I don't think it is, not anymore.
I think the main barrier to entry at this point in time, is the misconception of necessary effort.

If we present it as a step-by-step what needs to be done, they may say it's too hard or too much. 
If we present it as an afternoon-project, they may be more open to it.

That being said, in general, people are lazy even when it comes to their own welfare in the privacy context, but I think there's something in how it's framed that's worth exploiting. 

As an example, you can spin your own full-fledged cloud service in a couple hours at this point in time:
- Get some hardware (raspi (or similar), old laptop, PC etc)
- Change a couple lines in a docker-compose file
- Run a single command
- Final Setup via the webpage

Based on the four steps above, if someone can't spend a half hour understand each of those steps, then I can't say they actually WANT to protect themselves.

You also have all-in-one setups like Start9OS that allow you to then install the apps via a marketplace.