A Post about Internet Filtering; The CIPA Post

A Post about Internet Filtering; The CIPA Post

I am fielding more requests than usual about filtering, E-Rate, CIPA, and OpenDNS, so it must be high-time for all of this to be addressed. I must start by saying I am in no way an authority on any of this, but I am the person who has been managing our “filter” for several years.  I would suggest you educate yourself about The Children’s Internet Protection Act (CIPA); ALA has some resources for you here: ala.org/advocacy/advleg/federallegislation/cipa.

Libraries receiving ERATE or LSTA funds are mandated to have a:

“technology protection measure” that “protects against access” to Internet materials that are obscene, child pornography, and, during use by minors under 17 years-old, “harmful to minors.” [ala.org: CIPA FAQ]

The ALA site also notes:

A library will be deemed CIPA-compliant as long as it makes a “good faith” effort to block these categories of online materials. [ala.org: CIPA FAQ]

For many years NEKLS has used a filter hosted by OpenDNS as our “technology protection measure”. We usually set the library’s router to use the DNS Servers hosted by OpenDNS, rather than the DNS servers hosted by the Internet Service Provider. When we use the DNS servers operated by OpenDNS we can apply a policy to the library’s internet connection that allows or disallows certain sites from being displayed. As a rule of thumb we are blocking pornography, and proxy sites that could allow the skirting of the filter.

Just as you should be periodically running speed tests on your network you should also be testing your filter from time to time, I include this as part of the “good faith effort” mentioned by ALA.  You can test to see if the DNS settings are configured correctly by going to opendns.com/welcome. Also you can check the policy by navigating to a website that should be filtered. If you find that the configuration or policy is not operating correctly on any machine in the library, then you can message tech staff and we will look into what is going wrong.

OpenDNS manages the pornography black list, that is to say, they decide if a site is considered pornography. Sometimes sites are being blocked that really shouldn’t be, or there may be a site that you feel should be on the list that isn’t. In those cases we can manually add a site to either a white list (available on the network) or black list (blocked). You should know that we can’t do anything to block Google Image search; the way that site works we would have to block the entire Google domain, and that’s just not an option.  One more note, when we are talking about pornography and CIPA, we are referring to graphical pornography.

Did you know that patrons seventeen or older can request that the filter be disabled for their session? According to the ALA site, under CIPA, libraries are allowed to disable the filter for adults “for bona fide research or other lawful purposes.” Furthermore:

Under the federal government’s interpretation of the disabling provision “a patron would not ‘have to explain . . . why he was asking a site to be unblocked or the filtering to be disabled..the adult patron need only ask a librarian to unblock the specific Web site or, alternatively, ask the librarian, ‘Please disable the entire filter’.

In the past, NEKLS distributed USB flash drives that contained a script, or automated computer command, that could be used to bypass our OpenDNS filtering. The script, when run, tells that sole computer to use Google’s DNS servers, which allows that computer to have unfiltered internet access. At the end of the session the computer would be rebooted, and because the computer is likely running DeepFreeze it will go back to using OpenDNS’s filtering servers. If you would like access to the unfiltering script let us know and we can send you a link so you can add it to your library’s staff flash drive.

Let the tech department know if you have questions about the filtering process. If you have policy questions I would direct you to one of our Library Consultants.