A Reference Document · The Language Firm

The Research Glossary

A working vocabulary for K-12 AI governance and the Forensic Read™.

Version 2.4

How to Read This Glossary

Terms are grouped by where they live in the firm's operating system, not alphabetized. The groupings are: (1) the firm and its mission, (2) the Forensic Read™ methodology, (3) the Drift Audit and Tool Spotlight Card classification system, (4) governance vocabulary: operational language for K-12 AI tool oversight, (5) forensic linguistic instruments the Read applies, (6) regulatory, contractual, and vendor terms the firm uses against vendor documentation, and (8) the Pre-Service Lookup vocabulary: the specific terms used in the firm's open, free-to-use verification tool.

The voice is the same voice the audits use: declarative, dated where applicable, document-naming where relevant. Italics mark terms-of-art as they would appear in body prose of a published audit. Terms specific to the Pre-Service Lookup carry a small Pre-Service Lookup tag inline with the term name.

I
The firm and its mission

The Language Firm

A compliance, language access, and edtech review practice serving K-12 schools and districts. The firm conducts forensic language analysis on vendor agreements, privacy policies, terms of service, DPA exhibits, and federal compliance language, and produces governance infrastructure from those findings. The firm holds no commercial relationship with any vendor it assesses.

Linguists in the loop

The firm's staffing principle. Every finding the firm publishes carries a named human investigator's signature and date. A person reads, aligns, signs, and stands behind the governance.

The language determines the liability

The operating conviction behind every Forensic Read™. Vendor marketing copy, contract terms, compliance attestations, and incident disclosures are read the way an investigator reads a deposition: for what is said, what is omitted, where responsibility is distributed across documents, and where language shifts between documents to obscure accountability.

Intelligence Layer

The firm's overarching publication framework. The First Watch (drift audits), the Weekly Incident Bulletin, the Vendor Language Briefing, and the Federal Findings Digest are all Intelligence Layer products.

II
The Forensic Read™ methodology

The Forensic Read™

The proprietary investigative methodology of The Language Firm. Reads policy language and public posture as two separate evidentiary streams, then classifies the relationship between them. Draws on three established academic disciplines: discourse analysis, pragmatic and intertextual analysis, and forensic language analysis. The methodology moves through four stages in order: Reading, Trace, Surface, Build, each with a specific discipline and a specific output.

Stage 1 · READING

Discipline: discourse analysis. Output: document ecosystem inventory. Maps every document that governs a technology decision: the federal regulation, the district policy, the master service agreement, the data privacy agreement, the privacy policy, the sub-processor list, the incident disclosure, the marketing copy. Establishes how language distributes responsibility across that ecosystem.

Stage 2 · TRACE

Discipline: pragmatic and intertextual analysis. Output: accountability map. Tracks where meaning shifts between documents. Each shift is a transfer of obligation; the TRACE stage makes the transfers visible.

Stage 3 · SURFACE

Discipline: forensic language analysis and the principle of normalization by omission. Output: evidence-grade findings. Identifies what the documents assume, obscure, or fail to address. The No Drift / Watch / Flag labels are the SURFACE-stage output.

Stage 4 · BUILD

Discipline: register and genre construction. Output: governance infrastructure. Produces the documentation a district can stand behind, in the form of signed, dated, filed governance protocols that hold up under audit or program review. The First Watch audits are themselves BUILD outputs, applied recurrently.

Normalization by omission

A principle of forensic language analysis. The proposition that what a governing document fails to say is often more consequential than what it says. Load-bearing omissions create accountability the district carries without realizing it.

Document ecosystem

The full set of texts that govern a single tool's institutional deployment: vendor privacy policy, terms of service, DPA or SDPC-registry agreement, help-center articles, subprocessor list, product announcements that bear on data handling, and any district-side acceptable use policy.

Accountability map

The TRACE-stage artifact that documents where obligations move between texts in a document ecosystem. Each shift in definition or scope between documents is a transfer of obligation; the accountability map records the transfers.

Evidence-grade finding

A SURFACE-stage finding documented against named primary sources so that the evidence behind the label is reproducible. The standard the firm holds itself to: a finding that would hold up under a federal program review.

Register and genre construction

The BUILD-stage discipline. Produces governance infrastructure in the register and genre appropriate to the audience and the regulatory context.

III
The Drift Audit and Tool Spotlight Card system

Drift

The phenomenon the firm's audit work exists to detect: the movement of a vendor's governing documents, enforcement behavior, or product surface away from the state a district authorized. Drift is read against a governance baseline; without a dated baseline there is nothing to read change against. A single dated change to a vendor's policy, terms, or product language is a drift signal; the recurring practice of checking each governance signal against current primary sources as of a defined audit date is the Drift Audit. The firm distinguishes three vectors by where the movement occurs: policy-layer drift, enforcement-layer drift, and product-surface drift.

Tool Spotlight Card

The firm's internal per-tool governance assessment. Cards are not published; they are the firm's working instrument, used to produce the public-facing audits, briefings, and findings that derive from them. Each card scores a tool across six governance policy signals, four operational fit categories, and 20 scored questions. Cards carry a decision label (Teacher-OK, Conditional, or Do Not Deploy) and a numerical score out of 20 corresponding to one of three recommendation bands. Cards are versioned and named in published audits by their version and date.

Drift Audit

A recurring practice in which each governance signal documented in a Tool Spotlight Card is checked against current primary sources as of a defined audit date. The audit does not re-score the tool; it compares current signal status against the most recent card version and produces a drift category for each tool.

