Bernice's question brings up another topic, related to a security and privacy. The point is that your private data are mostly vulnerable not here on our servers but on the way from your computer to us. HTTP is not a secure protocol and it is possible [I don't say it's really happening but technically it is possible] to grab the data somewhere in the middle [proxy server, ISP] and read them.
Of course, there is a solution. Instead of insecure HTTP, a secure protocol [HTTPS] can be used. However, in order to do it in this way, we would need to buy a certificate which costs $199 a year [or more, I am not sure]. And somebody has to pay for it.
My question is - is it really necessary to support a secure protocol here? Would anybody use it? If so, what about to make it available only for users who pay some extra small fee as an addition to their normal membership fee?