The trick is to give only the www-data user that Apache runs as the right to read the files.
First, you need to grant the www-data group access to the users' directories like this:
That grants members of the www-data group, which by default contains only the Apache user, the right to look into directories below /home/username. It cannot read those files, but it can list the directory's contents.
sudo chgrp www-data *
sudo chmod g+x *
Now we want to give the Apache user access to the users' public_html directories.
That should do it. By default, any later files the user creates will have world-readable privileges, so they will be readable by the www-data user automatically. However even though the files are world-readable, because other users have no rights in /home/username, they will still not be able to see each others' files.
sudo chgrp www-data */public_html
sudo chmod g+x */public_html
sudo chmod -R g+r */public_html/*