Use Cases/Education Agents

Runtime authorization for education and EdTech AI agents.

A tutoring or admin agent with Canvas, Blackboard, PowerSchool, or Google Classroom credentials can read student records, write grades, or message families. SSO shows the school granted the integration. Veto decides whether this specific read, write, or mass communication is allowed under your institution's policies.

FERPA (34 CFR Part 99)COPPA (16 CFR Part 312)State student-privacy laws
Sign upRead docs

What can go wrong

Schools and EdTech vendors operate under FERPA's school-official exception, COPPA for under-13 users, and state student-data laws such as NY Ed Law 2-d, California SOPIPA, and Illinois SOPPA. The failure modes below map to Department of Education guidance letters and state enforcement actions.

FERPA disclosure

A registrar agent summarizes "all D students" into a chat used by a non-school-official aide. FERPA requires consent or a narrowly-defined exception, and unauthorized disclosures cost institutions their federal funding eligibility.

COPPA under-13 collection

A tutoring agent persists chat transcripts that contain names, voice, photos, and location data without the consent path your district requires. That is a student-privacy failure, not just a logging issue.

Gradebook tampering

A "helpful" teacher-assistant agent overwrites scores for students who emailed about grading errors, without separate teacher review. The trail is invisible until a parent complains.

Mass communication errors

A district announcement agent emails 30,000 parents about a single classroom's snow-day policy, or hallucinates a school-closure date. The reputational damage compounds for weeks.

What Veto enforces

Wrap the LMS, SIS, and communications tools your agent calls. Policy rules check role of record, age, consent flags, and audience size before each action.

veto/policies/education-agents.yaml
policies:
  - name: "FERPA-scoped student-record reads"
    match:
      tool: ["powerschool.get_student","canvas.get_student","sis.lookup"]
    rules:
      - condition: "fields includes_any ['grades','attendance','iep','504_plan','disciplinary']
                    && context.agent_role not_in ['teacher','counselor','registrar']"
        action: deny
        reason: "Educational record fields require school-official role"
      - condition: "context.educational_purpose == null"
        action: deny
        reason: "FERPA school-official exception requires documented purpose"

  - name: "COPPA under-13 guard"
    match:
      tool: ["tutoring.persist_transcript","comms.send_to_student","analytics.track_event"]
    rules:
      - condition: "student.age < 13 && student.parental_consent_on_file != true"
        action: deny
        reason: "COPPA: under-13 requires verifiable parental consent"
      - condition: "student.age < 13 && args.includes_geolocation == true"
        action: deny
        reason: "Geolocation collection from under-13 requires policy review"

  - name: "Gradebook write maker-checker"
    match:
      tool: ["canvas.set_grade","blackboard.update_grade","powerschool.update_score"]
    rules:
      - condition: "context.agent_role != 'teacher_of_record'"
        action: deny
      - condition: "abs(args.new_score - args.old_score) > 15"
        action: require_approval
        approvers: ["dept-chair@school.edu"]
      - condition: "args.affected_students > 1"
        action: require_approval
        approvers: ["registrar@school.edu"]

  - name: "Mass-communication audience caps"
    match:
      tool: ["comms.send_email","comms.send_sms"]
    rules:
      - condition: "audience.size > 500"
        action: require_approval
        approvers: ["comms-director@school.edu"]
      - condition: "audience.size > 5000"
        action: require_approval
        approvers: ["superintendent@school.edu"]
      - condition: "audience.includes_under_13_guardians == true"
        action: require_approval
        approvers: ["privacy-officer@school.edu"]

Evidence hooks

FERPA (34 CFR Part 99)

School-official exception requires direct control over the AI vendor and a defined educational purpose. Veto records the purpose per tool call for the 99.32 accounting-of-disclosure record.

COPPA (16 CFR Part 312)

Verifiable parental consent before collection from under-13. Veto blocks the tool call when the consent flag is missing.

NY Ed Law 2-d, IL SOPPA, CA SOPIPA

State laws require contractual data protection, breach notification within 7 to 30 days, and prohibitions on advertising to students. Veto provides per-action evidence teams can attach to DPA reviews.

Student Data Privacy Consortium DPA

The SDPC NDPA v1.0a is a common district agreement model. Veto records support Exhibit E-style data security evidence without bespoke instrumentation.

Where the risk lands

Education agents touch student records, parent communications, gradebooks, tutoring transcripts, and district systems. The regulated action is often ordinary-looking: read a roster, export a transcript, update a score, or summarize a student.

Veto gives the district a tool-call record: which agent touched which student-data tool, which policy applied, and whether a human approved the action.

Frequently asked questions

Does Veto cover FERPA's directory and educational-records distinction?
Yes. Policies read each student record's directory flag, which families can opt out of, and treat any other field (grades, attendance, IEP/504, disciplinary records, parent contact) as protected. Tool calls reading those fields require a documented educational purpose; calls writing them require approval from the role of record (teacher, registrar, counselor). Logs support accounting-of-disclosure review under 34 CFR 99.32.
How do we keep under-13 users out of COPPA scope?
Policies check the student's age and consent status before tool calls that would qualify as personal information collection under COPPA. They can deny marketing emails, geolocation collection, or behavioral-data persistence for under-13 students unless verifiable parental consent is on file. Schools that have invoked the school-official exception still get a per-call decision record showing the educational-purpose scope.
Can a tutoring agent still help a student in real time?
Yes, that is the entire point. Read-only operations against course content and the student's own work auto-approve. Writes to the gradebook, transcript, attendance, or roster are policy-gated. Tutoring content generation is allowed but tagged with the policy version and content-safety classifier output so academic-integrity reviewers can audit later.
What about hallucinated tutoring content?
Veto does not judge factuality directly, but it can require human review for governed agent responses above a length threshold, or responses that cite specific external sources, before they are sent to a student. Decision records can preserve the prompt, retrieved sources when RAG is configured, and final response so a curriculum lead can review at random or in response to a complaint.

Related use cases

Customer Support

Service-desk approvals and PII redaction for ed-tech support teams.

Healthcare Agents

Patterns that also apply to school-nurse and student-health workflows.

GDPR

Cross-border student data, lawful basis, and minors-specific protections.

Keep your federal funding. Block one FERPA disclosure.

Policies wired into Canvas, PowerSchool, and Google Classroom in a sprint.

Sign upBook a call