Really... with Let's Encrypt and easy auto-renewals (and, in some cases, easy SSL certificate issuance!), there is absolutely NO reason to have a website that doesn't use HTTPS.
OK, I realize that's not true if your site is pre-existing. You still have to do the work to make HTTPS work properly without the browser complaining. But the major hurdles are GONE. Especially for brand-new websites, there's no excuse now.
@yakkoj You're (mostly) right. I rolled out SSL on my sites with Let's Encrypt recently. It made a mess of my Apache config files and doesn't fail gracefully if everything's not 100% to its liking, but I eventually got there. One server was nice and smooth, the other took hours to sort out.
"I appreciate SDF but it's a general-purpose server and the name doesn't make it obvious that it's about art." - Eugen Rochko