AI governance for Australian schools.


External Signals is a monthly read on what is shifting outside Australian independent schools (regulation, technology, sector incidents, funding and workforce) and what it means for the people running one. Produced by Arvoe for principals, business managers, and board members across the sector.
Students penalised for AI use in a senior-secondary assessment
Teaching & CurriculumAI 'nudify' deepfake abuse of students, and the first enforcement action
Safety & WellbeingAI companions are reaching students, and the wellbeing risk is serious
Safety & WellbeingMicrosoft and Google embed AI into the core school platforms
AI & Data GovernanceQueensland's Reportable Conduct Scheme commences for schools
Regulatory & ComplianceTwo questions this month, of different kinds: a strategic one on whether our AI governance is keeping pace with how AI reaches students, and an acute one on the wave of five new obligations that just landed.
A quieter month than May on both severity and volume. Cyber and Safety & Wellbeing run warmest; the densest cluster of new obligations is regulatory, though it rates only mild.
June ran on two threads. AI kept arriving in classrooms from both directions at once, new tools in the core platforms and new harms reaching students, with the regulator starting to respond. And a wave of new compliance obligations landed, five of them, two commenced on 1 July itself. Most of what surfaced needs attention within six months.
Bars show how many signals touch each area; one signal can touch several, so they total more than the verified count. The dot shows how hot the area ran.
When each signal is expected to bite. The hero figure is the first two buckets combined.
QLD Reportable Conduct Scheme commences for schools.
NSW makes approved WHS codes of practice enforceable (s 26A); the psychosocial hazards code touches every school.
Award minimum wages rise 4.75% (Schools awards).
AITSL reviews the teacher standards (APST).
UK EdTech Testbed expands to 1,000-plus schools.
VRQA final Minimum Standards guidelines expected (VIC).
EU AI Act bans 'nudify' and intimate-deepfake systems.
Children's Online Privacy Code and ADM disclosure commence.
VRQA revised Minimum Standards apply (VIC).
SA non-gov schools must publish suspension/expulsion policy.
Compliant anti-bullying policy a condition of NSW registration.
VIC phone and wearable ban extends to non-gov schools.
EU AI Act deadline for high-risk education AI.
A calmer month than May at the top end. There was no single event on the scale of last edition's Canvas breach, which reached millions worldwide, so the hottest reading here is warm rather than extreme. That is not the same as quiet. Cyber still runs warm, because school data is plainly still in attackers' sights: two fresh breaches and a full systems-outage all landed inside the month, just not at global scale. Student and staff safety runs warm too, where AI-driven harms met a set of new safety obligations. The busiest area by volume is regulatory and compliance, where a cluster of new duties is landing, two of them commenced on 1 July. But volume is not heat: that area reads mild, which means a lot to work through rather than a lot to fear.
| Risk area | What is driving it | This month | Vol. |
|---|---|---|---|
| Cyber & Data Security | A school ransomware leak with passport scans and plaintext credentials exposed, an educational-publisher breach, and a school forced to take all systems offline | WARM | 3 |
| Safety & Wellbeing | AI 'nudify' deepfake abuse of students and the first eSafety enforcement, companion-app wellbeing gaps, a violent-extremism charge, and a new NSW anti-bullying registration condition | WARM | 5 |
| Regulatory & Compliance | Queensland's Reportable Conduct Scheme and the NSW WHS codes duty commencing, anti-bullying and disability-reporting conditions ahead, and registration redrafts still moving | MILD | 6 |
| Teaching & Curriculum | Generative AI in a senior assessment, falling digital literacy, Victoria's device-free learning requirement, and teacher-workload AI tools | MILD | 6 |
| Workforce & IR | A rejected Victorian pay deal, an ACT strike, multi-employer bargaining, the new award wage floor, and a new WHS codes duty | MILD | 5 |
| AI & Data Governance | Microsoft and Google embedding student-facing AI into the core platforms, national AI framing, and the privacy exposure that rides along with breaches | MILD | 4 |
| Financial & Operations | The 4.75% award wage rise, the rising disability-adjustment loading, and a direction of travel on edtech procurement | MILD | 3 |
Each area's rating combines how serious its signals are with how soon they land. Warm means worth watching now; mild means real but not pressing.
The count of signals in the area this month; areas sum to the month's 32. It is separate from the rating: an area can carry a real volume of work while still reading mild.
