Honestly, now that I read down the thread, it kinda sounds like you don't have your shit together and you want to blame someone else who created something awesome for it.
It's not important whether you consider the data sensitive enough to bother doing your job. It's actually your users, which, if they've installed HTTPS Everywhere, they do.
Yes, thank you konklone. My primary complaint with the policy, and I'm hesitant to complain because, let me be clear, it is a good policy, is that we're now held accountable to a metric that adds engineering complexity and additional costs to our small team, and has created some confusion amongst our hundreds of customers who, arguably, don't serve content that, in my professional opinion, requires an encrypted connection to meet the needs of their millions of users.
It's not important whether you consider the data sensitive enough to bother doing your job. It's actually your users, which, if they've installed HTTPS Everywhere, they do.
So get your shit together! :)