“datum” is the singular, but you’re right that it’s not really grammatically plural since you’d say “the data was stolen” not “the data were stolen”. I think the latter would technically also be valid; my interpretation would be that the latter is “countable” plural, so there are specific discrete datums that were stolen.
I wouldn’t say that I go to the effort of making myself unidentifiable, but my “defaults” are with relative anonymity and privacy in mind anyway, ie donations in Monero, anti-fingerprinting, VPN, lack of persistent browser storage, full disk encryption. So I guess I don’t take steps because my regular browsing is already reasonably private, private enough that I don’t feel the need to take extra steps for minor shit like buying drugs online or donating to things. I do take extra steps to make sure there’s no simple way something can be traced to me for more serious stuff but I don’t think making a donation to a piracy website is serious.
In terms of using paypal, unless it’s illegal or criminalised to donate to piracy in your country, it should be fine too. Normally it’s just actually pirating (or sometimes only distributing) that’s illegal so donating shouldn’t be prosecutable, again unless that actually is a law where you live.
It’s fine to be paid for labour eg programming.
Last 4 or so phones have all been GrapheneOS (I’m not buying new phones all the time to be clear; I use phones till they break; I’m just a long-time user) and yeah I’ve really had no problems to speak of. I currently have a separate profile with Play services for certain apps, and also just to isolate non-privacy-respecting apps that I have to have installed for whatever reason.
Almost all the apps I use are FOSS apps who are aware that a significant amount of their userbase will be using various AOSP forks so I’ve not run into any app compatibility issues. Even back when I used banking apps, I’d used 4 different banks’ apps on GrapheneOS and all of them worked completely fine. Now I don’t have a banking app because I won’t install proprietary software unless I actually have to for some reason, and I can bank on the web just fine.