From the debacle that led InBloom to close its doors to Google's announcement about data mining in Apps for Education, press surrounding the debate over student data use has been largely negative. While there are obvious concerns that should be addressed, the backlash may not be entirely justified.

According to the Data Quality Campaign, an organization that advocates for effective student data use at the state and federal level, much of the concern — and spread of fear — surrounding the issue could be alleviated with more effective communication and transparency. "Communicating what the laws [FERPA and COPPA] actually do —​ people don’t understand what they do," says Kristin Yochum, DQC's director of federal policy initiatives. "They believe what people tell them they do, because nobody’s going to dive into these laws."

FERPA, the Family Educational Rights and Privacy Act, was originally passed in 1974 — when "computers were the size of this room," jokes Yochum — and has been updated on numerous occasions since. Under FERPA, a vendor contracted with a school system is required to adhere to the same data handling guidelines as schools and districts. "COPPA (the Children's Online Privacy Protection Act, passed in 1998) applies to vendors like Google," says Yochum, "who might get their hands on data through other purposes — through an app that might be used in the classroom."

"It's a lot easier to be afraid of something when there's a vacuum of information," adds Dakarai Aarons, the DQC's director of communications and external affairs. Understanding these laws is the first step to addressing the confusion and misinformation surrounding student data collection and use, but what are some of the biggest myths out there? Here are four that educators should be aware of and ready to address when concerns arise.

1. Vendors are free to use student data for commercial purposes

FERPA specifically states that a vendor contracted for a specific purpose can only use data collected for that purpose. It cannot legally be sold for marketing or any other purposes. Additionally, the U.S. Department of Education has even issued guidelines on the proper method of destroying that data once it has served its purpose, because, as Yochum says, "you can't just run it through the shredder anymore."

The way that FERPA reads is that if a vendor has been contracted for a specific purpose, they may only use the data for that purpose and then they have to destroy the data when that purpose has been completed. And the Department of Education has released guidelines on the return or destruction of that data once it has served its purpose, because, of course, you can’t just run it through the shredder anymore.

COPPA also forbids the sell of data gathered from applications for commercial or advertising purposes. It can be used to build products that provide greater benefit to students, but even then it requires permission from parents, though the school can provide permission on parents' behalf — in which case parents still have the right to go back and say, "Except for my child."

2. Student data collection will result in a federal database

Beyond the allegations that vendors could turn a profit on the sale of student data, a huge myth spread by fear-mongers is that companies like InBloom are complicit in an effort to establish a federal student database. Just as FERPA and COPPA prohibit the commercial use of student data, the Education Sciences Reform Act (ESRA), an updated reauthorization of which was passed last week by the U.S. House of Representatives, prevents the creation of such a database — though it does fund state longitudinal data systems.

Per Section 182 of Part E: "Nothing in this title may be construed to authorize the establishment of a nationwide database of individually identifiable information on individuals involved in studies or other collections of data under this title."

Ultimately, just like the rumors that the Common Core establishes a national curriculum, the myth of a national student database is debunked by laws currently on the books.

3. The Bush or Obama administrations weakened FERPA

Both the Obama and Bush administrations have taken the blame for allegedly weakening FERPA when the law was updated in 2009 and 2011. (Though it went into effect after Obama took office, the 2009 update was initiated by the Bush administration.) Ultimately, these updates were generally codifying practices that had been in place as long as decades. 

"[The Education Department] would get the same question 51 different times from the states because it wasn’t in regulation or legislation anywhere," says Yochum. "There are members of Congress who are concerned that wasn’t as open a process as it could have been, and that’s why there has been some support or some echoing of that common refrain that these regulations weakened FERPA. But the bottom line is that they didn’t."

Still, these laws were admittedly passed in a time prior to much of the technological tools that currently exist. Just as FERPA was passed in a time when computers were the size of a room, COPPA was passed in 1998 and includes such outdated terms as "electronic message boards." Updates made today could theoretically be outdated as soon as the end of the year, so it is perhaps time for a much more flexible and easily updated law.

4. States are stuck with what FERPA and COPPA say

While there's more work the federal government could do to improve these laws, they are absolutely not the be-all, end-all when it comes to regulating student data use. The federal law provides the foundation to prevent much of what people are worried about, but each state is free to build on and improve them as they see fit, in accordance with the specific concerns of their citizens.