Filing rotation

The defined period a drift audit covers. As of audit 002, the rotation is a four-week monthly cadence.

Decision label

The Tool Spotlight Card's top-line recommendation. One of three: Teacher-OK (approved for teacher-facing use); Conditional (approved subject to specific conditions met by the district); Do Not Deploy (not approved for K-12 institutional use).

The three drift categories (SURFACE-stage output)

No Drift

All governance signals reviewed against current primary sources are confirmed accurate. The card requires no update. Deep-green pill.

Watch

New context exists that practitioners should be aware of, but it does not change the card's decision label, policy signal badges, or core governance assessment. Amber pill.

Flag

A material change has occurred that affects the accuracy of information documented in the card. The card requires an update before continued practitioner use. The decision label may or may not change as a result. Oxblood pill.

Pre-Service Lookup usage. The same label is used in the Pre-Service Lookup's three-state verdict system, with a related but narrower technical definition: a verdict of Flag is produced when any of the rubric's three dealbreakers is triggered, or when any axis accumulates two or more worst-state answers. In both uses, the label carries the same operational meaning, a problem the reader needs to act on, and signals that continued use of the tool requires resolution. Two instruments of the methodology, one consistent vocabulary.

The three forensic patterns (TRACE-stage output)

Policy-posture convergence

The vendor's governing policy documents and its public posture describe the same product to the same standard. Dark-navy pill.

Policy-posture divergence

The vendor's governing policy documents and its public identity are telling different stories. The product's surface-level presentation has not changed, but the data practices underneath have shifted materially. Orange pill.

Asymmetric movement

Policy language and public posture did not move in the same direction or at the same layer. Deep-purple pill.

Repeated divergence (longitudinal subtype)

A vendor's second consecutive divergence finding, in the same direction, constitutes a vendor trajectory rather than a one-time event.

The three vectors of drift (Policy Brief §01)

Policy-layer drift

Changes in the governing privacy policy, terms of service, data processing addendum, or subprocessor disclosure. These are the artifacts that legal counsel reviews during initial procurement; once authorized, they are rarely re-read.

Enforcement-layer drift

Changes in how an existing policy is operationalized. The policy itself does not change; the vendor begins to enforce, verify, or detect against the policy in ways that produce new institutional consequences.

Product-surface drift

Expansion of the product's capability scope under existing contractual coverage. The DPA still applies, the no-training commitment still applies, the certifications still apply, but the product a district authorized now includes capabilities that did not exist at the time of authorization.

IV
Governance vocabulary · Operational language for K-12 in a shifting accountability climate

The terms below appear throughout the firm's audits, briefs, and engagements. They name the conditions edtech vendors, SIS platforms, and AI tool providers are already using in their DPAs, terms of service, and product documentation. The functional purpose is simple: when the people in the building can name the term, the conversation moves from "should we use this tool?" to "does this vendor's documentation meet our obligations?"

AI Tool

A software product, marketed as using artificial intelligence, that an institution authorizes and deploys in an instructional or operational setting, read by the firm at the level of the specific product and tier the institution authorized, not at the level of the vendor that supplies it.

AI Governance

The continuing institutional practice of confirming that the conditions under which an AI tool was authorized still hold, with responsibility for those conditions assigned to a named reader rather than to the tool.

Third-party vendor

A vendor other than the one a district has contracted with directly, but whose involvement is consequential to the district's deployment of the contracted product. The category is broader than subprocessor (the contracting vendor's legal designation, under the DPA, of a third party that processes data on its behalf) and broader than upstream vendor (which describes a dependency direction, toward foundation models and infrastructure).

Upstream vendor risk

The institutional exposure that arises from dependencies the contracting vendor itself depends on: model providers, infrastructure providers, sub-processors. A district's DPA may name the vendor signing the agreement; the upstream stack carries risk the DPA may or may not reach.

Foundation model dependency

The condition of an edtech or AI product whose core function relies on a third-party foundation model (e.g., OpenAI's GPT-5.5, Anthropic's Claude Opus 4.8, Google's Gemini 3.1 Pro). The dependency runs to the model, not to the consumer product built on it: ChatGPT and the Claude app are products, the models beneath them are the dependency. The dependency is a governance fact whether or not the vendor discloses it.

Definition drift

The phenomenon in which a term defined one way in federal regulation is redefined more narrowly in a vendor's DPA, redefined again in the privacy policy, and dropped entirely from the incident disclosure or marketing copy.

Gap

A problem inside the documents: something missing, contradictory, or vague in the language itself, such as a term left undefined, a definition that narrows between documents, or a "reasonable" standard with no anchor. Gaps live in language.

Seam

A place where no specific role at the district owns the work of checking access and agreement documentation. When a vendor updates a privacy policy, nobody at the district is positioned to notice, because the job was never assigned. Seams live in org charts.

Tool sprawl

The accumulation of edtech and AI products in active use across a district faster than any single role can authorize, inventory, or govern them. Tools enter through uncoordinated pathways: a district contract, a school-level purchase, a teacher signup, a free tier adopted in a hurry, a pilot that quietly became permanent. The proliferation itself is not the failure; the failure is that most of the accumulated tools carry no authorization record anyone can now produce. Tool sprawl is the product-side counterpart to identity sprawl, which is the account-side: the two compound together, because each tool admitted outside the authorized user process stands up new identity stores outside the agreements the district negotiated, and each is itself the scaled product of an open seam. The Tool Intake Register exists to convert sprawl back into an inventory a named reader can govern. A tool no one can justify is a tool no one is governing.

