DepEd OKs classroom AI, now we must build the safety control

When a powerful generative AI (GenAI) chatbot was released in 2022, we have spent the succeeding years debating whether it belongs in our classroom. With the Department of Education (DepEd) officially greenlighting AI use, that debate is over. Now, governing AI use in classrooms follows a more difficult discussion: How can we control for AI use so that it is safely integrated into our classrooms?

On February 20, 2026, recognizing that AI adoption had “outpaced” the existence of “enforceable policies,” DepEd issued Order No. 003, s. 2026 (D.O. 3)—Foundational Guidelines on Artificial Intelligence in Basic Education—signed by Education Secretary Sonny Angara, as the first comprehensive national guideline for AI in basic education. Weeks earlier, on January 9, 2026, the government launched Project AGAP.AI to build AI literacy of 1.5 million students, teachers, and parents. Together, these initiatives form the scaffolding for safer AI-integrated classrooms.

Through the D.O. 3, DepEd laid the groundwork on governing inherent AI risks such as data privacy breaches, misleading content, and uneven application of AI tools. GenAI, however, notoriously produces implementation and deployment risks on how students come to know things, and D.O. 3 leaves schools and teachers to manage that risk by being the front line, first responders in governing AI on the field.

Article continues after this advertisement

DepEd laid the essential groundwork

D.O. 3 adopts a risk-based classification guideline designed to protect “human agency” and “promote inclusion.” To operationalize its principles, the guideline uses several pre-deployment mechanisms to evaluate AI tools and systems before they reach the classroom doors.

FEATURED STORIES

TECHNOLOGY

TECHNOLOGY

TECHNOLOGY

As its capstone, the Privacy Impact Assessment (PIA), mandated prior to deployment, evaluates risks to data protection, security, and child safety, ensuring compliance with the Data Privacy Act of 2012. Alongside it, a Digital Maturity Assessment (DMA) gauges whether a school has the technological infrastructure to host the tool at all. D.O. 3 also establishes the DepEd AI Registry to serve as the official record for all AI deployments, and categorizes tools into risk levels—Unacceptable, High, Limited, and Minimal—applying stricter regulations and requirements for high-stakes applications such as grading and admissions.

While these governance devices build a foundation for safe AI adoption, they function solely as pre-deployment filters of apparent AI risks. An AI deployed in a digitally mature public school may clear the PIA and sit comfortably in a limited-risk classification, yet still generate inaccurate narratives or exhibit bias. This is what GenAI does in classrooms. To govern it, D.O. 3 falls back to strict classroom-level oversight, and through filing an AI Use Declaration which only records usage and not impacts. Thus, current measures secure readiness and immediate safety, but lack an equivalent mechanism that secures the long-term knowledge process.

Strict human agency without concrete oversight devices introduces operational vulnerabilities

GenAI models inherently produce risks that are difficult to address without an expert. Even when users are expected to act as quality-assurance specialists, they are still susceptible to risks that affect the learning process: linguistic disparity, hallucination, and overreliance.

Article continues after this advertisement

Performance Disparities Across Regional Languages

D.O. 3 mandates the prevention of discrimination in AI-generated outputs. However, frontier GenAI models are probabilistic images of their training datasets. Only about five percent of the world speaks English at home, but 63.7% of online text is in English. Thus, most models trained on that distribution underperform on non-English prompts. An Araling Panlipunan teacher prompting a GenAI in Waray, Bisaya, or Bicolano is therefore interacting with a probabilistically weaker version. Moreover, if a frontier chatbot produced documented inaccuracies and bias even in English in 2024 (Incident #645), its performance degradation in Philippine regional languages is likely to be sharper and largely invisible to the user.

Confabulation and localized knowledge gaps

GenAI structurally produces confabulations—confidently stated false content. Because the bulk of frontier AI training data is Western-centric, inquiries regarding Philippine history, local realities, or indigenous narratives face a heightened susceptibility to hallucination due to knowledge gaps in the training datasets’ “cultural corpora.”

Global records indicate the blind spot’s scale. The MIT AI Incident Tracker logged 186 incidents relating to AI systems that “inadvertently generate or spread incorrect or deceptive information.” In 2024, Massachusetts high school students submitted AI-generated Advanced Placement (AP) U.S. History essays citing nonexistent books (Incident #843). Also in 2024, Alaska’s Education Commissioner used GenAI to draft a school cellphone policy that reached the state Board with fabricated citations (Incident #915). If an AP-level student and education commissioner both missed fabricated information, expecting basic education students and educators to catch them without structured mechanisms exposes them to that very risk.

