Score a K-12 AI tool against the Forensic Read™.
A tool for verifying any K-12 AI tool against a structured application of The Language Firm's Forensic Read™ methodology: score it against the rubric, and look up unfamiliar terms. The verdict is yours; the firm provides the infrastructure that supports the human-in-the-loop work. This tool is the most basic and topical application of what the methodology can produce. The full methodology is published at languagefirm.org/the-forensic-read.
Name a tool. Read its primary documents. Answer thirteen inputs across three axes. The verdict calculates from the rubric, with four dealbreakers that auto-trigger Flag. Export a signed PDF for circulation with your cooperating teacher, principal, or school board.
Record the primary documents you read to produce this verdict: terms of service, privacy policy, data processing addendum, and any trust or education-tier page. They appear on the exported PDF as the audit trail behind the read.
At most one input below best-state on every axis. No dealbreakers triggered. Safe to use as intended.
Mixed signals across the three axes, or an axis with more than one input below best-state. Use only after verifying the specific conditions that produced the mixed read.
A dealbreaker is triggered on data, FERPA, or COPPA posture, or any axis has two or more worst-state answers. Do not use until resolved.
The exported PDF includes a signing block so the verdict can be printed, signed, and brought forward for discussion with a cooperating teacher, principal, district administrator, or school board. Add your name and title below; they will appear on the PDF as the printed-name and title lines, leaving only the signature and date to fill in by hand.
Many K-12 vendors publish their signed Data Processing Addenda and state-specific contract exhibits here. This is the highest-yield single resource for the institutional contract documents that vendors do not post on their public marketing sites.
privacy.a4l.org · searchable by vendor name
Definitions for the specialized terms used in the Scorer and the Index. Look up unfamiliar vocabulary before scoring, or while reading a vendor's primary documents. Each entry that maps to a specific rubric input is tagged with its axis and position.
A mechanism that prevents a service from collecting personal information from users under 13 without first obtaining verifiable parental consent. An active age gate intercepts the user before any data is collected. A self-declared age gate accepts whatever date the user enters without verification, treated as effectively no gate under most regulatory interpretations.
One of the three categories the Forensic Read™ rubric uses: data posture, FERPA posture, and children's data posture (COPPA). Each axis contains four binary inputs. The verdict is calculated by summarizing results across all three axes, not by collapsing them into a single score.
A U.S. federal law (15 U.S.C. §§ 6501–6506) that imposes specific requirements on operators of online services directed at children under 13 or that have actual knowledge of collecting personal information from children under 13. The COPPA Rule (16 C.F.R. Part 312) is the FTC's implementing regulation.
The section that defines what counts as verifiable parental consent. Enumerated methods include signed forms returned by mail, credit-card verification, video conferencing, or government-issued ID matching. Mechanisms relying on a checkbox or typed email do not meet the standard.
The party whose name appears on the agreement governing a tool: a district contract, school-level contract, teacher account, or personal student account. Determines which terms apply, which DPA is in force, and which protections the user can rely on.
The principle, central to COPPA and most modern privacy regimes, that a service should collect only the personal information reasonably necessary for the activity the user is engaged in.
The contract exhibit that specifies what personal data may be processed by a vendor on behalf of a customer, under what terms, with what safeguards, and with what limitations on reuse. In K-12 procurement, typically the document operationalizing the vendor's FERPA posture and specific commitments around student data.
An input that, if answered with the worst-state option, automatically triggers a Flag verdict regardless of how the remaining inputs are answered. The Scorer has four dealbreakers: training-use of inputs and input classification (data), school official designation (FERPA), and under-13 age gate (COPPA).
A user's or administrator's ability to trigger the removal of stored content. Self-serve deletion completes through the product interface. By-request deletion requires emailing the vendor. Absence of either is worst-state.
Under FERPA, a category of student information that schools may disclose without prior parental consent — typically name, grade level, dates of attendance, and participation in activities. Distinct from the broader category of education records.
A vendor's practice of maintaining a record of every disclosure of student records to a third party, available to the school for inspection.
A dated change to a vendor's policy, terms, or product language that warrants a fresh read. Documented in the First Watch audit series.
A U.S. federal law (20 U.S.C. § 1232g) governing the privacy of student education records held by educational agencies and institutions receiving federal funding. Grants parents (and students who turn 18) specific rights of access, amendment, and consent.