Identity sprawl

The accumulation of disconnected student and staff accounts across many vendor products, each holding identity data the district never inventoried and no single role governs. In identity-management practice the term stops at the IT layer: too many credentials, no central directory. In governance it reaches the authorization question, because each account is consent granted on a student's behalf. Sprawl is what an open seam produces at scale: where no authorized user is named, every individual signup stands up a new identity store outside the agreements the district negotiated, and the count compounds with each tool, each teacher, each roster sync. The harm is not only exposure but unanswerability: when a sub-processor is breached, a district cannot say whether its data is involved in accounts it never knew existed. The Subprocessor and Dependency Register exists to convert sprawl back into an inventory a named reader can act on. Sprawl lives between adoption and authorization.

Named reader

The specific person assigned to read and comprehend a tool's governing documents, the user policy, terms, and data processing agreement, before the institution signs off on the tool, and who is accountable for what that signature authorizes. A signature is meant to certify that a thorough reading took place; the named reader is the person that reading is assigned to.

Authorized User

The role a district designates, in writing, to evaluate, approve, procure, or activate a tool that will collect, receive, or process Student Data. The term exists to close a seam: where no one is named, every employee is an authorized user by default, and a tool can enter the building through an individual signup the district never sees. A functioning definition states that no other employee may create an account, accept terms of service, or enable a tool for student use, regardless of cost, including free and individually registered accounts. Use by someone who is not an authorized user is the parallel contractor relationship at its origin: it places Student Data outside the agreements the district negotiated, where its protections do not attach.

Supply chain visibility

The institutional capacity to see what an AI product is actually built on: which foundation model, which sub-processors, which upstream services.

Software Bill of Materials (SBOM)

An inventory of the software components a product is composed of. In the K-12 AI context, the absence of an SBOM, or its functional equivalent for model dependencies, is a documented governance gap.

Capability scope at time of authorization

The set of product features a district approved when it first authorized a tool, captured in dated form. A capability-scope record is the institutional artifact against which product-surface drift can be measured.

Governance baseline

A dated, single-page record per authorized tool, capturing the specific tier authorized, the data practices in effect at authorization (no-training commitment, FERPA/COPPA alignment, subprocessor list), the capability scope authorized, the contractual basis (DPA, SDPC listing), and the date of last verification.

Verification cadence

The frequency at which a governance baseline is re-checked against current primary sources.

Material Update

A change a vendor makes to its terms of service, privacy policy, data processing agreement, or product behavior that alters how Student Data is collected, used, disclosed, retained, secured, or defined. The term names the trigger a district policy uses to require a fresh read: a material update returns the tool to the named reader for review against the district's own definitions before its use continues. It is the district-policy counterpart to a drift signal (§VIII): the drift signal is what the firm's audit work observes; the material update is what a district's own policy obligates someone to act on. The exposure it addresses is the unilateral-update clause, under which a vendor reserves the right to change terms with or without notice and continued use is deemed acceptance. A district cannot edit that clause out of a vendor's contract from inside its own policy; what the definition secures is a guaranteed re-read and a recorded exposure in place of a silent redefinition.

Trigger

A change from the previously agreed-upon state that obligates a defined action under district policy. The agreed-upon state is the dated record a district writes per tool: the function delegated to the vendor, the terms accepted, the data permitted, the control required, captured as a governance baseline. A trigger is any departure from that record: a vendor that widens what it collects has changed the data, a vendor that reserves the right to train on district inputs has changed the terms, a vendor that adds a downstream processor has changed the control. Each is read against the baseline; without a dated baseline there is nothing to measure the change against, and the change passes unregistered. Trigger events are characteristically quiet, vendor-initiated, and leading rather than lagging: they arrive in a revised policy, a new exhibit, or a settings default that flipped between releases, detectable upstream of any confirmed incident. An operative trigger carries a named owner, a cadence, and dated documentation; a trigger no one is assigned to watch is a line in a policy, not a control. The Material Update is the firm's most precisely defined trigger; the drift signal is what the firm's audit work produces when it observes one from the outside.

Procurement-event vs. standing-obligation

The distinction between treating AI tool authorization as a one-time procurement step and treating it as a continuing institutional obligation.

V
Forensic linguistic instruments · The reading techniques the Read applies

These are the concrete linguistic analyses the Forensic Read™ uses at the TRACE and SURFACE stages to convert vendor documents into evidence. Each instrument names a specific construction or omission a district can be trained to recognize on its own. Sharp's Reading Record demonstrated each of these against the OpenAI Teacher Access Terms, Service Terms, and Student DPA in An Unread Deputy & A Signed Contract (May 14, 2026); the definitions below carry that worked example as their reference case.

Agentless passive construction

A sentence built so that an action is described but the actor performing it is removed. Information is removed. Identifiers are stripped. Provisions may be waived. In ordinary prose this is a stylistic choice; in a regulated document, the deleted actor is almost always where accountability would normally live.

Modal verb analysis

The practice of tagging every modal verb in a contract (shall, must, will, may, can, should) and sorting modals by who they bind. Shall is the strongest obligation; may is the weakest. The instrument surfaces where the real obligations sit and where the real discretions are reserved.

Indefinite phrasing

The practice of using words that sound like standards but are not defined anywhere in the document: reasonable, proper, appropriate, as applicable. These words pass the eye as if they carry weight but have no anchor.

Cross-document precedence reading

The technique of reading a vendor's multi-document contract package against itself to determine which document controls when documents conflict.

Normalization by omission (applied)

The SURFACE-stage principle of normalization by omission, applied at the level of specific contract architecture: an omission across documents, such as a missing order-of-precedence clause, can be more consequential than any omission within a single document.