At a Catholic secondary school in Victoria, 35 Year 12 students were found to have used generative AI in an oral English assessment. After an internal investigation the school reduced the affected marks and reported the results to the Victorian Curriculum and Assessment Authority (VCAA), as required for VCE assessments. Detection reportedly came from a routine audit that flagged gaps between students' documented ability and their delivered work.
This is the first named Australian example of mass generative-AI misuse being detected and penalised inside a formal senior-secondary assessment, then escalated to the curriculum authority. Every school running VCE, HSC, QCE or an equivalent now has a concrete precedent, including how the response was handled: a mark reduction on the affected task plus authority notification, not a withheld result.
Worth checking — Does your authentication process for oral and take-home tasks actually detect AI-generated submissions, and is teacher judgement (baselining, in-class drafting, viva-style verification) documented? Is your reporting path for suspected AI integrity breaches written down and known to assessors? Does your AI-use policy state what is permitted per assessment type, rather than in general?
The safety regulator is documenting a fast-rising pattern of students using AI 'nudify' apps to create and share fake explicit images of classmates, overwhelmingly girls. In one documented case at an independent school in Tasmania, around 21 female students had their faces superimposed onto explicit images and shared in a private group. Police dealt with five young people without laying charges, and the school notified parents. Reports of digitally altered intimate images of under-18s more than doubled in the 18 months to late 2025. Separately, and for the first time, eSafety issued a formal Direction to Comply under the new Age-Restricted Material Codes to an offshore 'nudify' service, giving it 14 days to block children or face civil penalties up to $49.5 million.
This is a live child-protection risk that reaches students through their own devices, and there is now a named regulatory lever schools can escalate to. The harm to victims is serious and lasting: the targeted students, almost always girls, carry real psychological and social trauma, the images can resurface for years, and the damage is done whether or not the picture is "real". The perpetrators are usually peers who treat 'nudify' use as a prank, unaware that creating or sharing a synthetic nude of a minor can be a criminal offence. That gap, between how students perceive the act and how gravely it actually lands, is where education has to do the work before an incident, not after.
Worth checking — Does your image-based-abuse response plan explicitly cover AI-generated material, with clear mandatory-reporting and police-referral pathways, and a victim-support protocol ready before an incident rather than after? Does what you teach students name deepfake abuse, consent, and its real consequences directly, so the message lands before the behaviour does? Are staff briefed to treat the psychological harm to a victim as seriously as any other form of image-based abuse?
A regulator transparency report on four AI companion services found none had robust age verification, most did not route self-harm prompts to crisis support, and some ran no dedicated trust-and-safety function. It estimated that around 200,000 Australian children aged 10 to 17 have used an AI companion specifically. Several services have since changed course, through age assurance, geo-blocking or paid gating, and the Age-Restricted Material Codes now apply to companion chatbots.
This is the wellbeing risk that deserves the most forward attention, and it is easy to underrate. AI companions are engineered to be endlessly supportive: they never tire, never judge, never criticise, and are always available. For a developing adolescent that is not a harmless novelty, it is the raw material for an unhealthy attachment to a relationship that asks nothing and reflects everything back, at exactly the age when young people should be learning to handle friendships that are sometimes hard. Where social media reshaped peer comparison for a generation, always-available AI companionship risks doing something similar to the capacity for real relationship, and at industrial scale. Two things sharpen it: the self-harm-referral gap means a child in crisis may be confiding in a system with no path to help, and the same dynamic sits inside the general-purpose AI models students already use for schoolwork. The line between a study tool and a confidant is thin and mostly unpoliced.
Worth checking — Do your pastoral-care and online-safety plans name AI companionship as a wellbeing risk in its own right, and recognise that the same risks live inside the general-purpose AI tools students already use, not only in dedicated companion apps? Given several services rely on self-declared age, do device-level controls and supervision carry the load rather than the vendor's word? Have you helped parents understand the difference between a study tool and an always-available confidant, and what healthy boundaries look like at home?
Within a day of each other, the two platforms most schools already run put AI directly in front of students. The feature detail matters less than the shift. Microsoft added free AI tools to Microsoft 365 Education, including an AI "learning coach" for students and a per-assignment control that lets a teacher allow or block AI on each task. Google connected Google Classroom to its Gemini AI, so a class's existing assignments, grades and materials can flow into the AI, with Chromebook controls to keep a student on an approved tool. The one thing to hold onto: in both cases the student-facing AI stays off until an administrator at your school turns it on. The decision is yours, not the vendor's.
When AI for students arrives inside the platform that already holds your logins and coursework, that is a governance decision, not just a new feature, and it is one to make deliberately rather than let happen by default.