A FERPA provision (34 C.F.R. § 99.31(a)(1)(i)) that allows a school to disclose education records to a third party without parental consent, provided the third party performs services the school would otherwise perform, is under the school's direct control, and uses the records only for authorized purposes. A vendor that explicitly accepts this designation takes on obligations equivalent to district staff for that data; a vendor that disclaims it does not.
The verdict assigned when a tool either triggers a dealbreaker on any axis, or accumulates two or more worst-state answers on any single axis. Means the tool should not be used until the underlying conditions are resolved.
The Language Firm's proprietary methodology for reading vendor language against a defined rubric to produce a documented governance verdict. Reads policies and terms the way an investigator reads a deposition: for what is said, what is omitted, where responsibility is distributed, and where language shifts between documents to obscure accountability.
Whether the vendor's definition of student or protected data covers the material students and teachers submit to the tool, or carves that material into a separate category, often labeled Customer Content, User Content, or Input, that carries weaker protection or a license grant. The classification is read from the definitions section of the terms, and it is upstream of every other input: retention, deletion, FERPA, and COPPA protections only attach to what the definition counts as protected. A definition that carves inputs out, or that is silent or narrow, is worst-state.
The middle answer on any rubric input, indicating partial compliance, ambiguous language, or conditional support. Mid-state answers do not trigger dealbreakers but count against the best-state threshold required for Proceed: at most one input below best-state per axis.
The specific rights FERPA grants to parents (and to students once they turn 18): the right to inspect and review education records, the right to seek amendment of inaccurate records, and the right to consent to certain disclosures.
The current state of a vendor's commitments, capabilities, and language as it bears on a specific axis. Used three ways: data posture, FERPA posture, and children's data posture. Posture is a snapshot, not a guarantee; the First Watch audits exist because posture drifts.
The verdict assigned when a tool earns best-state on every axis with at most one exception per axis, and no dealbreakers. Signals that the Forensic Read™ finds no posture concerns on data, FERPA, or COPPA.
The route by which a tool entered a district's use: district contract, school-level contract, teacher account, or personal student account. Different paths trigger different governance obligations.
Whether a vendor's policy specifies a concrete retention period for the content users submit. Specific is named in the documents. Vague uses qualifiers like "as long as necessary." Indefinite or unstated is absence of any retention claim.
The structured set of thirteen inputs across three axes, plus four dealbreakers, that the Scorer applies to produce a verdict. Decidable from documents alone, requires no specialized legal training, and produces consistent results between evaluators reading the same documents.
An FTC guidance position under COPPA permitting a school to consent, on behalf of parents, to online collection of personal information from students under 13, provided the collection is for the use and benefit of the school and not for any other commercial purpose. Functions as a workaround to the otherwise required VPC.
A third party that processes data on behalf of the primary vendor in the course of providing the service. Subprocessor disclosure is the public, dated list of all such third parties.
A vendor-published subdomain or page (commonly trust.[vendor].com) that aggregates compliance attestations, certifications, subprocessor lists, DPAs, and security documentation in one location. Highest-yield single resource for a Forensic Read™ on a vendor with mature governance documentation.
A vendor's practice of using user-submitted content to train or improve its AI models. The most consequential input asks whether the default behavior involves training. A yes-by-default answer is a dealbreaker because it places the burden of protection on the user rather than the vendor.
The COPPA standard for obtaining parental permission to collect personal information from a child under 13. To count as verifiable, the mechanism must use a method enumerated in COPPA Rule §312.5.
The output the Scorer produces when the rubric is applied: Proceed, Caution, or Flag. Deterministic — two readers who answer the thirteen inputs the same way arrive at the same verdict. A starting point for governance action, not a substitute for it.
How the Pre-Service Lookup relates to The Language Firm's full methodology. This tab defends the design choices behind the rubric and locates the Scorer's verdicts relative to what a complete Forensic Read™ produces. Read this before citing a verdict, designing institutional reliance on the tool, or comparing it to the firm's full investigative work.
The Pre-Service Lookup turns a reading of a vendor's own documents into a structured, signed verdict. The reader supplies the judgment; the tool supplies the structure and the calculation.
