Letter Report on the Brooklyn Public Library’s Controls over Internet Access

This audit determined if the Brooklyn Public Library’s controls are sufficient to prevent unauthorized access to inappropriate sites as required by the Children’s Internet Protection Act (CIPA).

Brooklyn Public Library (BPL) serves the borough’s 2.5 million residents, offering thousands of public programs, millions of books, and the use of more than 1,100 free internet-accessible computers.

BPL has equipped the Central Library at Grand Army Plaza, the Business Library, and each neighborhood library with internet-enabled computers. These computers provide customers with access to a vast array of electronic resources that supplement the library’s print collection and are also available for educational, informational, and recreational purposes. The Children’s Internet Protection Act requires that schools and libraries in the United States use and implement measures to protect children from harmful online content as a condition for the receipt of federal funding under the Universal Service Discount Program and the Library Services and Technology Act. CIPA was signed into law on December 21, 2000, and was found constitutional on June 23, 2003.

The use of internet filters or content-control software varies widely in public libraries in the United States because internet use policies are established by the local board. Many libraries adopted internet filters after Congress conditioned the receipt of universal service discounts on the use of internet filters through CIPA. Other libraries do not install content-control software, believing that acceptable use policies and educational efforts address the issue of children accessing age-inappropriate content while preserving adult users’ rights to freely access information. Some libraries use internet filters on computers used by children only. Some libraries that employ content-control software allow the software to be deactivated on a case-by-case basis on application to a librarian; libraries that are subject to CIPA are required to have a policy that allows adults to request that the filter be disabled without having to explain the reason for their request.

Results

It is our opinion that the BPL’s policies are sufficient to prevent unauthorized access to inappropriate sites as required by CIPA. The Trustwave Web Filter software package used by BPL has the ability to detect inappropriate websites and prevent unauthorized access. The Trustwave Web Filter package is updated nightly to reflect new websites that should be controlled. In addition, we found that the individual libraries we tested complied with BPL policy. However, our test of eight websites that should be blocked based on BPL’s policies found that several were initially accessible despite the use of Trustwave. When these websites were identified, however, the library staff immediately contacted the service desk and the exposure was eliminated.

In their response, BPL officials agreed with the report’s conclusions.