Skip to content
IEP Champion
← All posts
May 2, 2026 · 9 min read

On-device AI vs cloud AI for student privacy

When an AI tool offers to help with your child's IEP, the most important question isn't "how good is it?" — it's "where does the inference run?" That answer determines who, besides you, ends up with a copy of your child's evaluation. Plain-language guide for parents being pitched ed-tech AI.

The IEP-AI tool category has exploded over the past two years. Every special-education conference now has a startup booth selling some variation of "AI-powered IEP management." The pitches are similar: upload your IEP, get plain-language summaries; type a question, get a draft email to the school; paste in a goal, get an Endrew F.-style audit.

The features genuinely help. The privacy implications, though, are routinely glossed over — and they're not minor. This piece explains what's actually happening under the hood when you "ask AI to help with my child's IEP," and what the difference is between cloud-based and on-device approaches.

What "running an AI" actually means

Modern AI assistants (ChatGPT, Claude, Gemini, Copilot, and the IEP-specific tools built on top of them) work in three steps:

  1. Tokenization: Your text is broken into "tokens" (sub-words or characters) that the model can read.
  2. Inference: The model — a giant pile of math, with billions of numerical parameters — does a forward pass through the tokens and produces a probability distribution over the next token. That's repeated to generate the response.
  3. Output: The generated tokens are decoded back into text and sent back to you.

The interesting question is where step 2 happens. Two architectures exist:

  • Cloud inference: Your text travels over the internet to the vendor's server. The model lives on the vendor's hardware. Inference happens there. The output travels back.
  • On-device inference: The model is stored on your phone, laptop, or computer. Your text never leaves the device. The model processes locally.

What gets logged in cloud inference

When your IEP text travels to a cloud-AI server, several things almost always happen:

  • The prompt is logged. Most cloud-AI vendors retain a copy of the prompt and the model's response, often for 30 days, sometimes longer. The stated reasons are safety review (catching abuse), debugging, and "service improvement."
  • Metadata is logged. Timestamp, IP address, account ID (if signed in), token count, model version. This is true even when prompt content is not retained.
  • The data may train the next model. Many vendors reserve the right to use customer prompts for training, sometimes opt-in, sometimes opt-out, sometimes buried in the ToS.
  • Subprocessors see the data. Cloud-AI vendors typically use subprocessors (AWS, GCP, Azure, content-moderation services). Each subprocessor has access to the data flowing through it.

None of this is malicious. It's normal cloud-services architecture. The problem is that "normal cloud-services architecture" was not designed for holding the most sensitive paperwork in a child's life.

What an IEP actually contains

Take a moment to think about what you'd be uploading. A typical IEP document:

  • The child's full legal name, date of birth, and grade.
  • Disability classification(s) under IDEA's federal categories — autism, specific learning disability, ADHD with educational impact, intellectual disability, emotional disturbance, etc.
  • Recent psychoeducational evaluation results — IQ scores, academic achievement scores, behavior-rating scales.
  • Behavioral observations, including incident reports, referrals, and classroom-disruption descriptions.
  • Mental-health information, sometimes including diagnoses and family history.
  • The child's school, district, classroom assignment, and teacher names.
  • Parent contact information.

That's a packet that, in any other context, requires HIPAA-grade handling. In ed-tech, it's routinely uploaded to systems with consumer-grade privacy terms.

Why on-device changes the equation

On-device AI moves step 2 to your hardware. The model is a file (typically 1–4 GB) downloaded once at first launch. After that, every query you run is handled by your phone's processor — CPU, GPU, or Neural Engine, depending on the device. Nothing leaves the phone.

Concretely:

  • The vendor cannot log your prompts. There is no inference server. If a query never reaches a server, no server can record it.
  • Your data cannot train someone else's model. Same reason. Training requires the vendor to have the data. They don't.
  • A vendor breach doesn't expose your records. If the vendor's database is hacked, the breach contains nothing about your child, because nothing about your child was ever there.
  • You don't lose access if the vendor pivots. If the vendor gets acquired, shuts down, or changes its terms, your model is already on your device. The app may stop receiving updates, but the AI keeps working for as long as your phone does.

The trade-offs (because there are some)

On-device AI is not strictly better than cloud AI on every dimension. Three trade-offs to be aware of:

  1. Smaller models. A 1.5–4B-parameter model on a phone is smaller than the frontier models running in the cloud (GPT-4, Claude Sonnet/Opus, Gemini Pro all clock in at hundreds of billions of parameters). For well-bounded tasks — terminology lookup, document summarization, goal-drafting templates — the gap is rarely noticeable. For free-form expert reasoning, frontier cloud models are still better.
  2. Storage and battery. A 1–4 GB model is a meaningful chunk of phone storage. Inference burns battery during active use. Most modern phones (iPhone 13+, mid-tier Android) handle it fine; older phones may not.
  3. No automatic sync. If you want your IEP records on both your phone and your laptop, on-device tools generally make you do the sync manually (encrypted backup file, AirDrop, etc.). Cloud tools sync invisibly because they have a server in the middle. The trade is a feature for a privacy property.

For IEP management specifically, the trade-offs land favorably for on-device: the tasks are bounded enough that smaller models do them well, and the privacy upside is exactly what parents need.

Five questions to ask any IEP-AI vendor

If you're evaluating an AI tool for your child's IEP, ask:

  1. Where does the AI inference physically run? If the answer is "our servers" or "via OpenAI/Anthropic/Google APIs" — your data goes to those servers.
  2. What's logged from my prompts and for how long? Read the data-retention policy, not the marketing page. Common answers: 30 days, 90 days, indefinitely.
  3. Will my data be used to train future models? Some vendors let you opt out. Some don't. Some change the policy later.
  4. If you're acquired, what happens to my data? Most ToS say the data transfers with the company. The acquirer can re-set the privacy terms.
  5. Can I delete all my data permanently? Specifically — not just disable my account, but actually purge the records. Some vendors retain backups for years even after "deletion."

A vendor that gives clear, written answers to all five questions has earned a serious look. A vendor that obfuscates any of the five has told you everything you need to know.

What "privacy by design" looks like in practice

The phrase "privacy by design" is overused. The concrete tests:

  • No accounts: If sign-up requires only a click-to-accept rather than email + password, the vendor literally cannot know who you are.
  • No analytics SDKs: Many ed-tech apps integrate Mixpanel, Amplitude, Segment, or similar analytics platforms. Each one is another vendor receiving (often anonymized but sometimes not) telemetry about your usage.
  • Local encryption with device-bound keys: Storage at rest encrypted with keys held in the OS's secure enclave (iOS Keychain or Android Keystore), not in a config file the app could ship to a server.
  • Open documentation of data flows: A privacy policy that says exactly which data flows where, in language a parent can read in 5 minutes.

The bottom line

"On-device" isn't a marketing buzzword; it's an architectural decision that physically prevents most of the privacy failures common in cloud-AI ed-tech. It costs the vendor more (no server-side data accumulation means no growth story for investors built on data assets). It costs the user more in storage and battery. It gives the user something cloud-AI cannot: their child's IEP information stays where they put it, with no copy somewhere else.

That's the whole pitch.

One last thing

IEP Champion is the on-device tool we built for IEP management. AI runs locally via llama.cpp; data is encrypted with SQLCipher (AES-256) on your device; there are no accounts, no analytics, and no inference servers. You can try it in your browser with the free PWA, or install it on iOS/Android for $4.99 one-time. The side-by-side comparison page goes deeper on the architectural differences.

Even if you don't end up using IEP Champion, the five questions above are the right questions to ask any vendor before you hand them your child's evaluation.

Get the app — $4.99