Article continues after this advertisement

Long-term degradation of knowledge process

When users over-trust AI, it can result in automation bias and an erosion of critical thinking. The ASEAN Foundation reported that roughly three in four students and two in five teachers in the region use GenAI for their own writing tasks. Education is a primary site of this risk as overreliance can be particularly “dangerous” when students or teachers “may lack relevant expertise to robustly scrutinize the [AI’s] responses.”

This introduces the risk of cognitive automation, compounded by another GenAI phenomenon known as sycophancy—when the model flatters users by reconfirming their beliefs and misconceptions. When an AI system operates faster than a student’s own thinking and rarely challenges misconceptions, the ease of automation replaces the developmental struggle required to build actual academic skill.

DepEd must build its AI governance controls around its foundations

The Philippines hold institutional leverage over school access, public procurement, and system-level controls. To build enforceable governance, regulations must shift from isolated classroom oversight toward centralized epistemic auditing ecosystems with an independent auditing body. D.O. 3 already leverages two of the six Operational Process Controls in the MIT AI Risk Mitigation Taxonomy: Data Governance, through the PIA and DMA, and Access Management, through the risk classifications. The country’s National AI Strategy Roadmap 2.0 already points in this direction, committing to a “system for AI auditors and products.”

DepEd can complete the control ecosystem by building the remaining four controls—Testing and Auditing, Staged Deployment, Post-Deployment Monitoring, and Incident Response and Recovery—on the laid foundations.

Epistemic Impact Controls

D.O. 3 already requires that vendors submit “model cards, safety test reports (e.g., bias, toxicity, hallucination rates), [and] content provenance solutions.” DepEd can usefully add the specification that these safety-test reports must be benchmarked against for the Philippine context.

A standardized Epistemic Impact Assessment (EIA) would supply that specification. Drawing on the three post-deployment risks identified above, and on the inherent model behaviors, specifically for GenAI tools, the EIA would require that the safety-test reports document:

Comparative performance between English and major regional languages;

Performance on Philippine history, civic data, and local realities; and

Model’s resistance to sycophancy, and its safeguards against cognitive automation.

Where an AI developer is constrained to produce such reports, the same items can be carried forward as a Department-led research agenda. A complementary staged deployment requirement would enable continued safety validation as a tool’s access or capabilities expand, treating significant model updates as new deployments, pairing naturally with the Registry’s existing lifecycle states.

Dynamic AI registry monitoring

The DepEd AI Registry records the AI lifecycle status. D.O. 3 designates it as “the official reference for monitoring, evaluation, and transparency.” To realize it, the Registry must evolve into an active performance record, expanded to include safety-test data and failures logged during actual classroom use. If monitoring shows a tool exceeding acceptable localized failure rates, moving its status from “Active” to “Retired” must revoke its access across the entire public-school network.

An incident reporting system

While D.O. 3 explicitly requires AI incident reporting, the DepEd should immediately establish a lightweight, standardized workflow for classrooms to flag AI failures—hallucinations, confabulations, or sycophancy. In addition to this is a simple “digital incident form” easily accessible to teachers and students. For example, when an educator encounters a failure, such as a fabricated account of the 1986 People Power Revolution, a structured reporting channel must escalate the case to the controlling body rather than leaving corrections to a single classroom. Confirmed incidents feed the Registry and trigger the network-wide suspension when demanded.

Additionally, future guidelines should remain flexible enough to adopt automated failure detection algorithms, and benchmark them against Philippine datasets, as they mature.  Crucially, recovery must also be pedagogical: by tracking these incidents centrally, DepEd can issue targeted, corrective guidance to affected schools when learners have already absorbed an inaccuracy.

AI literacy and technical AI governance are co-dependent

While AGAP.AI can teach students and educators how to critically evaluate AI outputs, the proposed governance controls ensure they are evaluating AI outputs in a proactive environment. By demanding context-specific vendor accountability at the point of procurement and dynamic governance systems, DepEd can ensure that the “human-in-the-loop” safeguard envisioned by D.O. 3 operates within a secure and safe AI ecosystem.

Your subscription could not be saved. Please try again.

Your subscription has been successful.

Ethical AI integration is a continuous supply chain practice. Through proactive AI governance controls, policymakers can effectively manage the probabilistic realities of GenAI. Governing how AI outputs are received, assessed, and held accountable is the lever the Philippines actually holds—and D.O. 3 already gives us the handle. The question is whether we pull it before, or only after the first Filipino student enters the incident tracker.