Sustainable privacy improvement starts with doing less, not more.

There is a specific kind of tired that comes from reading too much privacy content. You start with a reasonable question, how do I make my browsing a bit safer?, and within twenty minutes you've encountered seventeen incompatible recommendations, three products you've never heard of, and the strong implication that your current setup is a disaster. You close the tab. Nothing changes.

That experience is called privacy fatigue, and it's a normal response to a genuinely overwhelming space. The problem isn't that you don't care enough. The problem is that most privacy advice isn't written for people with limited time and competing priorities. It's written for people who've already decided this is a project they're taking on.

Why the overwhelm happens

Privacy advice tends to arrive as a list of everything you should be doing. The list is long because there genuinely are a lot of things you could do. But a long list of good options is functionally the same as no advice at all if you don't know where to start or how to choose.

The psychological weight of an uncompleted list is also real. Every item you haven't acted on becomes a small, quiet source of guilt. Over time that guilt accumulates until it's easier to stop reading entirely than to keep carrying it.

Small changes stick better than large ones

Research on habit formation consistently shows that small, specific, low-friction changes are more durable than ambitious ones. A change you actually make and keep is more valuable than a theoretically ideal change you abandon after two weeks.

In practice, this means that switching to a privacy-respecting browser and actually using it is worth more than installing Tor Browser, getting confused by it, and reverting to Chrome. Installing a password manager for one account and building comfort with it is worth more than deciding to migrate everything at once and giving up on day three.

You don't have to protect everything

One of the most useful shifts in thinking about privacy is moving from "protect everything" to "protect the things that actually matter to me, given my situation." Not everyone has the same risks. Not everyone has the same motivation or capacity for friction.

A journalist with sources to protect has different needs than someone who mainly wants fewer intrusive ads. Both are valid. Neither is obligated to do everything on every list.

Threat modeling, the practice of thinking about what you're actually trying to protect and from whom, is the tool that makes this concrete. It's not a complicated process. It's just a structured way of giving yourself permission to focus.

What rest actually looks like here

If you're in a period of privacy fatigue, rest is useful. That might mean closing the tabs, pausing the reading, and letting the topic sit for a week. You don't lose what you've already changed. Your browser settings don't revert because you stopped thinking about them.

When you come back, a calmer entry point helps. Pick one specific question, not "how do I improve my privacy" but "what should I do about my passwords", and follow it to one answer. Act on that answer. Stop there for now.

The goal isn't to finish. The goal is to keep making occasional small improvements that add up over time. That's a reasonable and achievable version of better privacy, and it doesn't require burning out to get there.

Pick one thing, just one, that you've been meaning to change. A browser switch, a password manager for one account, turning on two-factor authentication somewhere. Do that one thing this week and stop there.

• Threat modeling
• Getting started with privacy
• Start Here