We don't use https (which is an encrypted web transaction) because you're not transmitting anything sensitive here. But earlier this year, they adopted it as the standard and put out a notification for sites that don't use it.
We'll transition this year sometime. But it's not something we actually need.