The question the tool answers is narrow and specific: is a given K-12 AI tool in good standing to put students on, judged by what the vendor's own legal documents commit to. Not whether it teaches well, but whether its terms of service, privacy policy, and data agreement handle student data responsibly. That question normally requires legal review and hours of reading. The Lookup makes it answerable by a non-lawyer, in a form that can be defended.
The tool does not read the documents and return an answer. The reader reads the vendor's published documents and answers a fixed set of questions; the tool records those answers, applies the rubric, and computes the verdict. The conclusion belongs to the named human who made it, not to the tool.
Scoring. A read begins with the name of the tool under review. The reader then answers thirteen questions grouped into three areas: how the vendor handles data generally, how it handles student records under FERPA, and how it handles children under 13 under COPPA. Each question offers three answers: an explicit commitment to the favorable practice, a partial or vague commitment, or absence or refusal. The verdict calculates as the answers are entered.
The verdict. It resolves to one of three states. Proceed means strong standing across every area, with at most one soft spot on any one. Caution means mixed signals to resolve before relying on the tool. Flag means the tool should not be used until the underlying condition changes. Four of the thirteen questions are dealbreakers: training-use of student inputs, the classification of student work as protected data, the FERPA school official role, and the under-13 age gate. A worst-state answer on any single dealbreaker triggers Flag on its own, because each one undoes the protections the other answers depend on.
The output. A completed read exports as a signed PDF carrying the verdict, every answer, the documents behind it, and a signature line for a named evaluator. The PDF is built to enter an institutional conversation: a board meeting, a procurement file, a parent conference. Accountability for what happens to students belongs to a person, not to a tool.
The other tabs. The Glossary defines the specialized terms for use while reading a vendor's documents. The Foundation, this tab, sets out why the tool is built as it is and what its verdict does and does not claim.
What it is honest about. The verdict is a screening, not a certification or legal advice. It reads what the vendor publishes in writing, not what the software does in practice. It is dated, because vendor terms drift, so a verdict is true as of the day it was made and is meant to be re-run. And it is silent on pedagogy: a verdict on data, FERPA, and COPPA posture says nothing about whether the tool helps students learn.
The Pre-Service Lookup is the most basic and topical application of what The Forensic Read™ methodology can produce. It is not the methodology itself. It is a structured, scoped output for a single use case: K-12 AI vendor governance triage at the document layer.
The full Forensic Read™ is an investigative methodology drawing on three academic disciplines — discourse analysis, pragmatic and intertextual analysis, and forensic language analysis — applied across four sequential stages: READ (map the document ecosystem), TRACE (track where meaning shifts between documents), SURFACE (identify what is assumed, obscured, or normalized by omission), and BUILD (produce governance infrastructure in the appropriate register for the audience). The methodology is performed by a named human investigator and produces evidence-grade findings, accountability maps, and signed governance protocols that a district can stand behind under federal program review.
The Pre-Service Lookup applies only a fragment of one of those stages. It performs a structured, rubric-bounded version of SURFACE against a single document category (vendor compliance language), graded along three pre-defined regulatory axes, against thirteen fixed inputs. It does not map document ecosystems, does not trace intertextual meaning shifts, and does not build governance infrastructure. It produces a verdict, not a finding; a triage signal, not an audit-grade analysis; a document a person can sign, not a system a district can defend.
The relationship matters: the Scorer democratizes a thin slice of the methodology so that pre-service teachers, parents, boards, and state agencies can perform first-pass triage themselves. Everything beyond first-pass triage — ecosystem mapping, accountability mapping, governance infrastructure, audit-grade findings — remains the work of a named human investigator performing the full Forensic Read™. Read the full methodology at languagefirm.org/the-forensic-read.
The rubric's three axes are the regulatorily anchored dimensions of K-12 AI governance. Each maps to an existing body of law or widely-accepted privacy practice that produces decidable readings from documents alone.
K-12 AI governance is a young domain. The rubric is constructed against the dimensions where law and established practice already provide grounded reading criteria, not against dimensions the rubric would have to invent its own standards for. The three axes map specifically to:
Dimensions the rubric does not currently grade — algorithmic bias, accessibility, pedagogical quality, environmental cost, AI hallucination rate — matter, but are not yet legally bounded in K-12 contexts in ways that produce reproducible readings from documents. When those dimensions become legally or normatively anchored, the rubric will extend. The Scorer is deliberately scoped to what is currently decidable; the full Forensic Read™ methodology engages dimensions the rubric cannot, through investigative work that does not reduce to a fixed input set.
