A human-rights-aware pre-deployment risk discovery platform that finds blind spots, legal obligations, and hidden harms before a product, service, process, or policy goes live.
"Preventable digital harm should never be the cost of innovation." — Away from Keyboard Inc.
Alt-TAB is a multi-domain risk discovery and governance support platform designed to identify gaps between perceived risk and actual risk. Rather than evaluating answers in isolation, Alt-TAB examines the relationship between user responses, deployment intentions, product descriptions, and identified harm pathways to generate tailored recommendations and action plans.
The platform combines: structured risk indicators, contextual product analysis, consistency checking, blind spot detection, compounding risk analysis, human rights due diligence principles, Safety by Design methodologies, jurisdiction-specific legal obligations, accessibility and inclusion considerations, cybersecurity baseline assessment, child safety and safeguarding requirements, and technology-facilitated abuse risk modelling.
Alt-TAB sits at the intersection of AI ethics, human rights due diligence, Safety by Design, and governance practice. It is simultaneously a risk assessment, an ethics review, a compliance aide, and a blind spot detection tool. but is most accurately described as a pre-deployment risk discovery platform.
Most harm caused by technology was preventable. It simply was not anticipated or questioned early enough. Technology moves fast. Reflection rarely keeps pace. In many build cycles, nobody stops to ask who could be harmed, what unintended consequences may emerge, or what risks are being created for users, creators, and the organisations behind the product.
Across the entire history of the tool, only one assessment has ever reached strong readiness. These are not outliers. This is what happens when no one has ever asked the right questions before.
Gender equality, child protection, disability access, Indigenous data sovereignty, family violence risk, and inclusion. Who does this affect? Who gets left out? Who is carrying a risk they don't know about?
AI tools, data systems, and digital platforms can be weaponised for coercion, exploitation, and abuse. Screened in every single assessment regardless of product type. Builders almost never see this coming.
Data flows, threat vectors, access controls, and exploitation pathways. Digital harm is a systems vulnerability, not only a social one.
Stage 1: Domain screening and consistency analysis. Nine domain questions cover children and young people, vulnerable and marginalised groups, data collection and consent, private interaction and exposure, potential harm severity, safeguards and controls, accountability, transparency, and accessibility. The plain-language product description appears after these nine questions, not before. This ordering is deliberate: by the time the builder describes their product, their domain answers are already recorded. The system cross-references what they said in the domain questions against what they describe, and contradictions are surfaced as findings. A builder who answers "No, this doesn't affect children" and then describes a family finance platform has revealed a gap that a conventional questionnaire would miss entirely. This description-after-answers mechanism is the primary consistency detection method.
Three mandatory screens run in every assessment regardless of domain answers. Child safety is the highest-priority screen: it applies to every product without exception, because children encounter technology designed for adults and almost no builder considers child safety when it is not the obvious purpose of their product. Technology-facilitated gender-based violence is screened across five harm categories: intimate partner violence, workplace coercion, state surveillance, online harassment, and image-based abuse. Cybersecurity is assessed against ASD Essential Eight Maturity Level 1 for any product that collects or stores data. These screens exist because builders do not identify these risks themselves. That is why they are mandatory. Jurisdiction calibration identifies which specific legal obligations apply, including MARAM for Victorian prescribed organisations, GDPR for EU users, and AIATSIS for First Nations impact. Follow-up questions are written fresh for each submission based on what the description and domain answers reveal.
Stage 2: Readiness scoring and report generation. The readiness score (0–100) is calculated as: Stage 1 domain answers 30% (base awareness), follow-up responses 50% (yes = full credit, partially = half credit, no = zero), and deployment strategy quality 20%. A consistency signal applies a downward adjustment when the description reveals the builder significantly underestimated their own risk profile. reinforcing the importance of the description-after-answers design. The report includes: a unified assessment summary, blindspot analysis in four categories (confident ignorance, missing context, false safety, second-order risks), recommendations split between legal obligations and ethical best practice, a 30-day action plan with specific first steps, and five questions to bring to a board or team. The report is downloadable as PDF with a verification reference code. Nothing submitted is stored.
