Opsec is always important remi, especially thanks to
@FBI-chan watching me all the time.
In all seriousness OPSEC is very important regardless but I'm unsure how this relates with Mister Kirk over here who was a public figure and has been for a while having no need to conceal whom he was since the state or any major threat actor wasn't after him.
It really depends on your own threat Model and what kind of adversaries you are going to be up against whether it's Local, National or International Law enforcement agencies, you'll need to have a good idea on what kind of target you got on your back and if it's big or small. Depending on what you're doing and the position you're in, most people are pretty low level that basic OPSEC would be fine just don't do anything that may compromise your identity and you'll be fine since it's mainly just staying away from scary malware is what you'll mainly be protecting yourself from. For the average person what you're suggesting is more than enough, but if you wanna be a true ghost or you're Edward Snowden leaking the NSA's global surveillance network.
There are a few tools for you:
Mainly Tor, the onion routing network/dark web we all know it but it's a powerful tool to be anonymous online however you should exercise extreme caution when using it, however inside the browser itself there are settings you can change to mitigate your fingerprint as much as possible on top the already good protections enabled by default. (Don't use the mobile version it's not as secure as the desktop one)
TailsOS is an operating system that routes everything through Tor, and is designed in such a way you'll be virtually indistinguishable from someone else using it however it's not without it's vulnerabilities and shares many of them with Tor itself. It runs purely from Memory so nothing is written to the hard-disk and it's overwritten upon shutdown so the computer has no evidence that it even ran it in the first place.
Whonix is also another similar tool it works within Virtual Machines such as virtual box running on top of your existing OS, making it extremely secure as even if your VM gets compromised it would only infect the desktop environment running in it's own compartmentalized machine, as it would need to infect the gateway as well then break out of virtualization software. Whonix is recommended for those who need really strong security and has a computer good enough to run it (A multi-core CPU is recommended for this) if your computer is kinda on the low end then Tails is good enough.
Now with Mobile Phones, the only thing I recommend is Degoogled ROMs like LineageOS and GrapheneOS, Google is a large big tech company that collects all of your data and sells it to advertisers, other companies like Facebook/Meta and Amazon and of course Governments on request it's also a good Idea to leave the SIM off or Stay disconnected from the phone network (if you don't need to) as cellular data is a good way to track you especially if you leave your home.
The main thing about taking these paths is that you need to strike a balance between your own professional or personal life and maintaining your privacy, many people don't use privacy services and prefer to stay on Big Tech platforms especially true with family members as everyone uses them, you could try and encourage them to swap to privacy focused services but many do not because again they'd also have to cut contacts.
Privacy online is a spectrum and depending on your situation and preferences it's up to you to decide on how secure and private you should be based on what tools are available if you want to prevent certain eyes from snooping in on you. Nothing is a one size fits all solution and it changes on where a person is, how much protection they want and if they are willing to make compromises.
Many find the privacy route too inconvenient or costly and would rather be fine with the mass surveillance cause of the "Nothing to hide" logical fallacy or they just don't care and gave up trying. The deeper you go the more you have to like Trust in something because you'll go into shit like "can you even trust the hardware on your device?" and those kind of things especially when dealing with State level threat actors. Anyways i'm done filling this thread up so I'm gonna do something else
tldr: if you wanna opsec max, stop using jewgle and windows then start using linux and tor.