For example, if religious discrimination were to lead to members of your church being harassed because of their viewing habits, then the argument that the content isn't sensitive doesn't seem so strong anymore.
HTTPS doesn't hide the IP or even the hostname (SNI is sent in cleartext) of the site you're connecting to, nor the IP of the client, so it'd still be trivial to determine who is visiting the church's website - just not exactly what pages on the site they've viewed. You need something more like Tor or stronger to protect against that.
HTTPS doesn't hide the IP or even the hostname (SNI is sent in cleartext) of the site you're connecting to, nor the IP of the client, so it'd still be trivial to determine who is visiting the church's website - just not exactly what pages on the site they've viewed. You need something more like Tor or stronger to protect against that.