Google has been heavily promoting the fact that they want website owners to switch from http to the secure https protocol.  They have announced that they will name & shame sites that don’t support https, by displaying a message when clients try to use their online forms or showing a warning icon in the url bar.  
This is scary stuff for website owners.   To use https requires them to obtain an SSL certificate which can cost up to $1,500 a year, although there are actually free versions available.
So, if there are free versions available that Google recognises, one must wonder just how much security an SSL key and https in general offer websites.
The reality appears to be that on Google, should the search engine identify two compositionally identical pages, it will favour the one with the SSL key transmitted over https.
This secure transportation of data happens at a cost of speed, so in theory your superior page may be penalised for speed, then bumped.

My website doesn’t have a form or secure data
For the vast majority of sites, data is not intended to be secure and there is no technical requirement to have an SSL key, other than Googles warning.  

Paypal doesn’t require you to use https to make a payment
If you direct people to PayPal to make a payment you don’t need an SSL key.  The key is only necessary if you have an application that expects PayPal to return data to the application so it can run an event such as automated downloads or membership registration.
Of course, some people may prefer to work with sites that do show SSL certification, but given that you can obtain them online for FREE from sites such as LetsEncrypt, what exactly is their purpose anymore.

But what if you’re using secure PayPal as a payment gateway? Why do you have to wear the derogatory “Scarlet Letter” on your site’s address bar? Why does a site that’s collecting zero information from anyone need an SSL certificate? It makes no sense at all. If your web site doesn’t have financial transactions, why do you need an SSL certificate?
HTTPS  simply doesn’t care what’s transmitted. Infected websites distribute malware. HTTPS doesn’t do anything to ensure displayed information’s integrity. HTTPS will also deliver manipulated information to unsuspecting website visitors. Installing a Secure Socket Layer certificate prevents man-in-the-middle attacks, it doesn’t help if the original data was suspicious.

Conclusion?
Given that you can obtain an SSL key for free, perhaps it’s a good idea to use one.  However, there will be a speed issue and data is encrypted and unencrypted at both end and who knows what Google’s ultimate endgame is.
However, be aware that an SSL makes your website not more secure from an attack that previously.