Whilst I can't speak for others, I can for myself and I do take my privacy seriously and go to lengths to limit the information collected and shared.  There is less I can do about credit cards due to the ways they managed to get the laws written (can you say "special interests", I knew you could) but I use 1 card for me and a totally different one for work and never the twain shall meet except in the hands of the credit bureaus, all of which have freezes on my accounts.  I don't do banking, financial related, medical related, retirement related or other serious  privacy impacting activities on my phone (would be a bit tough on a non-smart phone; which I use as a phone — imagine that :-) ) or on Wi-Fi. My computers at home connect via cable and I use both a hardware and two (2) software firewalls.

FB is locked down and I don't post status comments, limit remarks to "happy birthday", "happy anniversary" and " "congrats".  And no pictures but a landscape from me and I routinely clear out what they think I like.  I'd dearly love a GDPR in the US, but am not such a fool to expect that to happen as it is no in the interest of big business and their lobbyist.  So, I will be content with locking things down as tight as I can: including two (3) different credit watch services and tracking/monitoring/behavioral analysis blocking extensions in my browsers and good old common sense, even if that is far from common nowadays. As is usually the case, widely cast nets always catch more than intended; I fall into the bycatch category. But that makes a point as well: broadly counched statements are generally wrong at one level or another.