VI
Regulatory, contractual, and vendor terms

These terms appear throughout the firm's published work in their conventional usage; the firm reads vendor documents against the federal language listed here. Government terms carry working citation links to authoritative public sources.

FERPA

Family Educational Rights and Privacy Act, 20 U.S.C. § 1232g (1974, as amended); implementing regulations at 34 CFR Part 99. The federal statute governing the privacy of student education records, administered by the U.S. Department of Education's Student Privacy Policy Office.

Contractor exception (34 CFR § 99.31(a)(1)(i)(B))

The provision under FERPA that lets a school share education records with a contractor without parental consent. The decisive condition is direct control: the school must maintain direct control over the contractor with respect to how the contractor uses and maintains education records. Signing a Student DPA designates the vendor as a School Official and is the act of deputizing; the contractor exception is sustained only when the deputizing is paired with the working conditions of direct control.

Direct control

The working condition the FERPA contractor exception requires. Three components in combination: knowledge of what the contractor is doing, authority to direct what the contractor does, and enforcement when the contractor does not follow direction. Take any one of the three away and direct control fails.

Deputizing

The shorthand the firm uses for the act of designating a vendor as a School Official under the FERPA contractor exception. The firm distinguishes between deputizing (the contract event) and direct control (the ongoing working condition); a deputizing without direct control is a documented governance failure regardless of what the DPA's text appears to cover.

School Official

A FERPA-defined role a contractor may occupy under the contractor exception. The role is conferred by district designation (typically through the DPA) and is sustained only while direct control is maintained.

Order-of-precedence clause

A contract-drafting mechanism, recognized in federal law (FAR 52.215-8; FAR 52.212-4) and treated consistently in commercial-contract practice, that establishes which document controls when documents in a single contract package conflict. Names, before any dispute arises, which document is in ultimate control.

Parallel contractor relationship

The condition that arises when a vendor accepts content from district-affiliated individuals through a pathway the district has no mechanism to see. Direct control over a relationship the district does not know exists is unavailable as a matter of fact, regardless of contract text.

COPPA

Children's Online Privacy Protection Act, 15 U.S.C. §§ 6501–6506 (enacted 1998); implementing regulations at 16 CFR Part 312 (the COPPA Rule), most recently amended effective June 23, 2025 (compliance date April 22, 2026), administered by the Federal Trade Commission. The federal statute governing online services directed to children under 13.

PPRA

Protection of Pupil Rights Amendment, 20 U.S.C. § 1232h; implementing regulations at 34 CFR Part 98. Enforced alongside FERPA by the U.S. Department of Education; governs parental rights over surveys, the collection of personal information for marketing, and certain physical examinations in federally funded programs.

DPA · Data Processing Addendum / Data Privacy Agreement

The contractual instrument that governs how a vendor handles data on behalf of a district. The DPA governs how the vendor handles submitted data, not what staff submit; the district's AUP is the primary governance mechanism for the latter.

SDPC

Student Data Privacy Consortium. Maintains a resource registry of vendor DPAs (sdpc.a4l.org). The absence of an SDPC listing is a documented condition on certain Conditional decision labels.

Access 4 Learning (A4L) Community

Access 4 Learning (A4L) Community. The nonprofit membership organization that maintains the data-interoperability and data-privacy standards used across K-12. The Student Data Privacy Consortium (SDPC) is its special interest group, and the National Data Privacy Agreement is authored within that consortium and published and copyrighted under the A4L Community. The authoritative versions of the NDPA and its state supplements are held by A4L and are not to be altered in substance by individual parties; districts and vendors that change the terms do so by amendment, not by editing the standard text.

NDPA · National Data Privacy Agreement

National Data Privacy Agreement. The standardized student-data privacy contract authored by the Student Data Privacy Consortium and published by the Access 4 Learning (A4L) Community, first released in 2020 and currently maintained at version 2.1. The NDPA is the closest thing K-12 has to a common DPA template, adopted voluntarily through state alliances rather than mandated by law. It is built from Standard Clauses plus lettered exhibits: Exhibit A (products and services), Exhibit B (the Schedule of Student Data), Exhibit C (definitions), Exhibit E (the General Offer of Privacy Terms, by which other districts adopt the same terms), Exhibit G (state supplements), and Exhibit H (vendor or district amendments). Its Priority of Agreements clause functions as an order-of-precedence clause: for the treatment of Student Data, the NDPA controls over the service agreement, terms of service, and privacy policies. The firm reads the signed copy on file, never the clean template. The live questions are which version governs, which state supplement applies, and whether the vendor signed the standard text or a vendor-modified version that edited the definitions or the carve-outs. The presence of an NDPA is a starting condition, not a finding.

Exhibit C (NDPA)

Exhibit C. The definitions exhibit of the National Data Privacy Agreement. Every capitalized term in the agreement takes its meaning from Exhibit C, and with respect to the treatment of Student Data, Exhibit C definitions control over any conflicting term used in the service agreement or any other writing. Exhibit C is therefore the document the firm reads first in any NDPA package: it is where the agreement's protective scope is set, and where a vendor-modified version does its quietest damage, by narrowing a single defined term. Exhibit C defines, among others, Student Data, Educational Records, De-Identified Data, Metadata, Student Generated Content, School Official, Subprocessor, Targeted Advertising, and Change of Control.

