• http://twitter.com/roquelagellera Roque Lage de Llera

    Hi Barry, ¿How would this affect to analytics results?

  • Travis Prebble

    The effect would be that you’ll see a reduction in measured referrals from Google search, especially if you have a mobile heavy site. The traffic will still be there, will still come from Google, you just won’t know the source.

  • http://twitter.com/theseanstewart Sean Stewart

    It would show an increase in (direct) visits, and a decrease in organic visits from Google. The net change is 0.

  • http://andrewmichaelsmith.com/ Andrew Smith

    Are you’re sure that you’re not using google https on the iPhone 6? That would cause the same results.

  • http://twitter.com/numbakrrunch Charlie Reverte

    An easy way to reproduce this yourself is to search for “what is my referer” on iOS6 and click on the search result for whatismyreferer.com. You’ll see the referer is blank when you come from google and intact for bing and yahoo

  • http://twitter.com/TheTopTom Thomas Howard

    On my desktop (in Chrome), I switched my User-Agent to iOS 6, and typed “what is my referrer” into google. I then went to whatismyreferer.com and it was empty.

    The same steps under my regular Chrome User-Agent produced the referrer data.

    Both were completed while using the SSL version of Google.

    Therefore Google is the one causing this issue, not iOS 6.

  • http://twitter.com/BigBryC Bryan Cristina

    A net 0 for visits, a negative 100% for actually knowing what happened

  • http://twitter.com/roquelagellera Roque Lage de Llera

    Thats how i understood that….Pretty big issue dont you think??

  • http://twitter.com/TommyGriffith Tommy Griffith

    Well, the ‘change’ is less actionable data in webmasters’ analytics. I wonder how much of an impact this will be relative to [not provided] secure search data, which was about 20% of queries.

  • http://www.rustybrick.com/barry Barry Schwartz

    No, that would just block the query, not the whole referrer. See iOS5 vs iOS6 example above.

  • http://twitter.com/numbakrrunch Charlie Reverte

    It turns out that I was logged in to google for my the previous test. It looks like this is normal referer dropping from https seach, not something specific to iOS6. I keep forgetting about that :) Logging out and doing an http google search using the method above restores the referer. It looks like this article is a false alarm..

  • RyanMJones

    Thanks for sharing this Barry. I think the implications here are HUGE for analytics – especially if the trend catches on. I’ve popped into the FireFox forums from time to time and people keep bringing up the suggestion to completely strip referer information from FF as well. Just as we’re steering the industry away from rankings and toward KPIs, we may be forced to reverse path.

  • http://andrewmichaelsmith.com/ Andrew Smith

    As I understand it most browser implementations will block the referrer if it’s coming from a HTTPS site. Are you saying that they would just strip out the “q=” parameter? Because I don’t think that’s the case.

  • http://twitter.com/samuelcrocker Samuel Crocker

    This seems to be the case – if you try the same test but using the https:// version on iOS 5 (which is the default on the toolbar on iOS 6) you get the same result – no referer passed. This is different to the result you see on desktop searching on https:// however (because they seem to put you through a redirect and strip out query whilst still tracking you), so the issue is not with the OS but rather the change in the default toolbar behaviour from one OS to the next.

    It doesn’t change the fact that this change in the default will have a massive impact, but the issue is not really with the iOS per se.

  • http://andrewmichaelsmith.com/ Andrew Smith

    For people who worried about losing out on search terms there’s always http://www.google.com/webmasters/

  • http://twitter.com/samuelcrocker Samuel Crocker

    For what it is worth – based on our testing within our team just now this has more to do with mobile and https:// – the same result happens on android if you search on the SSL version of Google.

    As above, it seems like the issue is with handling of SSL on mobile and the fact that Google does not do the redirect with the query string stripped out rather than anything specifically to do with iOS 6. What iOS 6 has done, however, is highlight this point by changing the default behaviour within the toolbar to be through the https:// version.

  • http://www.rustybrick.com/barry Barry Schwartz

    Google SSL shows referred from search. It just doesn’t show the query (i.e. it shows not provided).
    Here, Google is stripping everything, as far as I understand.

  • http://www.facebook.com/profile.php?id=535260227 Jeff Kean

    Very big, same when google started striping out for signed in users. my analytics shows tons of (not set) or (direct) when there not. Its horrible

  • http://andrewmichaelsmith.com/ Andrew Smith

    What’s happening is that because the link is a HTTPS site the browser is not sending any referrer header. This happens on every HTTPS site and is part of the RFC. See the second paragraph under “Refer Hiding”: http://en.wikipedia.org/wiki/HTTP_referer

  • http://www.rustybrick.com/barry Barry Schwartz

    Meanwhile, I am now seeing referer data if you are signed in or out. Maybe Google changed it?

  • http://www.blastam.com Joe Christopher

    I agree with Samuel’s tests. On Google mobile results, the non-ssl redirect appears to not be present like it is from the desktop version. The non-ssl redirect on desktop searches (when searching from ssl) passes in referrer data and drops the keyword parameter. On mobile though, when searching via ssl, no non-ssl redirect exists.

    Much like how Firefox and more browsers are defaulting to https pages when available, this is more problematic for mobile in this case because of the lack of a non-ssl redirect.

