Making the users of online systems "privacy-aware" is a long-standing challenge. Ideally, users should be able to understand online privacy practices and have access to usable privacy settings that control the granularity of the data collected about them. However, current privacy policies and settings of online applications are often hard to comprehend by an average user, are unreachable, and lack effective controls over the collection and release of user data. As a result, users are unlikely to be aware of privacy risks and are incapable of exercising informed control when interacting with websites, apps, devices, and services. Our research objective is to bring privacy protection to the masses by designing, implementing, evaluating, and deploying effective and practical mechanisms that target real-world privacy threats. In particular, our research investigates two central research questions: How can we design more intuitive interfaces that automatically present privacy notices and control to the users? Moreover, how to develop privacy controls that satisfy theoretical privacy guarantees for the release of users' data?