Schedule of Student Data (Exhibit B)

Schedule of Student Data. Exhibit B of the National Data Privacy Agreement: the provider-completed checklist declaring which categories of student data a product collects, each marked required or optional. The Schedule enumerates the categories the NDPA contemplates: Application Technology Metadata; Application Use Statistics; Assessment (including standardized test scores, observation data, and voice recordings); Attendance; Communication; Conduct; Demographics; Enrollment; Parent/Guardian Contact Information; Parent/Guardian ID; Parent/Guardian Name; Schedule; Special Indicator (English language learner status, low-income status, medical alerts and health data, disability information, IEP or 504 services, and living situations such as homeless or foster care); Student Contact Information; Student Identifiers; Student Name; Student In App Performance; Student Program Membership; Student Survey Responses; Student Work (student generated content); Transcript; Transportation; and an Other field. Because the Schedule is a provider self-report, the forensic risk it carries is under-marking: a product that collects a category but leaves the box unchecked. The Schedule states what the provider declares; the Read tests that declaration against the product's actual behavior and its other documents.

Student Data (vendor DPA usage)

Student Data, as commonly defined in vendor DPAs. The defined contract term most vendor agreements use in place of FERPA's statutory language. The NDPA model is broad: it covers data gathered, created, or inferred by the provider, or provided by the district, students, or parents, that is descriptive of the student; it expressly includes personally identifiable information as defined at 34 CFR § 99.3; and it is deemed to constitute Education Records for the agreement's purposes. Common vendor-modified and vendor-authored definitions narrow that scope in recurring ways: by limiting the term to information the student or district provides, which excludes what the vendor derives or infers; by relabeling behavioral and telemetry data as the vendor's own usage data or service data; and by carving out de-identified and aggregate data, which the vendor then claims broad rights to use and retain after termination. The result is a defined term that sits below the statutory floor while appearing to expand protection, an instance of definition drift. The firm's standing test is whether the vendor's definition is coextensive with, broader than, or narrower than the § 99.3 definition of personally identifiable information, and what each carve-out removes.

De-Identified Data

The category a vendor claims has been stripped of identifiers so that a student can no longer be identified, and the category vendors most often carve out of Student Data to claim broad rights of use and retention after termination. FERPA sets the operative standard at 34 CFR § 99.31(b): data is de-identified only after all personally identifiable information is removed and the agency has made a reasonable determination that a student's identity is not personally identifiable, taking into account other information reasonably available. The NDPA's Exhibit C defines the term for agreements built on that template. The firm reads the carve-out, not the label: data remains Student Data where re-identification is reasonably possible, or where the vendor retains the ability or the contractual right to re-identify it. A vendor's use of de-identified, anonymized, or aggregate does not establish the status on its own. The label is the vendor's. The determination is the named reader's.

Subprocessor

A third party a vendor engages to process data on behalf of the district. Subprocessor disclosure is one of the six governance policy signals scored on the Tool Spotlight Card.

No-training commitment

A vendor's contractual or policy-level commitment that data submitted through its products will not be used to train its models. A no-training commitment in marketing copy is not the same as a no-training commitment in the DPA.

BYOK · Customer-managed encryption

The enterprise data-security feature in which the customer holds the encryption keys for its data at rest rather than the vendor: the vendor stores the data but cannot decrypt it without the customer-held key. This is a control the district gains, and it governs data at rest, not the path student input travels to inference. It is the meaning BYOK carries in enterprise storage and infrastructure contexts. Distinct from model-key passthrough, which shares the acronym but names a different object in the data path.

BYOK · Model-key passthrough

The arrangement in which a district or teacher supplies its own foundation-model API key (OpenAI, Anthropic, Google) to a third-party tool, which then routes student input through that key to the model provider. It is commonly presented as a privacy upgrade, on the claim that the tool never stores the data because the data goes directly to a provider the customer authorized. Read forensically, it is a liability transfer. The foundation model provider stops being the tool's subprocessor named under the DPA and becomes the district's direct counterparty under generic commercial API terms: terms that are not FERPA-aware, carry no school official designation, make no COPPA representations about under-13 users, and place compliance on the customer. The tool's no-storage claim can be accurate while the student-data exposure migrates to a party the district holds no education-specific agreement with. The key the district brings is an API credential governing inference, not the encryption key of customer-managed encryption. Where a tool uses passthrough, the model provider is a governed party: the governance baseline must record it, and the provider's API terms must themselves receive a named reader.

SSO / SCIM

Single Sign-On / System for Cross-domain Identity Management. Standard enterprise authentication and provisioning protocols.

AUP · Acceptable Use Policy

The district-side governance instrument that constrains how authorized tools may be used by staff and students.

LEA

Local Educational Agency. A school district, in federal terms. Statutory definition at 20 U.S.C. § 7801 (Elementary and Secondary Education Act, as amended by ESSA).

ESA / BOCES

Educational Service Agency / Board of Cooperative Educational Services. Regional intermediaries authorized by state statute to develop, manage, and provide services to LEAs (statutory definition at 20 U.S.C. § 7801).

E-Rate

Schools and Libraries Universal Service Support Program. The federal program providing discounts to eligible K-12 schools and libraries for broadband and telecommunications service. Established under section 254 of the Communications Act of 1934, 47 U.S.C. § 254; implementing rules at 47 CFR Part 54, Subpart F (§§ 54.500–54.523); administered by the Universal Service Administrative Company (USAC) under FCC oversight. Funding eligibility carries program conditions, including the Children's Internet Protection Act (CIPA) certification at 47 CFR § 54.520.

VII
A note on terms used together

Three of the most consequential pairings in the firm's vocabulary deserve explicit clarification because they answer different questions and are independent dimensions.