  • http://twitter.com/BrianKlais Brian Klais

    This is big news for all marketers. Great find @rustybrick:disqus and @RyanMJones:disqus.

    I wrote a piece last year at SEL on how Google hadn’t yet secured mobile search. I speculated then SEOs had a brief window – maybe a year – to analyze mobile search intent and referrer data before it vanished. (http://searchengineland.com/give-thanks-google-hasnt-secured-mobile-search-data-yet-101819).
    So it isn’t surprising that this data is disappearing. What is surprising is if it’s Apple causing it. It’s possible that what we’re seeing is Google beginning to secure mobile queries. But if so, why just for iOS and not Android queries? Interested to see how this unfolds… but the bottom line is the same: the mobile search data window is now closing with each new install of iOS6.

  • http://andrewmichaelsmith.com/ Andrew Smith

    Google are powerful but I don’t think they can change the HTTPS spec on a whim :)

    I think what’s happening there is what @twitter-28535482:disqus is describing: In some cases (seemingly – when you are signed out) Google first point to a HTTP Google URL which then redirects you to the URL you’re after. Though I haven’t actually looked at what they do.

  • RyanMJones

    If only it would let us tie them to KPIs though. It’s not enough for me to see “how many” if I can’t see what they’re doing too.

  • t0rben

    Guess there are only webmasters here complaining about this? From a users perspective I think that’s a good thing. It’s none of your business what I googled before visiting your website imo.

  • RyanMJones

    On Wired, Google is doing a redirect though and passing the referer. It appears they’re NOT doing that on mobile.

  • RyanMJones

    I’m less interested in “what” you googled and more interested in the fact that you came from Google. That’s what we’re losing now for mobile searchers.

  • http://crem.in Jonathan Cremin

    You can’t pass the referrer from HTTPS to HTTP, there’s nothing you can do to change that. This is not a decision that Google made, it’s a side effect of the technology.

  • RyanMJones

    Correct, however on the web when you search on https, google redirects to an intermediate http page which then passes a referer. Mobile doesn’t seem to be doing that.

  • http://crem.in Jonathan Cremin

    No it doesn’t, the intermediate page is also served over SSL. I’ve double checked this with the network inspector in Chrome.

  • RyanMJones

    Go to https://www.google.com search “what is my referer” click. Google redirects you to a non-https version then sends a referer. Mobile isn’t doing that redirect. That’s the problem.

  • http://crem.in Jonathan Cremin

    I had to log out for this to work. When logged into my google account, the intermediate page is over SSL.

  • http://twitter.com/YoungbloodJoe Joe Youngblood

    Then signin to Google and get ready to lose a lot of benefits.

  • http://www.webkruscht.com/ Frank Zimper

    Nail on the head. All mobile searches on https search do not transfer any referrer to a plain http target site. I guess Google got rid of the intermediate redirect to speed things up. Mobile connections still tend to be somewhat slower.

  • http://searchengineland.com/ Danny Sullivan

    Well, Google decides that it is a publisher’s business if you search on Google and click on an ad. In that case, Google goes out of its way to tell the advertiser what you searched for and also doesn’t encrypt the referrer, exposing potentially private information to eavesdropping. And that’s not really a good thing.

  • http://searchengineland.com/ Danny Sullivan

    Actually, it’s iOS 6 in part doing it, because the behavior in Safari is now apparently to pass your searches through Google SSL search. That’s what’s leaving things empty. If it hadn’t made that change, referrers would pass.

  • http://searchengineland.com/ Danny Sullivan

    The https specs don’t come into play here. Everyone who has been trying to figure all this out based on them is making a mistake.

    Google doesn’t use the https specs for its Google SSL Search. If it did, then no referrers would pass at all, except if someone clicks to another secure server.

    But in Google SSL Search, Google users its own standard. Well, not standard. It’s just Google doing what it wants. It passes a referrer with search terms omitted if you click on a non-ad link. If you click on an ad link, a referrer with search terms left alone are passed. That you’re being redirected through Google and spat out with an unencrypted channel doesn’t matter. Google itself is deciding exactly what to allow into that referrer, not your browser or some https spec.

    That’s all on the desktop. It sounds like on mobile, from what you’ve spotted, Google SSL Search works differently (and probably by mistake, not how Google intended). It seems like they aren’t redirecting outbound clicks through Google, as they do on the desktop — right? And in that case, it means that since you’re going from a secure site to a non-secure site, the “normal” standard of not passing a referrer kicks in.

    It also sounds like no one’s really noticed this before because for the most part, most searches on mobile weren’t being done through Google SSL Search. Apple made this shift — and the “protection” Google promised for desktop search was never applied to mobile search — so suddenly, all that referrer data went poof.

    I suspect in short order, referrer data will be back — but not with search term data, so that this is all aligned with desktop search.

    And nice detective work, Ryan.

  • http://foliovision.com Alec Kinnear

    It’s not about privacy, it’s about sabotaging SEO work. At one point, Google will go directly into the SEO business. Since they will be the only ones with the data, it’s a virtual monopoly.

  • cjvannette

    Yep, before iOS 6 dropped, we had 68% google organic, 9% direct none. Now it’s 58% google organic, 19% direct none.

  • cjvannette

    Indeed. We’re trying to figure out a bounce rate spike and this means we can’t compare ACTUAL direct traffic and google organic traffic to see if there’s a difference there.