Dumb move
Just because the connection between the website and the browser is or isn't encrypted, doesn't automatically imply that the website is also (in)secure to use. I know this sounds obvious but you have to keep in mind that plenty of IT illiterates will also be using this system, and I for one can easily imagine situations where some might even ignore possible risks because "the website is secure" while it's not.
It's plain out nonsense that a website which doesn't ask for any user input would be more secure if it uses HTTPS vs. HTTP.
Sure, you can get free certificates. But if your hosting provider doesn't support SSL you have no other option but to get a more expensive subscription. If you actually care for this nonsense of course.
Biting the hand that feeds IT
