Yesterday I heard a lecture by Peter Schaar, who had worked 10 years as chief of a German governmental institution responsible for issues of information security and freedom (Bundesbeauftragter für den Datenschutz und die Informationsfreiheit), on the question of what could be done against the total surveillance on the Internet. In my understanding (i.e. if I didn't err) he couldn't in the field of technology (Schaar considered also laws and international treaties) concretely delineate any practically (politically, economically etc.) feasible and optimal measures against the total surveillance but instead only point to the following commonly known broard directions: (1) Separate routing/hosting network, (2) Anonymous/pseudonymous usage, (3) Encryption.
However, IMHO (1) is difficult/costly to be rendered really secure, if done on the scale of a nation or nations, though it could under circumstances be feasible on the scale of a commercial firm or a government institution for limited purposes/applications, (2) is difficult to be rendered really secure (cf. my recent thread "Tor is insecure") or else rather inconvenient to be employed, (3) is either difficult to be rendered secure and hard to obtain wide user acceptance (in case a certain standard encryption software is prescribed to be employed generally by all people) or else is difficult and/or inconvenient to be done by most common people (in case of diversity of software, due to their lack of knowledge to choose and use the right encryption software and requirement of appropriate key management).
So it seems that the mass of common people couldn't do any better in respect of the erosion of their privacy than e.g. in respect of the alarming global climate changes, namely sitting down and observing all the evils happening but are virtually entirely powerless to do anything worthy of the adjective "effective" against them.