Bingo. People are throwing up their hands and surrendering, when in reality, the bad guys tend to use fairly simple means to get their data.
A few things that help privacy for me:
1: Visit people, and have face to face conversations. Phones should go off, or in a pocket.
2: Have 2FA. This right here stops all but targeted attacks where an attacker is spending resources just to nail one certain person. To help with recovery, buy the new iPod Touch and copy your 2FA info onto that as well, so more than one device has the 2FA apps and codes.
3: Separate boot authentication from user authentication. My Windows box requires a hefty password to boot with BitLocker. Similar with my Linux machines and LUKS.
4: AdBlock, FlashBlock/ClickToPlay, and run your Web browser in a VM. Also work on dealing with Web fingerprinting (visit EFF's Panopticlick for more details.)
5: Avoid social networks. Once stuff goes there, it stays there.
6: Virtualize everything. Using Quickbooks or Peachtree? Put it in an encrypted VM.
7: Since some games will autoban you if you run them in a VM, perhaps consider a dedicated Windows partition just for those.
8: Here in the US? Go with EMV credit cards with no stripe. Banks are slowly rolling them out. This way, a credit card number can be grabbed, but it would be a card not present transaction, as opposed to slurping the info off the magstripe.
9: Minimize use of IoT devices. No Wi-Fi deadbolts, etc.
10: Have a smart firewall. One that blocks outgoing traffic. I used to have one that used a cheap remote that would raise/drop a voltage on a serial port, so when I left, I could hit the remote, and the machine handling the routing duty would insert an "away" ACL set (which basically blocked outgoing traffic except for OS updates.)