Framework tiers. Six Tier 1 frameworks apply to every assessment regardless of product type: UNESCO Recommendation on the Ethics of AI (2021), OECD AI Principles (updated 2024), UNICEF Guidance on AI and Children 3.0 (2025), UN Guiding Principles on Business and Human Rights, NIST AI Risk Management Framework, and the eSafety Commissioner Safety by Design framework. Twenty-nine Tier 2 frameworks apply conditionally when specific domains or descriptions trigger them. covering child safety, privacy and data, technology-facilitated gender-based violence, cybersecurity, disability and inclusion, Indigenous data governance, AI governance, and mental health.
Certain they're fine without evidence. Caught by consistency detection.
Gaps in understanding who is actually affected, particularly vulnerable people.
Safeguards that don't protect against the actual risk.
Foreseeable misuse the builder hasn't considered.
35 frameworks simultaneously. Applied based on what your description reveals. Most tools cite one or two.
Can't be gamed. Consistency detection checks your description against your answers. Confident ignorance gets flagged even when all nine questions are answered positively.
MARAM-aware. A legal obligation for Victorian prescribed organisations in health, housing, legal, and social services. Alt-TAB screens for it. Most technology procurement processes don't.
Jurisdiction-specific. Australian law for Australian products. GDPR where EU users are involved. MARAM for Victorian sector products. AIATSIS and CARE Principles for First Nations community impact.
Assessment type calibration. A community group migrating client records gets different questions than a startup deploying AI. Same rigour. Right language.
Built for everyone. Community groups, sole traders, NGOs, startups, educators. No account. No specialist knowledge. Genuinely free.
Actually private. Nothing submitted is stored. A structural design decision, not a policy.
Child safety in every assessment. The greatest risks are not always the most obvious. Child safety is Alt-TAB's highest-risk category and is screened regardless of whether children are mentioned. The question asked is not "is this a children's product?" but "could a child be harmed by this?"
Anyone deploying technology or changing a digital process. Community organisations. Sole traders. NGOs. Startups. Government teams. Educators. If you've ever wondered whether you've thought this through carefully enough, this is for you. No account. No login. Free.
Away from Keyboard Inc. is an Australian registered charity focused on upstream harm prevention at the intersection of digital safety, child safeguarding, family violence prevention, and ethical technology governance. Alt-TAB is its flagship prevention tool, launched at the United Nations Commission on the Status of Women, New York City, 12 March 2026.
Peer review status: Alt-TAB is currently seeking independent academic peer review of its methodology and assessment framework. This document represents the current methodology as designed and deployed. It has not yet undergone formal external peer review. We are transparent about this because the tool's credibility depends on honest disclosure of what has and has not been independently validated. If you are a researcher in technology ethics, child safety, privacy law, or human rights and would like to engage with this work, please contact info@afk.org.au.
AFK holds accredited UN delegate status and presents at WSIS Geneva in July 2026. The founder personally serves as Co-Vice Chair of the IEEE Industry Connections Activity on AI Used in Evaluating Family Violence (IC25-008) — a role held in an individual capacity, independent of Alt-TAB: "Inclusion Without Safety Is Not Empowerment: Automation Is Scaling Harm Faster Than We Can Respond."
AFK is not anti-innovation. It is pro-responsibility. Prevention and progress are not competing forces. They require each other.
Run your own free assessment. Takes 15 to 20 minutes. Includes a 30-day action plan and PDF report.
Start your free assessment →Applied simultaneously, selected based on your product description, jurisdiction, and user context. Plain-language explainers for every framework at alttab.afk.org.au/resources
Away from Keyboard Inc. acknowledges the Traditional Owners of the lands on which we work, the Wurundjeri Woi-wurrung and Bunurong peoples of the Kulin Nation, and pays respect to Elders past and present. We acknowledge that sovereignty was never ceded.