  • Drift category (No Drift / Watch / Flag) answers did this tool change since we last looked? It is the SURFACE-stage output of an individual tool review.
  • Forensic pattern (Convergence / Asymmetric / Divergence) answers what kind of change? It is the TRACE-stage output that describes how policy and posture moved.

A Watch finding can be Convergent (Claude Enterprise, audit 001, stable governance with one announced-but-unconfirmed item) or Asymmetric (Claude Free, positive posture move under static structural policy). A Flag finding is almost always Divergent. The layered structure is what allows the framework to express what a binary compliant / non-compliant judgment cannot.

The same care applies to the three vectors of drift (policy-layer, enforcement-layer, product-surface), which describe where in the vendor's stack a movement is happening, and to the forensic patterns, which describe the shape the movement takes across the policy and posture streams. The Policy Brief argues that most existing AI governance frameworks are calibrated to detect policy-layer change but not enforcement-layer activations or product-surface expansion, and that the asymmetric pattern grew from 43% of tools in audit 001 to 63% in audit 002.

A third pairing belongs alongside these two, because it answers a different question again. Gap and seam name two places a problem can live. A gap is a problem inside the documents, something missing, contradictory, or vague in the language. A seam is a place where no specific role at the district owns the work of checking access and agreement documentation. The two are independent: a district can have either, both, or neither. The dangerous case is both: a real gap in the documents, and nobody at the district positioned to find it. The Forensic Read™ is the instrument for finding gaps; a single named owner running a quarterly verification cadence is the instrument for closing seams. Gap asks what is wrong with the paperwork? Seam asks whose job was it to check?

A fourth pairing exists between the firm's broader vocabulary and the Pre-Service Lookup's narrower vocabulary. The word Flag appears in both: as a SURFACE-stage Drift Audit category (§III) and as a Pre-Service Lookup verdict (§VIII). Both uses share an operational meaning (a problem the reader needs to act on) and signal that continued use of the tool requires resolution; the underlying technical criteria differ because the two instruments operate at different scales. Similarly, posture is used in the firm's audits to describe a vendor's full public stance and in the Pre-Service Lookup to describe an axis-bounded slice of that stance. The vocabulary is consistent across the firm's instruments by design: a reader who learns the language through one application carries it forward to the others.

VIII
The Pre-Service Lookup vocabulary · Terms used in the firm's free verification tool

The Pre-Service Lookup is the firm's free, openly-published verification tool, a structured, rubric-bounded application of the Forensic Read™ scoped to K-12 AI vendor governance triage at the document layer. It is the most basic and topical application of what the methodology can produce, intended to extend a thin slice of the methodology to people who could not otherwise apply it: pre-service teachers, parents, school boards, state agencies. The terms below are specific to that tool. Some are tool-internal language (axis, rubric, dealbreaker, verdict); others are regulatorily-anchored terms the rubric grades against and are defined here in the form they take inside the rubric. Terms that already appear elsewhere in this glossary (FERPA, COPPA, DPA, subprocessor) are not duplicated here; the Pre-Service Lookup uses those terms in their conventional sense and the §VI definitions apply.

The rubric's structural vocabulary

Rubric Pre-Service Lookup

The structured set of twelve inputs across three axes, plus three single-input dealbreakers, that the Pre-Service Lookup's Scorer applies to produce a verdict. The rubric is decidable from documents alone, requires no specialized legal training, and produces consistent results between evaluators reading the same documents. Portability of the rubric is the methodology's reproducibility claim, narrowed and made operational. The rubric is not the full Forensic Read™; it is one applied instrument of the methodology, scoped to a single category of analysis.

Axis Pre-Service Lookup

One of the three categories the rubric uses to evaluate a vendor's posture: data posture, FERPA posture, and children's data posture (COPPA). Each axis contains four binary-with-mid inputs. The verdict is calculated by summarizing the results across all three axes together, not by collapsing them into a single score. The three axes are the regulatorily-anchored dimensions of K-12 AI governance, each maps to a body of existing law or widely-accepted privacy practice that produces decidable readings from documents alone.

Posture Pre-Service Lookup

The current state of a vendor's commitments, capabilities, and language as it bears on a specific axis of evaluation. Used three ways in the Scorer: data posture (the vendor's stance on input handling), FERPA posture (the vendor's stance on student record handling), and children's data posture (the vendor's stance on under-13 users). Posture is a snapshot, not a guarantee; the First Watch audits exist because posture drifts. The term is used in this specific axis-bounded sense throughout the Pre-Service Lookup, distinct from public posture as it appears in the Drift Audit's policy-posture pairing.

Mid-state Pre-Service Lookup

The middle answer on any rubric input, indicating partial compliance, ambiguous language, or conditional support. Mid-state answers do not trigger dealbreakers but they count against the 3-of-4 best-state threshold required for a Proceed verdict. The Scorer's amber-bordered middle option corresponds to mid-state. The three-option structure (best-state / mid-state / worst-state) matches the actual phenomenology of reading vendor documents: does the document explicitly commit, partially commit, or fail to address?

Dealbreaker Pre-Service Lookup

An input on the rubric that, if answered with the worst-state option, automatically triggers a Flag verdict regardless of how the remaining inputs are answered. The Scorer has three dealbreakers, one on each axis: training-use of inputs (data), school official designation (FERPA), and under-13 age gate (COPPA). These are the three single-clause findings the methodology treats as non-negotiable: inputs where the failure cannot be aggregated away by strong posture elsewhere.

