Windows (any version)
Most Linux distros will be fine. If you are a beginner to Linux then I'd recommend Ubuntu (see warning), Mint and Manjaro. If you want max privacy then use Tails, Whonix or Qubes OS.
If you already use Linux then you should harden it as much as you can. Most distros have guides on hardening but they aren't always good. You can also use my hardening guide.
Arch Linux Hardening
My own guide
You should always enable apparmor. This limits what a program can do. The script below will automatically enable apparmor for Arch Linux. If you don't use Arch then you need to modify it for your package manager and kernel paramaters.
Firejail is a very secure and easy to use sandboxing program. It can be used in conjunction with Apparmor with the firejail --apparmor command. Running firecfg will make all programs automatically run in a sandbox if there is a profile for them in /etc/firejail. If you want to make only 1 program automatically run in a sandbox then run
Sysctl is a tool for examining and changing kernel parameters at runtime. It can be used to harden the kernel. To harden it edit /etc/sysctl.conf or if you run Arch create a file called /etc/sysctl.d/99-sysctl.conf and add the sysctl configs in there. My sysctl changes are below.
Mac Address Spoofing can be done easily by macchanger. Run
Replace wlp2s0 with your network interface. You can find these by running
If you use systemd then you can create a systemd service that randomizes the mac address on boot. It is below.
Replace wlp2s0 with your network interface. You can use this service for as many interfaces as you want.
Many people consider Ubuntu to not be privacy friendly. These claims are justified somewhat as Ubuntu has violated user's privacy in the past such as with the Amazon launcher tracking users or when telemetry was enabled by default. Ubuntu also comes with proprietary software so they could also be tracking you as well. Ubuntu is commercial and owned by a UK company who are part of the 5 eyes. I do not believe Ubuntu is anti-privacy but you should still be aware of this.