Worth checking — Has someone actually made and recorded the decision on whether to switch student-facing AI on, checked against your data handling and the Children's Online Privacy Code (in force 10 December 2026)? If teachers can allow or block AI assignment by assignment, has the school set one consistent default rather than leaving it teacher by teacher? Do parents know that coursework and grades may pass through these tools?
Queensland's Reportable Conduct Scheme came into effect on 1 July 2026 under the Child Safe Organisations Act 2024, regulated by the Queensland Family and Child Commission (QFCC). Every Queensland school, across government, Catholic and independent sectors, is now a reporting entity. Schools must have systems to prevent, receive, notify and investigate allegations of reportable conduct (child abuse or misconduct) by workers and volunteers, and must let concerns about the head of the entity be reported directly to the QFCC. Once the head of an entity is told of a concern, they must file an initial report with the QFCC within three business days, an interim report within 30, then a final report. Failing to notify can result in a fine of more than $17,000 for the head of entity. The scheme sits alongside the 10 Child Safe Standards, which have applied since 1 October 2025.
This is a live statutory scheme with a monetary penalty, commenced this month, that lands squarely on the head of the entity. It is the sharpest of a wave of new obligations landing in June (see the board section). It is Queensland-only for now, but Victoria, NSW, the ACT and Tasmania already run equivalents and South Australia is implementing one, so multi-state groups carry different obligations in each jurisdiction.
Worth checking — Is your "head of entity" identified, and is the QFCC notification workflow (the three-business-day initial report, then interim and final) built into your child-safety, HR and complaints processes? Are all staff and volunteers trained on what counts as reportable conduct and how to raise a concern, including a concern about the head of entity? Is this mapped alongside your existing duties (mandatory reporting, Blue Card, and the Child Safe Standards), not treated as a replacement for them?
We read the month's signals as evidence of standing governance questions the board already owns, not as new incidents to absorb. Two board matters this month, of different kinds. Either stands on its own: use one or both.
How AI is used across the school, by students, by staff, and inside the platforms the school already runs, is now a standing governance matter rather than a future project. The question is not whether the school uses AI. It is whether the school holds a deliberate, documented position on how AI is used and where its risks sit, and how the board sees evidence that position is holding between the moments it asks.
AI is already in the building from three directions at once. Harm reached students directly: deepfake image abuse at a named school, companion apps used by an estimated 200,000 children with real safety gaps, and a senior cohort penalised for AI use in a formal assessment. The regulator moved, with the first enforcement action against a 'nudify' service and the Age-Restricted Material Codes now live. And the tools arrived inside the core platforms, with Microsoft and Google both putting student-facing AI into the systems the school already runs, switched on at the school's discretion. A firm date sits behind all of it: the Children's Online Privacy Code and the automated-decision-making disclosure obligations both commence 10 December 2026.
Have we assessed the risks of the AI tools already in use, those being proposed, and those arriving through vendor updates to platforms we already run?
What controls sit around them, and does our AI policy set out clear expectations and a stated risk appetite? AI is here now, and managing it in retrospect, after an incident or an audit asks the question for us, is no longer a defensible position.
A current-state read on three things: where AI already reaches our students and staff (tools in use, companion-app exposure, platform features enabled), what we have deliberately decided to switch on and why, and our line of sight to the 10 December privacy obligations, with a named owner against each. A structured AI governance self-assessment covers this ground in a single pass.
New compliance obligations arrive continually, in different states, with different triggers. The board's standing question is not which obligation is newest. It is whether the school holds a single, current view of the obligations that apply to it, each with an owner and a date, or whether it learns of a gap at the next registration review or inspection.
June brought five new obligations, two commencing on 1 July. For each, the question is whether it applies where the school operates, and the answer usually comes with an equivalent elsewhere:
Which of these obligations apply in the states we operate in, and does each have a named owner and a due date?
Two of the five carry a monetary penalty, and two are conditions of registration where the check is a spot inspection, so "we will get to it" is a live exposure rather than a safe deferral.
A single obligations register: each row an obligation, the jurisdictions where it applies (and the equivalent where it does not), a named owner, a due date, and a one-line status. One view the board can return to, rather than five separate inboxes.