The verdict vocabulary

Verdict Pre-Service Lookup

The output the Scorer produces when the rubric is applied: Proceed, Caution, or Flag. The verdict is deterministic: two readers who answer the twelve inputs the same way arrive at the same verdict. The verdict is a starting point for governance action, not a substitute for it; it signals which tools warrant first-pass triage attention, not whether a district has discharged its full institutional obligations.

Proceed Pre-Service Lookup

The verdict assigned when a tool earns at least 3-of-4 best-state answers on every one of the three axes, with no dealbreakers triggered. A Proceed verdict signals that the rubric finds no posture concerns on data, FERPA, or COPPA. The tool can be used as intended within the conditions noted during scoring. The 3-of-4 threshold is calibrated to be meaningfully selective without being unattainable; verdict distributions produced under this threshold track real differentiation in the current K-12 AI landscape.

Contract holder Pre-Service Lookup

The party whose name appears on the agreement governing a vendor's tool: a district contract, a school-level contract, a teacher account, or a personal student account. The contract holder determines which terms apply, which DPA (if any) is in force, and which protections the user can rely on. The same vendor can sit in a different governance posture depending on which contract path was used to procure it. Used in the rubric to grade whether the procurement path supports the institutional reliance the deployment requires.

The data axis vocabulary

Training-use of inputs Pre-Service Lookup

A vendor's practice of using user-submitted content to train or improve its AI models. The rubric's most consequential input asks whether the default behavior involves training, whether an opt-out exists but is off by default, or whether training is opt-in only (best-state). A yes-by-default answer is a dealbreaker because it transfers commercial value from student work to vendor model development without affirmative consent. Related to but more specific than the firm's broader concept of no-training commitment (§VI); the rubric grades the default behavior the documents disclose, not the strength or durability of the commitment elsewhere.

Retention specificity Pre-Service Lookup

Whether a vendor's policy specifies a concrete retention period (in days, months, or years) for the content users submit. Specific retention is named in the documents. Vague retention uses qualifiers like "as long as necessary." Indefinite or unstated retention is the absence of any retention claim at all. The rubric grades for the document's specificity, not for the substantive length of any stated period: a stated retention of seven years is more rubric-favorable than an unstated retention of seven days, because reproducible reading requires a stated number.

Deletion right Pre-Service Lookup

A user's or school administrator's ability to trigger the removal of stored content held by a vendor. A self-serve deletion right means the user can complete the action through the product interface. By-request deletion means the action requires emailing the vendor or filing a ticket. Absence of either is treated as a worst-state answer on the data axis.

Trust Center Pre-Service Lookup

A vendor-published subdomain or page (commonly trust.[vendor].com) that aggregates compliance attestations, certifications, subprocessor lists, DPAs, and security documentation in one location. Trust Centers are the highest-yield single resource for performing a rubric-bounded read on a vendor with mature governance documentation. The presence of an active, dated Trust Center is a best-state indicator for subprocessor disclosure on the rubric's data axis.

The FERPA axis vocabulary

FERPA school official designation Pre-Service Lookup

A specific FERPA provision (under 34 CFR § 99.31(a)(1)(i)) that allows a school to disclose education records to a third party (such as an AI vendor) without obtaining prior parental consent, provided that the third party performs services the school would otherwise perform itself, is under the school's direct control, and uses the records only for authorized purposes. A vendor that explicitly accepts this designation in its standard terms takes on contractual obligations equivalent to being treated as district staff for that data. A vendor that disclaims the designation is signaling it does not accept those obligations, a dealbreaker on the rubric's FERPA axis. The rubric's narrower, documents-only reading of a concept the firm's full methodology engages more broadly under deputizing and direct control (§VI).

Directory information Pre-Service Lookup

Under FERPA, a category of student record information that schools may disclose without prior parental consent, typically things like a student's name, grade level, dates of attendance, and participation in activities. Directory information is treated differently from the broader category of education records, and a vendor's privacy policy is graded on whether it distinguishes the two clearly.

Parental rights Pre-Service Lookup

The specific rights FERPA grants to parents (and to students once they turn 18, at which point those rights transfer): the right to inspect and review education records, the right to seek amendment of records believed to be inaccurate, and the right to consent to certain disclosures. A vendor's commitment to honoring requests routed through the school for any of these is the input the rubric grades on the FERPA axis.

Disclosure logging Pre-Service Lookup

A vendor's practice of maintaining a record of every disclosure of student records to a third party, available to the school for inspection. FERPA requires schools (not vendors directly) to maintain such logs, but a vendor that supports the school's obligation by providing accessible disclosure records earns a best-state answer on this input.

The COPPA axis vocabulary

Age gate Pre-Service Lookup

A mechanism that prevents a service from collecting personal information from users under the age of 13 without first obtaining verifiable parental consent. An active age gate intercepts the user before any data is collected and routes under-13 users to a VPC path. A self-declared age gate accepts whatever date the user enters without verification, which is treated as effectively no gate at all under most regulatory interpretations. The absence of an effective gate is a dealbreaker on the rubric's COPPA axis.

COPPA Rule §312.5 Pre-Service Lookup

The specific section of the COPPA Rule (16 CFR § 312.5) that defines what counts as verifiable parental consent. It enumerates acceptable methods (signed consent forms returned by mail or fax, credit-card verification, video conferencing with the parent, government-issued ID matching) and rejects mechanisms that rely solely on a user clicking a checkbox or typing in an email address. A vendor's VPC pathway is graded against this section.

School-as-agent doctrine Pre-Service Lookup

An FTC guidance position under COPPA that permits a school to consent, on behalf of parents, to the online collection of personal information from students under 13, provided the collection is for the use and benefit of the school and not for any other commercial purpose. The doctrine functions as a workaround to the otherwise required verifiable parental consent. The rubric grades whether a vendor invoking this doctrine has the contractual structure to support the reliance, or whether the invocation is unsupported.

