JACQUELINE D. LIPTON, 2022, Our Data, Ourselves: A Personal Guide to Digital Privacy, Oakland: University of California Press, 224 pp., ISBN 9780520390508

Keywords: digital privacy, privacy law, US, digital marketplace, individualism

In Our Data, Ourselves, Lipton provides a thorough overview of digital privacy in nine domains of American life: home, work, social media, children’s data, school, the digital marketplace, health, money, and the government. The book also has a chapter dedicated to digital privacy laws in the EU and a concluding chapter where Lipton ruminates on the future of digital privacy given present legal challenges. The biggest challenge is that the US has “never had – and likely will never have – strong legal privacy protections” on a federal level (197). As Lipton points out, this is problematic in the digital age, where various institutions and organizations take our personal data for scientific study, efficiency, profit, surveillance, and more. Moreover, the documents made available to us, which outline how our data is being collected and for what purpose, are often difficult to parse. For example, tech companies’ terms of service (TOS) and HIPAA consent forms ostensibly exist to inform consumers yet are written in an inaccessible legal register. Lipton tackles these issues through offering detailed explanations of 1) digital privacy issues in each domain of life; 2) the pertinent laws and legal attempts that seek to address the lack of privacy protections in the US; 3) what we – as individuals – can do to protect our digital privacy and personal information. Thus, the book should be understood as a guide for individuals that draws on the author’s legal expertise to inform people about contemporary challenges to personal privacy in the digital era.

How effective is Lipton’s attempt to explain the complex legal and political terrain of privacy to the average user without a legal background? I think Lipton writes effectively in this sense, although, of course, I am reading from a standpoint of relative privilege. The main thrust of the book is clear: in lieu of a sweeping federal privacy law, privacy issues in the US are addressed through a web of state and federal legislation. Individuals’ health information privacy, for example, is protected on the federal level under the Health Insurance Portability and Accountability Act (HIPAA) (p. 144). Meanwhile, tort law – which concerns “situations where the law allows one person to sue another for causing [civil] harm” – operates on the state-level (pp. 34-35). For instance, doxing – “the gathering and publishing of private information, which may be aggregated from publicly available websites or require physical and/or digital incursions into a person’s private space” – is usually addressed through tort law (p. 35). In contrast, several European countries consider privacy a basic human right through Article 8 of the European Convention on Human Rights (ECHR) (p. 131). Lipton does a fair job of defining terms, clearly describing the histories of various legislation, and outlining the implications of laws addressing digital privacy for business interests and individual freedom of speech.

Yet, Lipton’s individualistic framework is limited at best and neglectful of systemic violence at worst. First, she takes the social, political, and economic factors shaping her audience’s lives for granted. Reading this book as anthropologist, I got the sense that she reflected little on the inequalities among potential readers. This is particularly evident in the last section of each chapter, titled “Privacy Tips and Tricks,” where she lists the steps individuals might take to safeguard their privacy in each domain. In several chapters, she recommends that people read