It depends entirely on your threat model. Start with privacyguides.org
For anyone simply not wanting to have their data scooped up en mass, you still have to defeat IP triangulation, browser fingerprinting, and shadow profiling. Our data is extremely valuable to some people, and they go to great lengths to get it.
It’s not all. Not by a long shot.
https://abrahamjuliot.github.io/creepjs/
Any recommendations for additions to the arsenal?
It depends entirely on your threat model. Start with privacyguides.org
For anyone simply not wanting to have their data scooped up en mass, you still have to defeat IP triangulation, browser fingerprinting, and shadow profiling. Our data is extremely valuable to some people, and they go to great lengths to get it.