Each dealbreaker is a single document-level fact that, on its own, makes the tool unsuitable for K-12 use regardless of how strong the rest of the posture is. Partial credit is not defensible on these four.
The dealbreakers are the inputs where the rubric treats partial compliance as no compliance:
The set is bounded, not arbitrary. Other rubric inputs — retention specificity, parental rights, deletion right, and so on — are aggregable: a tool with weak posture on one input can compensate with strong posture on others, and the verdict reflects the aggregate. A dealbreaker earns its place only when the failure cannot be aggregated away and is not already covered by another dealbreaker. Input classification clears that bar on both counts. It is non-aggregable, because a definition that excludes inputs cannot be offset by strong retention or deletion language applied to a category the inputs no longer belong to. And it duplicates none of the other three: it is upstream of training-use, which governs what happens to inputs the definition still protects, and it is distinct from the FERPA and COPPA gates, which govern role and collection rather than the scope of the protected category.
The threshold is calibrated to be meaningfully selective without being unattainable. The rubric produces verdict distributions that track real differentiation in the current K-12 AI landscape.
The rule is a single per-axis tolerance: an axis clears the Proceed bar when no more than one of its inputs falls below best-state. On the four-input FERPA and COPPA axes that is three of four. On the five-input data axis, which carries the added input-classification check, it is four of five. The same tolerance applies to every axis; only the input count differs. The rule was chosen because:
Expressing the threshold as one tolerance applied uniformly, rather than as a fixed count, is what lets the rubric add an input to one axis without asserting that the axis now matters more or less than the others. The per-axis tolerance is symmetric; the prioritization question stays with the reader who applies the rubric, which is the appropriate locus for that judgment.
Privacy and compliance documents typically speak in three registers: explicit commitment, qualified or vague commitment, or absence of commitment. A three-option input maps onto how the documents actually read.
The alternative structures considered:
The three-option structure (best-state / mid-state / worst-state) matches the actual phenomenology of reading vendor documents. The evaluator's question on each input is: does the document explicitly commit to the favorable posture, does it partially or conditionally commit, or does it fail to address or disclaim? That question has three honest answers.
The verdict is a documents-based read at a specific date, produced by a structured rubric, signed by a named human. It is not a pedagogical recommendation, a security audit, or a guarantee. It does not replace governance.
The rubric is explicit about its scope:
Within those limits, the verdict claims one thing: that any reader applying the rubric to the same documents on the same date arrives at the same result. That is the reproducibility claim, and it is what makes the methodology citable.
Accountability for what happens to students in a building belongs to a person, never to a tool. The verdict the Scorer produces is not the Forensic Read™. It is a structured output a named human signs and stands behind.
The full Forensic Read™ methodology is built on one conviction: accountability for what happens to students in a building belongs to a person, never to a tool, and the person responsible deserves to be equipped with the analysis, the systems, and the current intelligence to stand behind every decision they are asked to explain.
The Pre-Service Lookup honors that conviction in its design. The verdict is computed deterministically from the inputs, but the inputs are selected by a named human reading the source documents. The PDF that exports the verdict has a signing block precisely because the verdict without the signature is just math. The signature is what makes the document carry weight in an institutional conversation: a school board meeting, a procurement file, a parent conference, a state agency review.
The Forensic Read™ cannot be automated. A computer can never be held accountable. The Pre-Service Lookup is not an attempt to automate the methodology; it is an attempt to extend the most basic and topical application of the methodology to people who could not otherwise apply it. The signing line is the formal expression of that extension. A signed verdict, dated and named, with the source documents listed and the rubric applied: that is the document the firm publishes infrastructure to produce.
To cite a verdict produced by The Pre-Service Lookup, name the tool, the date of the read, the rubric version, and the signing evaluator. Example: "Khanmigo, Pre-Service Lookup verdict: Proceed (verdict date: May 28, 2026; rubric: three-axis, thirteen-input, four-dealbreaker; signed by Maria Rivera, Pre-service teacher, USF School of Education)." The rubric is published openly at thelanguagefirm.org. The full Forensic Read™ methodology, of which this rubric is one applied instrument, is documented at languagefirm.org/the-forensic-read.