1. Separate private contacts and public contacts
Use gmail with two-factor authentification for amazon, itunes, netflix, etc. As the government has access to everything you do there having the security compromised, do not try to hide it. At least google does a good job protecting the product (you) from being infiltrated by private crooks, use it to protect against daisy chain attacks against password recovery identity theft. They offer you a big mailbox and unusual usage invokes their automatic protection systems, use it. Do not use outlook.com.
Setup an emailaccount at posteo.de (change to english) using a random emailaddess as your login-name. Do not use that emailaddress for communicating; you have three free aliases. Use an anonymous payment method although they claim that they throw away the payment record right after payment: You can rely on the GCHQ to store information that makes you tracable. Use a very long, very strong password. Use that password to encrypt all your data so that they themselves can not access your data.
Use this account to synch contacts and calendars. Setup aliases to privately communicate with people. Use pgp (you could use your public key to automatically encrypt all incoming messages).
The storage space is 2 GB, so it's a good thing that spammers only know your public emailaddress. Do not ever post the posteo aliases on the internet to avoid spamming.
Check posteos website regulary, because my governemnt also has evil plans up their sleeve, so it is possible that they are required to data retention in the future. At the moment Germany has exempt emailproviders from data retention.
2. If you are sing windows, use true crypt or veracrypt.
If that is not an option due to gpt-formatted hdds or ssds, buy Windows 10 professional. Cheapest way is to buy windows 7 professional and use that key to install windows 10 using the media creation tool. Tone down every data collection as far as possible. Enable bitlocker. Enable strong pin at startup. Enable the best encryption; it is reduced per default. Do not store the recovery key online. Do not use the home edition as it will store the recovery key at microsoft without the chance to avoid that.
Use an local account and if neccessary only use a microsoft account for the store. That is possible.
Do not use cotana, it will only work with american providers for calendar and contacts anyway. Use thunderbird for contacts, calendar and email. Install pgp plugin.
3. Mobile use
On iOS use the standard programs to log into your calendar, email and contacts and notes at posteo, do not use icloud or gmail for calendar, notes or contacts. On android there is a synch tool for calendar and contacts. There are some reliable emailprograms on android, use them.
Use firefox to synch favorites and history. On chrome enable a strong password to encrypt the synching. I'd prefer firefox.
It goes without saying that you use signal for messaging and telephone. So you need a provider allowing voip and messangers. Maybe you should also look for a foreign voip provider that has no data retention and allows zrtp for private calls.
4. Vpn and tracking
As strange as it seems I would use freedome as they simply don't know your login name after the payment if you did not buy it digitally at an american or english company but directly at f-secure. Do not only rely on them to protect against tracking, install fsf privacy badger and https everywere on your favorite browser. A vpn protects against the bulk collection of every website visited as suggested by the british government.
5. What it's worth
All this will only stop the mass collection by the british government, it will not protect you against individual attacks. But as you wrote you are aware of the fact that circumventing big brother npmakes you a target, but you are correct that the goal is to make it costly to track everyone. It is worth the effort: If they cracked the safety precautions of the activists, all they achieve is to get uninteresting information.