This may not be the correct place to ask this question, but I can't find another forum that seems to match my question.
We have a web site which stores : user's name (which is not validated in any way, so we have lots of Donald Ducks and Mickey Mouses), e-mail address and mobile 'phone number for users. The data are used for sending traffic updates by e-mail and / or SMS.
Should we use HTTPS when the users log in to and set their messaging options in the site?
We don't use HTTPs at the moment because we think that the user data we store is not very sensitive and do not believe that it would be of any use to criminals.
What are your opinions, please?