Received this as part of a board pack? The monthly briefing is free to school leaders at arvoe.ai/external-signals.
| Signal | Date | State | Source | Score |
|---|---|---|---|---|
| Microsoft embeds free AI tools into Microsoft 365 Education | 24 Jun | INT | Microsoft EducationAUTHORITATIVE | 7 |
| Google launches Gemini in Classroom and Chromebook AI controls | 25 Jun | INT | GoogleAUTHORITATIVE | 7 |
| QLD expands 'Corella' generative-AI tool to all state teachers and Years 7 to 10 | Jun | QLD | QLD Dept of EducationPRIMARY | 5 |
| Castlereagh Statement, a national cross-sector AI-in-education green paper | Apr–May | AU | castlereagh.aiCREDIBLE | 5 |
The two platform moves are the ones to govern deliberately, because student-facing AI now ships inside the systems schools already run, gated only by an administrator toggle. Queensland's state-built tool, with data stored locally and a parental-consent workflow, firms up a precedent independent schools will be asked to match. The Castlereagh Statement is a non-binding national compass worth a position, not an action.
| Signal | Date | State | Source | Score |
|---|---|---|---|---|
| Senior-secondary students penalised for AI use in a VCE assessment | Jun | VIC | ABC NewsCREDIBLE | 8 |
| 2025 NAP-ICT Literacy: Year 6 at 50%, Year 10 at 37% (lowest since 2005) | 27 May | AU | ACARAPRIMARY | 6 |
| VIC to require planned device-free learning time in secondary schools from Term 1 2027 | 15 Jun | VIC | Premier of VictoriaPRIMARY | 5 |
| WA funds $4.6M to scale 'WA ClassmAIte' teacher-workload AI tool to 100-plus schools | 9 May | WA | WA GovernmentPRIMARY | 5 |
| NZ to embed AI across the refreshed Years 11 to 13 curriculum (phased 2028 to 2030) | Sep 2025 | NZ | NZ GovernmentPRIMARY | 3 |
| AERO under independent KPMG evaluation (report pending) | Jun | AU | C4IE and AAREAUTHORITATIVE | 2 |
The assessment-integrity case is the sharp end. Underneath it, ACARA's data quantifies the problem the case illustrates: digital-literacy proficiency is falling as student AI use rises, which is why AI-detection tools alone will not hold. Victoria's device-free requirement and WA's workload tool are the policy bookends, one pulling devices back and one leaning AI in.
| Signal | Date | State | Source | Score |
|---|---|---|---|---|
| AI 'nudify' deepfake abuse of students (independent school in TAS, around 21 targeted) | Jun | TAS | eSafetyPRIMARY | 7 |
| AI companion apps and safety gaps, around 200,000 AU children affected | 24 Mar | AU | eSafetyPRIMARY | 7 |
| First eSafety Direction to Comply against a 'nudify' service (14 days, $49.5M exposure) | 19 May | AU | eSafetyPRIMARY | 7 |
| QLD 13-year-old charged with a violent-extremist-material offence after a school threat | 1 Jun | QLD | Queensland PolicePRIMARY | 7 |
| NSW makes a compliant anti-bullying policy a school-registration condition from Term 1 2027 | Jun | NSW | NESAPRIMARY | 6 |
Two distinct AI harms, image-based abuse and companion-app wellbeing gaps, plus a violent-extremism charge involving a primary-aged student. The common thread for the AI harms is that they reach students through their own devices, so device-level controls and a rehearsed response plan carry more weight than policy wording alone. The NSW anti-bullying change moves student safety into registration risk: from Term 1 2027 a compliant, published policy with a roughly two-school-day response standard becomes a condition of registration, checked by NESA spot checks.
| Signal | Date | State | Source | Score |
|---|---|---|---|---|
| Queensland Reportable Conduct Scheme commences for schools | 1 Jul | QLD | QFCCPRIMARY | 7 |
| SA extends disability exclusion and reporting duties to non-government schools (from 1 Jan 2027) | Jun | SA | SA Dept for EducationPRIMARY | 5 |
| QLD passes Education and Other Legislation Amendment Bill (QCE international, NSSAB, QCT governance) | 24 Jun | QLD | QLD GovernmentPRIMARY | 5 |
| NSW mandates explicit hate-speech prohibition in registration manuals | 3 Feb | NSW | NESAPRIMARY | 7 |
| VRQA redrafting Minimum Standards guidelines, final Term 3 2026, applies 1 Jan 2027 | Jun | VIC | VRQAPRIMARY | 4 |
| EU AI Act classifies education AI (admissions, grading, proctoring) as high-risk | Jun | EU | EU AI ActPRIMARY | 4 |
The volume here is the story, and two patterns sit inside it. NSW is tightening what a registration condition requires: the hate-speech prohibition (already in effect) and the anti-bullying policy condition (from Term 1 2027) both make a specific, published document a precondition of registration, checked by spot checks. And two duties commenced on 1 July at once: Reportable Conduct in Queensland, and the NSW WHS codes duty (under Workforce). Queensland's legislation is enabling rather than a deadline, but it shifts the NSSAB and QCT settings the non-state sector operates under. The VRQA and EU items are direction-of-travel, the EU one reaching schools through their vendors.
