Several years ago the company started encrypting organic results for users who were signed in, but still passed along referrer headers to publishers if users had not signed in. Google continues to send referrer headers to the landing page operators when users click on paid ads.
The decision could go a long way toward protecting users' privacy because some people click on results after conducting vanity searches on their own names. When people do so, they are inadvertently providing clues to their identities to Web site operators.
At the same time, even if Google's move is privacy-friendly for users, it's not necessarily in the best interests of Web site operators, who want to be able to analyze referrer-header data in their search engine optimization efforts.
At this point, it's not clear why Google is making the change. But it's worth noting that the company recently agreed to settle a lawsuit alleging it violated users' privacy by “leaking” their names in referrer headers. In that case, the settlement agreement that was filed with the court doesn't require Google to start encrypting traffic. Instead, Google promised only to revise its frequently-asked-questions so as to better explain its policies. The company also will pay around $8.5 million to schools and nonprofits.
But that agreement -- which hasn't yet been approved by the court -- has drawn opposition from advocacy groups like Electronic Privacy Information Center, Consumer Watchdog and Center for Digital Democracy. The advocates criticize the deal on the ground that it would allow Google to continue leaking the names of search engine users.
U.S. District Court Judge Edward Davila hasn't yet decided whether to grant the settlement preliminary approval. It's not yet clear whether the settlement agreement will be revised to reflect Google's decision to encrypt more traffic.