• Search Engine Land
  • Sections
    • SEO
    • SEM
    • Local
    • Retail
    • Google
    • Bing
    • Social
    • Resources
    • More
    • Home
  • Search Engine Land
  • SEO
  • SEM
  • Local
  • Retail
  • Google
  • Bing
  • Social
  • Resources
  • Live
  • More
  • Events
  • SUBSCRIBE

Search Engine Land

Search Engine Land
  • SEO
  • SEM
  • Local
  • Retail
  • Google
  • Bing
  • Social
  • Resources
  • More
  • Newsletters
  • Home
SEO

Post-PRISM, Google Confirms Quietly Moving To Make All Searches Secure, Except For Ad Clicks

In the past month, Google quietly made a change aimed at encrypting all search activity — except for clicks on ads. Google says this has been done to provide “extra protection” for searchers, and the company may be aiming to block NSA spying activity. Possibly, it’s a move to increase ad sales. Or both. Welcome […]

Danny Sullivan on September 23, 2013 at 11:53 am
  • More

In the past month, Google quietly made a change aimed at encrypting all search activity — except for clicks on ads. Google says this has been done to provide “extra protection” for searchers, and the company may be aiming to block NSA spying activity. Possibly, it’s a move to increase ad sales. Or both. Welcome to the confusing world of Google secure search.

Two Years Ago: Secure Searching For Logged-In Users

In October 2011, Google began encrypting searches for anyone who was logged into Google. The reason given was privacy. Google said it wanted to block anyone who might potentially be eavesdropping on a string of searches made by an individual and also prevent the actual search terms themselves from being seen by publishers, as some of them might be too “private” to reveal.

This Month: Secure Searching Being Made Default For Everyone

Now, Google has flipped on encryption for people who aren’t even signed-in. When asked about this last week, Google confirmed the shift, saying:

We added SSL encryption for our signed-in search users in 2011, as well as searches from the Chrome omnibox earlier this year. We’re now working to bring this extra protection to more users who are not signed in.

I sent a series of follow-up questions to Google after getting that statement and am still waiting for a response to them, so I’ll update as I hear more. Is this worldwide? How soon until it happens for everyone?

A Sudden Change

One key question is “Why so suddenly?,” what prompted Google to make such a change out of the blue. And it was sudden.

When searches are encrypted, search terms that are normally passed along to publishers after someone clicks on their links at Google get withheld. In Google Analytics, the actual term is replaced with a “Not Provided” notation.

Over the past two years, the percentage of search terms as “not provided” has increased as Mozilla’s Firefox in July 2012, Apple’s Safari browser in iOS 6 in September 2012 and Google’s own Chrome browser in January 2013 have used encrypted search, even when people aren’t signed in at Google.

That’s lead to a steady increase but not giant leap in “not provided” activity. But in the past month, the increased encryption on Google’s side has produced a dramatic spike:

Not Provided Count - Charting the rise of (not provided) in Google Analytics-1

The chart above is from a site called Not Provided Count, and it tracks the percentage of terms being withheld across 60 different web sites. You can see the spike that began around the week of September 4 and which currently shows almost 75% of terms being withheld.

It was after viewing this chart on Friday that I asked Google if there had been some type of change, because the percentage of not provided terms can also vary from site to site — or even for “basket” of sites for different reasons. As noted, the change is real, and confirmed by Google.

There are two main reasons why Google may have made such a quick switch, and perhaps both are even factors.

Done To Block The NSA?

The first is the whole US National Security Agency spying thing. In June, Google was accused of cooperating to give the NSA instant and direct access to its search data through the PRISM spying program, something the company has strongly denied. That hasn’t saved it from criticism.

Since then, Google’s waged a campaign to allow it to be more transparent about the number of spying requests it says it does receive — on a limited basis and not involving direct access — but which it’s forbidden by US law from disclosing. It also began increasing encryption between its own data centers.

I suspect the increased encryption is related to Google’s NSA-pushback. It may also help ease pressure Google’s feeling from tiny players like Duck Duck Go making a “secure search” growth pitch to the media. Duck Duck Go and StartPage.com have seen large gains in traffic, though relatively speaking, what’s large is nothing for Google. The PR loss is far, far greater than the user loss, if any. But Google doesn’t like PR losses of any type.

Done To Boost Ad Sales?

