Er.. Typical journalism
"has complete administrative access to one of the government's most important websites. "
Er.. No it doesnt, It mearly means they know that 100,000 users have visited the site, and are mostly running MSIE6
Furthur, "not to make Personal Information available to anyone other than our employees, staff, and agents." Browser information is NOT personal information, It is sent to every website that requests it, therefor, not personal.
Shock horror! The Network link to the website is controlled by a non-government entity! What if the network provider was to redirect visitors to a malicious website instead!, Nevermind the fact that the a non-government server hosts the site!
Look at the registers mailing list sign up, It doesnt use SSL to request my personal details, I somewhat bet the admin area isnt protected by it either, Nor do they host their own servers, Its outsourced to an American company Rackspace.. why wont that company do something to the visitors of theregister.co.uk? their big companies.. not evil empires.