This decision of Google’s to shame any non-SSL-based website has nothing at all to do with protecting their users.
It has everything to do with pushing people to Google’s services by making it harder for small businesses and others to create their own websites.
Have you ever installed a cert yourself? I have, and it’s not easy. Nothing about it is simple. It only takes me a few minutes now because I’ve done it dozens of times if not hundreds over a 15+ years IT career. But the first time I did it it took several days to get it all working.
People assume the good will of companies, and I can’t understand it. Have they never worked for a corporation? If there is any good will it’s all accidental because of a serendipitous alignment of user and corporate interests.
Google made the web better for a while but now it’s making it worse.
And so it goes.