Recent revelations about surveillance by several institutions and de-identification can be expected to have increased public awareness of identification- and tracking-related privacy threats. It is reasonable to expect that the general public has started using corresponding privacy protection mechanisms. Our goal with this research was to determine whether they actually do this. If not, we wanted to explore possible explanations for not uptaken such privacy-protecting countermeasures. We interviewed 20 (mainly lay) people and found that our interviewees did not proactively try to prevent being identified and tracked. We identified seven different types of explanations. Including a number of misconceptions which might explain this puzzling level of apathy. The participants demonstrated confusion between different kinds of sensitive data; and displayed a confusion between the semantics of `privacy' and `security'. The findings also indicate that security being compromised, resulting in losing money for example, is more concrete and more easily brought to mind than privacy-related problems. In terms of the consequences of surveillance, the most commonly cited outcome is the receipt of personalized advertisements, which many consider beneficial. Potentially negative impacts of identification and tracking is often assumed to not occur to them. Our interviews also pointed out a gap between passive and active knowledge about identification and tracking techniques, their impact on privacy and countermeasures against them.