Why? Because at this point SSL is super simple to set up in CPanel, cheap to purchase, and actually makes sense.
A few years ago when the firesheep plugin was released, it was required that each server have is own IP address to implement SSL. Your traffic might be secure, but it doesn’t take much to guess where it’s going. In my mind, this defeats the purpose of using SSL on a website.
We’ve come a long way since then and now every major OS and browser (yes, this was a client side failure) supports SSL for websites sharing a server IP with other websites.
So why SSL now? Well, google damages your ranking for not having SSL. Oh, and the whole argument about whether Americans have a right to encryption and privacy. We do. Backoff. We’re citizens, not subjects.