I’ll state right up front that both the technological and (for lack of a better term) political issues on this topic are a little confusing. I read both of Danny Sullivan’s excellent explanations of the issue, and I’m still not quite sure what to make of it. So let’s take this apart piece by piece.
We’ll start with the initial news point. Last week, Google changed the way it handled search results to make them more private, at least in theory. Those who search Google and are logged into Google.com via a secure connection now get their search results encrypted. Searchers won’t notice a difference, but the websites they visit will. If a secure visitor clicks through to a website that is not secure, that website will not receive any information as to what search term the visitor used.
This means that webmasters and SEOs get less information to play with. It’s harder to build a proper campaign when you don’t know what terms visitors use to find your website. Worse, what if one of these secure visitors buys something? You might want to optimize for that term, but you can’t, because you don’t know what it is!
Don’t panic; you’re not losing quite as much information as you think. According to Matt Cutts, only a very small percentage of Google users (in the single digits) actually use SSL when performing searches. That may sound low to you, but Sullivan said the figures he’s seeing for both Search Engine Land and his own blog bear this out. For one day for SEL in Google Analytics, he noted that 381 keyword-related visits had the search terms stripped out of them – out of nearly 15,000 keyword-related visits. That’s a loss of less than three percent of the data.
Also, if you maintain SSL on your website, Google will still pass along to you the search terms secure visitors used. Sullivan notes that this is a crucial point. “Encryption – providing a secure website – doesn’t block referrers if someone goes from one secure website to another.” As he sums it up, for a visitor searching from a connection that is not secure, Google passes the search term to both secure and not secure sites. For a secure visitor, Google passes only to secure sites. So a secure visitor would not pass their search term to a site that is not secure.
That’s true except in one important situation. It’s this exception that’s making Sullivan and others suspect Google’s motives. And the odd point is that it’s all but buried in Google’s blog post announcing the changes it’s made to improve the security and privacy of search. At the end of the third paragraph of the post, Google tells its users that “If you choose to click on an ad appearing on our search results page, your browser will continue to send the relevant query over the network to enable advertisers to measure the effectiveness of their campaigns and to improve the ads and offers they present to you.”
You read that right. It doesn’t matter if you’re using a secure connection; advertisers will STILL see the search term that brought you to their web page. Why is this a problem? Web publishers tend to use AdSense rather than AdWords if they use anything with Google, and very few of them use secure servers. They need information on who is finding their website via which search terms just as much as advertisers do. It’s as if Google is saying “we’re protecting our users’ privacy, but you can peek if you pay us.”
Except it’s even more complicated than that. Sullivan argues that Google doesn’t really consider this referrer information private. He points to an incident in 2009, “when Google made a change to its search results that broke referrers from being passed. Publishers were upset, and Google restored referrers.” Even more recently, Sullivan continued, when search rival DuckDuckGo challenged Google on privacy issues, Google head of web spam Matt Cutts denied referrers were a privacy issue. “Referrers are a part of the way th web has worked since before Google existed. They’re a browser-level feature more than something related to specific websites,” Sullivan quotes Cutts as saying.
It seems very much as if Google is trying to have it both ways, and turn an extra profit besides. As Sullivan explains, if you know the search term someone used to get to your website, “you can then target them in various ways across the web with ads you believe reflect that search interest…This is called ‘retargeting,’ and Google’s a leading provider of retargeted ads. When you cut the referrers out, except for your own advertisers, Google makes it harder for its competitors to offer retargeting services.” It also means that only Google advertisers can do keyword-level conversion tracking. This kind of tracking gives you a better idea of the value of certain search terms, so you can change your SEO approach to suit.
Many Google users may not care about these issues, but it smacks of hypocrisy on Google’s part. As Sullivan explains, “if Google thinks this needs to be done for privacy reasons, then it need to block referrers for everyone and not still allow them to work for advertisers…If blocking referrers isn’t a privacy issue, then Google needs to provide referrer data to all publishers, not just those who advertise.”