Google is now encrypting search traffic for all users who click on organic results, according to a
reportthis week in
Search Engine Land.
Several years ago the company started encrypting organic results for users who were signed in, but still
passed along referrer headers to publishers if users had not signed in. Google continues to send referrer headers to the landing page operators when users click on paid ads.
The decision could
go a long way toward protecting users' privacy because some people click on results after conducting vanity searches on their own names. When people do so, they are inadvertently providing clues to
their identities to Web site operators.
At the same time, even if Google's move is privacy-friendly for users, it's not necessarily in the best interests of Web site operators, who want to be
able to analyze referrer-header data in their search engine optimization efforts.
At this point, it's not clear why Google is making the change. But it's worth noting that the company recently
agreed to settle a lawsuit alleging it violated users' privacy by “leaking” their names in referrer headers. In that case, the settlement agreement that was filed with the court doesn't
require Google to start encrypting traffic. Instead, Google promised only to revise its frequently-asked-questions so as to better explain its policies. The company also will pay around $8.5 million
to schools and nonprofits.
But that agreement -- which hasn't yet been approved by the court -- has drawn opposition from
advocacy groups like Electronic Privacy Information Center, Consumer Watchdog and Center for Digital Democracy. The advocates criticize the deal on the ground that it would allow Google to continue
leaking the names of search engine users.
U.S. District Court Judge Edward Davila hasn't yet decided whether to grant the settlement preliminary approval. It's not yet clear whether the
settlement agreement will be revised to reflect Google's decision to encrypt more traffic.