Re: El Reg is a customer of CloudFlare and uses its content-distribution network.
it makes a clear statement that CloudFlare and The Register do not support good security and wish to discourage those who do. Shame on them.
I would have 100% agreed with you before, but something has at least improved:
~$ dig +short theregister.co.uk
159.100.131.165
If you track that down, it appears that El Reg has at least switched its email to a UK based service owned by a Canadian supplier (at least the IP addresses are, according to RIPE), so there is hope yet (it used to be Google, accompanied by claims that "they use something more secure for leads" - yeah, right, as if that would convince the Snowdens of this world :) ). This is marginally better.
The problem that Clouidflare solved for volume sites is a reduced/cancelled risk of DDoS, but I would indeed never spool anything through them that needs discretion because you're handing off access data to a provider in what is presently one of the most questionable jurisdictions for privacy in the developed world, straight after China (let that irony sink in for the moment)...