Data minimization Pre-Service Lookup

The principle, central to COPPA and to most modern privacy regimes, that a service should collect only the personal information that is reasonably necessary for the activity the user is engaged in. A vendor's commitment to data minimization, especially as it applies to children, is one of the inputs on the COPPA axis.

The procurement and operational vocabulary

Procurement path Pre-Service Lookup

The route by which a tool entered a district's use: district contract, school-level contract, teacher account, or personal student account. Different procurement paths trigger different governance obligations and produce different DPA coverage. The rubric's contract holder input is the operational expression of procurement path. The Pre-Service Lookup's narrower framing of a concept the firm engages more broadly under parallel contractor relationship (§VI).

Drift signal Pre-Service Lookup

A dated change to a vendor's policy, terms, or product language that warrants a fresh read. Drift signals are documented in the First Watch audit series and surface on the Tool Spotlight Card. The Pre-Service Lookup itself does not grade drift; drift is a separate finding from the firm's audit work that may prompt a re-scoring of an already-graded tool. The term lets the rubric's verdict be honest about its own datedness: a Proceed verdict produced today may not describe the tool's posture six months from now, and the drift signal is what the audit series produces to track that.

Verification and Revision

This glossary is compiled from The First Watch Drift Audit No. 001 (April 6, 2026), Drift Audit No. 002 (May 6, 2026), Governance at the Speed of Drift (Policy Brief, May 2026), The Forensic Read™ methodology page (languagefirm.org/the-forensic-read), the Clarifier Workshop reference set, the firm's About Us page, An Unread Deputy & A Signed Contract (Sharp's Reading Record, May 14, 2026), and the methodology documentation of The Pre-Service Lookup (May 2026).

Where a term appears verbatim in a published firm artifact, the definition reflects that artifact's usage. Where a term has been carried across documents, the definition reflects the firm's consolidated usage as of May 2026. Government terms in §VI and §VIII carry working citation links to authoritative public-facing sources: the Cornell Legal Information Institute (law.cornell.edu) for U.S. Code statutory text, the eCFR (ecfr.gov) for current regulations and FAR clauses, acquisition.gov for FAR commercial-contract clauses, and the FCC's program page for E-Rate. Links should be treated as the starting point for verification of statutory or regulatory language, not the endpoint; the audits' own methodological principle applies here too.

The Pre-Service Lookup vocabulary (§VIII) was added in v1.6 (May 2026). v1.7 (June 2026) reduced each term entry in §I–§VI to its core definition, removed the engagement-terms section, added the AI Tool, AI Governance, and Named reader entries to §IV, and renumbered the remaining sections so they run §I–§VIII in sequence. The Pre-Service Lookup vocabulary (§VIII) and the synthesis note (§VII) were left intact. Terms tagged Pre-Service Lookup identify language specific to the firm's free, openly-published verification tool, the most basic and topical application of what the Forensic Read™ methodology can produce.

v1.8 (June 2026) added five entries to §VI documenting the National Data Privacy Agreement: the Access 4 Learning (A4L) Community, the NDPA itself, Exhibit C, the Schedule of Student Data (Exhibit B), and Student Data as commonly defined in vendor DPAs. The A-Z index was updated to reach each new term.

v1.9 (June 2026) added three terms a district sets as controlling definitions in its own policy and reads vendor documents against: Authorized User and Material Update in §IV, and De-Identified Data in §VI. The A-Z index was updated to reach each new term.

v1.10 (June 2026) added Identity sprawl to §IV, defining the proliferation of vendor accounts a district never inventoried as the scaled consequence of an open seam, and tying it to the Subprocessor and Dependency Register and the named reader. The A-Z index was updated to reach the new term.

v2.02 (June 2026) split the single BYOK entry in §VI into two terms: customer-managed encryption, a data-at-rest control the district gains, and model-key passthrough, a foundation-model API arrangement that makes the model provider the district's direct counterparty under terms that carry no education-specific protections. An acronym that resolves to two different objects in the data path is a forensic hazard the glossary should not carry under one heading. The A-Z index was updated to reach both terms.

v2.03 (June 2026) added two governance-vocabulary terms to §IV: Tool sprawl, the product-side counterpart to identity sprawl, naming the accumulation of unauthorized tools as the scaled consequence of an open seam and tying it to the Tool Intake Register; and Trigger, a change from the previously agreed-upon state that obligates a defined action, read by a named reader against the governance baseline. The A-Z index was updated to reach both terms. This edition also unified the version label on the cover and masthead, which read v2.2 against the changelog's v2.02.

v2.4 (June 2026) corrected the Foundation model dependency entry in §IV: the examples now name foundation models (OpenAI's GPT-5.5, Anthropic's Claude Opus 4.8, Google's Gemini 3.1 Pro) rather than the consumer products built on them, and the definition states that the dependency runs to the model, not to the product that wraps it. This edition also set the cover, masthead, and colophon labels to the single-decimal form v2.4, retiring the zero-padded label form for the displayed version.

Terms added or revised in future editions of this glossary should be documented with the audit cycle or publication in which the change occurred, in the same dated, document-naming register the firm applies to vendor documentation.

Glossary v2.4 · Compiled May 2026, revised June 2026 · The Language Firm, LLC. The Forensic Read™, The First Watch, the Tool Spotlight Card, the Clarifier Workshop, and the Pre-Service Lookup are proprietary instruments of The Language Firm, LLC.