to prove--should the school be questioned by an E-rate administrator--that the lessons were given to every student. "It's not enough to follow the rules. You really need to retain documentation to prove you followed the rules. That's a very important aspect as well," Stephens said.

Otherwise, Stephens said he finds the latest updates "fairly straightforward." "Provided that the school has taken reasonable steps to address these new requirements and that they've retained the documentation necessary to prove they've done that, then they should be in good shape."