| Signal | Date | State | Source | Score |
|---|---|---|---|---|
| NSW makes approved WHS codes of practice enforceable (s 26A), including the psychosocial-hazards code (1 Jul) | 1 Jul | NSW | SafeWork NSWPRIMARY | 6 |
| VIC government schools agreement rejected at member ballot; protected action to escalate | 18 Jun | VIC | AEU VictoriaAUTHORITATIVE | 6 |
| VIC Catholic staff Day of Action; IEU pursues multi-employer bargaining (FWC hearings Jun) | 29 May | VIC | EducationHQCREDIBLE | 6 |
| ACT public-school teachers hold a full-day strike; all public schools closed 11 Jun | 11 Jun | ACT | EducationHQCREDIBLE | 5 |
| Teacher Standards (APST) review under way; first consultation around July 2026 | Jun | AU | AITSLPRIMARY | 3 |
The bargaining through-line is unresolved deals and a rising pay benchmark, which lifts recruitment competition even for non-party schools. New this month is the NSW WHS codes duty: from 1 July approved codes of practice become the benchmark an inspector measures against, making a documented, code-aligned control map for workload, occupational violence and bullying the expected minimum, with new civil-penalty exposure.
| Signal | Date | State | Source | Score |
|---|---|---|---|---|
| FWC Annual Wage Review: award minimums rise 4.75% from 1 July 2026 | 2 Jun | AU | Fair Work CommissionPRIMARY | 5 |
| ACARA: 27.0% of students received a disability adjustment in 2025 (up from 18% in 2015) | Jun | AU | ACARAPRIMARY | 6 |
| UK edtech-market assessment recommends a six-dimension procurement evidence bar | Jun | UK | UK DfEPRIMARY | 3 |
The wage decision is the immediate one, because the new legal floor lands on award-reliant roles (relief, support, smaller independents) from the first full pay period in July. The disability-adjustment trend carries both a funding-loading and a documentation-workload dimension, the latter a live IR flashpoint. The UK procurement bar is a ready-made template worth adopting early.
| Signal | Date | State | Source | Score |
|---|---|---|---|---|
| Ransomware group publishes stolen school data (passport scans, plaintext credentials) | 23 Jun | SA | Cyber DailyCREDIBLE | 6 |
| Educational publisher breach, around 116,000 customer records posted incl. school affiliations | Jun | WA | Cyber DailyCREDIBLE | 5 |
| A South Australian government school takes all ICT systems offline after a breach | Jun | SA | Cyber DailyCREDIBLE | 4 |
The ransomware leak is the sharpest: a South Australian government school became a ransomware group's first claimed Australian victim, with passport scans and plaintext credentials confirmed in the dump. The failure modes are sector-wide: treat exposed credentials as compromised, check for any plaintext credential storage of your own, and confirm where identity documents (especially for international students) are held.
Every month we scan the full policy, technology, social, economic, legal and environmental landscape affecting Australian schools, across all sectors rather than only independent. From that, we surface only what clears verification. Fewer, higher-confidence signals beat a large scan count. This month, 32 signals cleared the bar. Signals are included by the date they cleared verification; the event date shown may precede the period.
Each signal is scored for relevance to schools and placed on a horizon (how soon it lands) and a set of risk domains. The risk weather combines severity and immediacy into a single read per area, so you can see where the pressure sits and track it month to month.
Every signal is independently verified against a primary source and re-validated before publication. Where a figure or detail comes only from secondary reporting, we say so and do not rely on it. We do not name schools involved in adverse incidents. The lesson travels without the name.
This is a briefing to help you see what is coming and ask better questions. It is not compliance advice, and not a substitute for your own legal, IR or child-safety processes.
Want a signal read against your school's specific profile?
If a signal in this edition warrants a closer look against your school's specific profile, reply to the email this briefing arrived with.

We help schools unlock AI with confidence, so our kids can thrive in an AI world.
Ryan Speak · ryan@arvoe.ai · arvoe.ai/external-signals