FERPA / COPPA scope
Honest framing of what @pleach/compliance covers for FERPA and COPPA today, what the educationAgent factory substitutes when you ask for those profiles, and the concrete gap list you should bring to district counsel before signing.
This page is for the procurement conversation. Read it before signing a district agreement that names FERPA or COPPA as the governing framework.
TL;DR
@pleach/compliance profiles that ship today are
"hipaa" | "gdpr" | "pci-dss" | "soc2". There is no ferpa or
coppa profile literal. The
educationAgent factory accepts
the education-facing strings (ferpa, coppa, ferpa+coppa)
and substitutes the gdpr profile bundle as the closest shipped
analog. The substitution is recorded on the runtime tag, fires a
warn-once notice to your console, and is documented in the
factory JSDoc. It is not full FERPA or COPPA adequacy.
What you DO get when you pass ferpa+coppa
- The student-safety scrubber runs against the user message string before the runtime sees it. See Student safety for the redaction patterns (student-id numbers, grade bands, school-issued emails, labeled parent-contact lines).
- The
gdprprofile bundle runs on top of the student-safety scrubber. Thegdprbundle today isSsnUsScrubber + CreditCardScrubber— seecompliantChatbotconfig for the canonical bundle mapping. The substitution is the closest shipped analog because FERPA and COPPA both lean heavily on data-minimization plus identifier redaction, and thegdprbundle is the data-minimization scrubber stack we ship today. - A per-session cost-cap policy registered on the runtime so a runaway loop in a classroom can be cut off at the gateway boundary (see Per-district tenant + cost-cap).
- An audit ledger (when you wire
@pleach/compliance/audit) that records every event with atenantIdyou can scope todistrictIdand pull at end-of-year for retention review. - Substitution transparency: the runtime tag carries both
requestedProfile(what you asked for) andmappedProfile(what the substrate applied). Your audit ledger can record both. A district auditor can see at row level that thegdprbundle was applied becauseferpa+coppawas requested.
What you DO NOT get
These are the items that would belong in a full FERPA / COPPA posture and are NOT shipped today.
FERPA-specific gaps
- Directory Information mediation. FERPA distinguishes
"directory information" (name, address, phone, dates of
attendance — disclosable unless the parent has opted out) from
protected educational records. The shipped scrubber redacts
conservatively on identifier shape (IDs, grade bands,
school-issued emails); it does not consult a per-student
directory-information opt-out registry. If your buyer needs
per-student opt-out enforcement, wire it as a pre-
ask()classifier or as a customScrubber. - Educational-record retention rules. FERPA retention is
state-by-state and district-by-district. The audit ledger
records
recordedAtso you can prune on a schedule, but the retention policy itself is operator-owned. No built-in retention enforcement. - Vendor data-processing addendums (DPAs). Pleach does not ship a FERPA-equivalent vendor DPA. If your buyer's procurement requires one, you'll need to author it; the audit-ledger + scrubber evidence in this stack supports a DPA but does not constitute one.
- Joint custodial / parent-of-record gating. FERPA rights
transfer to the student at the age of majority OR upon
enrollment in a post-secondary institution. The runtime tag
records
studentId; it does NOT enforce a parent-of-record identity gate. The consumer's auth layer owns that.
COPPA-specific gaps
- Verifiable Parental Consent (VPC) flow. COPPA Section 312.5 requires verifiable parental consent before collecting personal information from a child under 13. Pleach does not ship a VPC flow (no parental-credit-card verification, no signed-consent-form intake, no government-ID check). The consumer-facing application is the consent boundary.
- Under-13 age gating. No age-of-user determination layer. If your platform admits under-13 users, your front door decides whether COPPA applies; Pleach treats every session as identical at the data plane.
- Safe-harbor program enrollment. Pleach is not enrolled in a COPPA Safe Harbor program (kidSAFE, iKeepSafe, ESRB, etc.).
- Operator-vs-school-official classification. COPPA permits school-authorized collection of PI without parental consent under the "school-official" doctrine when the school has designated the vendor as a school official under FERPA. That designation is contractual — Pleach does not assert it on your behalf.
