What steps should one take to provide "reasonable" levels of privacy from a government?

Unfortunately, HTTPS is about as good as it gets in a situation like this. Encryption will help you prevent someone from viewing your messages in transit, and HTTPS is the correct tool for that in this case. However, the real security hole here isn't transmission of data, it's who you're sending it to.

Whenever you visit BBC News or Stack Overflow, they obviously know that you visited them. You can hide who you actually are with Technologies like Tor, but having an account on a website will still allow them to keep track of you.

Twitter and Facebook, on the other hand, are going to leak information about you no matter what. In fact, that's the whole purpose of the two sites. Twitter and Facebook are frameworks communicating with others, and both of them favor making information available publicly instead of privately. Additionally, because they are bound by laws to cooperate with government agencies, even information that you ask to have stored privately can still be made "public." The moral of this story is this: if you give information to Facebook or Twitter, the government will also have access to that information regardless of how you transmit it to them. To only way to keep information private in this case is to stop using Facebook or Twitter, or at least cut back to only posting information that you are OK with anybody and everybody seeing.

In the case of managing a server, the trust is put on the company managing that server. If you have access to the hardware and software of the system, you can take some steps like Full Disk Encryption to prevent the management company from snooping on your data. Unless you can prevent the management company from physically accessing the machine while it is running, however, any data that is usually stored in RAM is not safe including Secret Keys. Again, the weak point is in the person you are sending the data to, not the method you are using to send the data.

The only real way to protect yourself in the case of a government entity snooping on you is to throw out all of your electronics and go live in the woods. Since that's not really a realistic or desirable solution, you are never going to be able to totally mitigate all the risk of your information being made available. HTTPS will probably take care of about 80% of the risk. Modern encryption is so strong that nobody except you and who you are talking to will be able to see the data being sent over an HTTPS connection. The last 20%, however, is filled with all the stuff that doesn't have an easy answer. The more you use Facebook, Twitter, GMail, etc, the more risk you will have.

Use Tor with additional safeguards along with Firefox browser with addons like No redirect, do not track, always https, etc. Having 100% privacy, anonymity and cyber security may not be possible. But if you use these methods, you may get 95% privacy and security.

And why are you presuming only government snoops? Take these precautions whenever you surf or deal online.

This depends on how paranoid you are. Seriously...

Operating system backdoors exist

OS X http://apple.slashdot.org/story/12/01/08/069204/leaked-memo-says-apple-provides-backdoor-to-governments

Windows http://newsworldwide.wordpress.com/2008/05/02/microsoft-discloses-government-backdoor-on-windows-operating-systems/

Wiretapping Internet Communications http://www.techdirt.com/articles/20100927/10481011183/feds-pushing-for-new-legally-required-wiretap-backdoor-to-all-internet-communications.shtml

In their defence, it to attempt to thwart attacks of botnets, organized crime and such.

Chances are that you just want to be as secure as you can be, being a law abiding citizen then just encrypt stuff that you want to keep private with a long passkey and keep several physical backups of the key and you should be fine. If you want ot keep everything ultra secure, download and verify the sourcecode to your favorite Linux distro and compile and install it, then encrypt everything as well.

As for as data "in motion" SFTP, FTPS, HTTPS, and SSL all offer some security as well.

I've configured VPN's between the locations that sensative data needs to be transferred and of course encrypt the data as well so it would be much harder to decipher to someone who might be sniffing the traffic.

For browsing the web, most users privacy concerns can be addressed by using something like HTTPS Everywhere, check out: https://www.eff.org/https-everywhere this will help prevent sidejacking attacks on the same network to your social media sites.