The DNS is one of the most significant leaks of data about an individuals activity on the Internet.
Some of the issues in simple terms:
Almost every activity on the Internet starts with a DNS query (and often several). A key function of the DNS is to map human readable names (e.g. example.com) to IP addresses that computers need in order to connect to each other.
An overview of the problems is given in this Tutorial: DNS Privacy Tutorial.
For an expert review of this topic recommended reading is DNS Privacy Considerations.
For a full discussion of the options available please see DNS Privacy - The Solutions.
Client (stub) to recursive resolver
See DNS Privacy Clients, DNS Privacy Implementation Status, DNS Privacy Public Resolvers, DNS Privacy Test Servers for more information.
The DPRIVE working group at the IETF has been working on solutions for that, if you are interested see the DPRIVE mailing list.
Unfortunately the Server Name Indicator header in HTTPS messages also reveals the name of the website contacted by the user so provides a similar leakage channel for web traffic as the DNS queries. However there is work underway in the TLS working group at IETF to encrypt the SNI: I-D: Encrypted Server Name Indication for TLS 1.3.