Cross-framework gaps
- No State-Student-Privacy-Pledge co-signature. Major districts increasingly require vendors to co-sign the Student Privacy Pledge (studentprivacypledge.org). Pleach has not signed it.
- No formal FERPA / COPPA compliance attestation. The
@pleach/complianceaudit ledger surfaces hash-chained evidence usable in an attestation; an attestation report itself is operator-authored. - Model providers may not be configured for education workloads. OpenAI, Anthropic, and Google Vertex each have separate enterprise terms that may or may not be appropriate for under-13 data. Pleach does not enforce a per-provider age-of-data gate. If your provider's standard terms forbid under-13 data, you must route around that contractually (e.g. enterprise contract, BYOK with a provider whose terms permit it, or a self-hosted model).
What the warn-once notice says
When you construct an educationAgent with a complianceProfile,
the factory logs:
[educationAgent] requested compliance profile 'ferpa+coppa' is
not yet shipped — mapped to 'gdpr' (closest shipped analog). See
module JSDoc honest scope-limit.The warning fires once per process (latched). It is intentional
— suppressing it hides a substitution that procurement should
see. If you want the warning routed to your audit ledger instead
of stderr, wrap the factory and rewrite console.warn for that
construction call.
How to compose a stronger posture today
If you need to ship to a district that gates the buy on FERPA /
COPPA evidence and can't wait for a dedicated profile cut, three
patterns compose well on top of educationAgent:
- Pre-
ask()content moderation API. Wire Anthropic / OpenAI moderation, or a kid-safety classifier (e.g. a self-hosted toxicity model), as a pre-ask()filter. Reject the turn before the model sees it on a category flag. - District-extended scrubber. Pass an
extrapatterns array oncreateStudentSafetyScrubber(see Student safety) to redact district-specific identifiers — SIS IDs, locker numbers, IEP filenames — the shipped scrubber doesn't know about. - EventLogWriter-boundary scrubbing. Compose a
ComplianceRuntimedirectly (ascompliantChatbotdoes internally) and passhost.modules.eventLogWriterso the persisted copy of every event row is scrubbed at the substrate boundary too. TheeducationAgentfactory does NOT do this automatically today; the scrubbing is at the user-message boundary only.
Roadmap
A dedicated ferpa-coppa compliance profile cut is on the
education wave. The shape it will likely take:
- A
ferpa+coppascrubber bundle distinct fromgdpr: student-safety scrubber + parent / guardian PII patterns + school-staff PII patterns + state-program identifiers (free / reduced lunch, IEP, 504-plan numbers). - A per-event-type allowlist tuned for classroom-transcript
shapes (
tutor.turn,feedback.recorded,assignment.draft) in addition to the genericcontent.delta/interrupt.edited/audit.recordedallowlistcompliantChatbotships with today. - An optional VPC stub that records consent evidence on the audit ledger (consumer-supplied; the substrate does not perform verification).
Until that cut ships, the educationAgent factory makes the
substitution explicit so it can be cited cleanly in a procurement
review. The factory will continue to accept ferpa / coppa /
ferpa+coppa after the dedicated profile ships — the runtime
tag's mappedProfile will then read ferpa-coppa instead of
gdpr.
Source
packages/recipes/src/education.ts— substitution map andwarn-oncelatch.packages/compliance/src/runtime/— theComplianceRuntimeand shipped profile bundles.
See also
- Education — the landing page.
- Student safety — the shipped scrubber.
- Per-district tenant + cost-cap — multi-tenant composition for districts.
compliantChatbot— the HIPAA / GDPR / PCI-DSS / SOC 2 sibling recipe.@pleach/compliance— the full compliance reference.- Audit ledger — hash-chained evidence for compliance review.
Student safety
The shipped student-safety scrubber from @pleach/compliance/education — what it redacts today, the composable KeyedRegexScrubber shape for district-specific extensions, and the honest gap on per-category content moderation.
Per-district tenant + cost-cap
Composing educationAgent per-district with hard cost ceilings enforced at the gateway boundary via @pleach/gateway/swarm's CostCeilingMiddleware, plus audit ledger scoping by districtTenantId via @pleach/compliance/audit.