Maybe its just that they don't understand what they are doing, I don't want to place blame on somebody for doing something unawares. But it is extremely important nowadays to keep an eye out for these kinds of things.
You know who you are. I see what you're up to.
Unless you're submitting info to said sites, this is really a non issue.
I might not be a wizard with code, but I know enough about network security to call BS on that. https://developers.google.com/web/fundamentals/security/encrypt-in-transit/why-https
not wholly necessary for every situation.
Its never necessary unless a service requires it, but https is a prerequisite for having any vague shot at anonymity online.
HTTPS protects the integrity of your website
What that means is that, it's sort of like having a friend that says you are who you are. Someone may not trust you, but they trust your friend, so they'll accept you because they trust their friend. That's the extent of it. That's what a SSL certificate does primarily to maintain integrity.
The other thing it does is provides an encryption keypair, together with that trusted certificate, that the client and server can use to communicate. The strength will vary, but this can be done with a self-signed certificate just as well as a certificate from a proper provider. The difference is trusting that you are who you say you are.
https is a prerequisite for having any vague shot at anonymity online.
This depends how you define it. Are you worried about IP addresses being logged? Because that happens in the web server's access log regardless of HTTP or HTTPS. Other than that, are you concerned about a man in the middle (MITM) attack? HTTPS does help with that, so long as you're not blindly clicking past security warnings.
HTTPS provides security, not anonymity. Proactive steps on your part like using a VPN and, most importantly, not providing identifying information about yourself are the most important part for that. If you must provide said information you want to do that across an encrypted connection, HTTPS, which aids in protecting your sensitive data. Of course, if the people on the other end aren't doing what they should be doing, it's irrelevant anyway--think LinkedIn, Ashley Madison, Equifax, etc. You better believe they used HTTPS, but they left the back door open.
This depends how you define it. Are you worried about IP addresses being logged?
Not so much. I can use a VPN or TOR if I want to hide my IP. You can't hide from metadata though.
not providing identifying information about yourself
This is the real problem I see. Lets say for the sake of argument a mysterious doxer has the access population parameters for the entire planet. Basically the google advertising database.
If they see you click a link about, Seattle's opiate-riddled mussels, and another about the best ultralight backpacking gear, its not a huge stretch to assume that you are probably a resident of the NW USA, probably from Washington, who spends time doing extended hikes. In other words, that narrows you down from one in billions, to one in maybe 25,000 people. And that's just two datapoints. Two or three more, and you can (with high certainty) determine the identity of an anon based on just those clicks, zero text-entry, and zero IP leaks.
I realize access to google is a big if. But if you combine a MitM attack with metadata, I'd wager that a creative hacker with above-average resources could dox just about anyone with social media presence.
Unless you're submitting info to said sites, this is really a non issue. Using SSL on websites is generally recommended, but not wholly necessary for every situation.