I think that privacy can be done off chain. Lightning has lots of room for improvement and can potentially become very private. Other off chain alternatives like Federated Chaumian Mints can also greatly improve privacy.

The largest issue here is KYC in my opinion. How private transactions are matters only a little if an adversary knows you had Bitcoin at some point. Sure, with privacy features added on to Bitcoin, an adversary won't know how much you have now, nor will they know your transaction history. However, if the adversary got their information from a KYC exchange, they'll know that you had at least X amount at a certain time in the past. If they have access to your purchase and selling history, they'll know whether you're likely to be a HODLer or not.

KYC can be very compromising, even if Bitcoin's on-chain privacy were to surpass Monero. If buying Bitcoin without KYC was so easy that it was the default method everyone used, on-chain privacy improvements would be almost unnecessary. So I think the priorities should be: