Using HTTPS everywhere doesn't really help much. It doesn't help at all if the surveillers either have your cert or access to decrypted traffic inside the firewall. Any PII being sent over the wire should most definitely be encrypted, but encrypting my access to a news site isn't really hiding anything. The requested URL still need to be unencrypted, you'd just be encrypting content that is already availble unencrypted.
The SSL connection is set up before the HTTP request is sent; that's why the dedicated IP per domain is required, since the domain (Host header) is part of the request as well. The URL you're accessing is not sent in the clear.
Partly. On a modern system with SNI the hostname is sent in the clear. This removes the requirement for a dedicated IP per domain with SSL for those users, but until SNI everywhere you still need one.
The particular publicly-available information that people are interested in is privacy-sensitive. It's easiest to see this by thinking about articles on sexual, medical, and religious topics at Wikipedia (or WebMD!). Although the information is public, users don't want others on the network to know that they read it.
And on some networks, the content of news articles that we might think of as totally innocuous is considered very sensitive, and the network operator might try to block it. The most familiar example might be news about annual commemorations of 6/4. Using HTTPS provides resistance against content-based censorship because the network operator doesn't know when users are reading the specific things that they wanted to prevent them from reading.
It can get worse than people snooping on what you're reading ... they can also modify the content. In many places, like at cheap motels or providing free Wifi, they inject ads into content pages or other crap.
So how do you know if the content you're reading has not been tampered with? You don't, unless the connection is encrypted.