The other reason is that Google recently made a change so that one of the easiest ways for publishers to see the actual terms that have been withheld over time is through the Google AdWords system.

See, apparently search terms aren’t so private that Google withholds them entirely. Rather, it withholds them from being transmitted in the clear across the internet. Publishers can still see these terms by going into the Google Webmaster Tools area, though they only see the top 2,000 per day and only going back for 90 days (something Google said earlier this month will increase to one year, in the future).

If publishers don’t somehow constantly archive these terms, they’re lost. But a change to Google AdWords in August allows publishers to store the terms as long as they like, for easy and instant access — as long as they use Google’s ad system.

It’s an odd situation that Google won’t archive search term data within the toolset it expressly built for non-advertisers — Google Webmaster Tools — but does allow this through its ad system. It suggests that terms have been withheld all along in part to create new Google advertisers.

Privacy Loophole Remains For Advertisers

That’s especially so given that ad search traffic has never been made secure. No encryption stops people from eavesdropping on the terms used when someone searches at Google and clicks on an ad. Google’s also never prevented this information from flowing directly to advertisers, in the way it has for non-advertisers.

More Background

So. Increased privacy to thwart the NSA? Or a handy excuse to do that and increase potential ad sales? If I learn more, I’ll update. Meanwhile, for more background, see the key article from earlier this month, below:

  • Google’s Plan To Withhold Search Data & Create New Advertisers

Postscript (5:05pm ET):

Google’s sent this update:

We want to provide SSL protection to as many users as we can, in as many regions as we can — we added non-signed-in Chrome omnibox searches earlier this year, and more recently other users who aren’t signed in. We’re going to continue expanding our use of SSL in our services because we believe it’s a good thing for users….

The motivation here is not to drive the ads side — it’s for our search users.

It’s still not clear why Google seems to have ramped up things especially today.



About The Author

Danny Sullivan
Danny Sullivan was a journalist and analyst who covered the digital and search marketing space from 1996 through 2017. He was also a cofounder of Third Door Media, which publishes Search Engine Land, Marketing Land, MarTech Today and produces the SMX: Search Marketing Expo and MarTech events. He retired from journalism and Third Door Media in June 2017. You can learn more about him on his personal site & blog He can also be found on Facebook and Twitter.

Related Topics

Channel: SEOFeatures: AnalysisGoogle AdsGoogle: AnalyticsGoogle: Search ConsoleLegal: Privacy

We're listening.

Have something to say about this article? Share it with us on Facebook, Twitter or our LinkedIn Group.

Get the daily newsletter search marketers rely on.

Processing...Please wait.

See terms.

ATTEND OUR EVENTS

Lorem ipsum doler this is promo text about SMX events.

June 15-16, 2021: SMX Advanced

June 21-22, 2021: SMX Advanced Europe

August 17, 2021: SMX Convert

November 9-10, 2021: SMX Next

December 14, 2021: SMX Code

Available On-Demand: SMX

Available On-Demand: SMX Report

Available On-Demand: SMX Create

×


Learn More About Our SMX Events

Discover actionable tactics that can help you overcome crucial marketing challenges. Our next conference will be held:

Next Event: Sept. 14-15, 2021

Available On-Demand: March 2021

Available On-Demand: October 2020

×

Attend MarTech - Click Here


Learn More About Our MarTech Events

White Papers

  • Gartner Magic Quadrant for Digital Experience Platforms
  • Selecting a Customer Data Platform For Your Organization: The 2020 Gartner Market Guide
  • The Complete Guide to Web Core Vitals
  • The New Era of Automation in SEO
  • Nielsen Annual Marketing Report: Era of Adaptation
See More Whitepapers

Webinars

  • Drive Customer Engagement with the Power of Personalization
  • 7 Use Cases That Prove Why You Should Implement DAM
  • Accelerate Your SEO & Content Marketing Program with 4 Key Milestones
See More Webinars

Research Reports

  • Local Marketing Solutions for Multi-Location Businesses
  • Enterprise Digital Asset Management Platforms
  • Identity Resolution Platforms
  • Customer Data Platforms
  • B2B Marketing Automation Platforms
  • Call Analytics Platforms
See More Research

Attend SMX For Only $199

h
Receive daily search news and analysis.

Channels

  • SEO
  • SEM
  • Local
  • Retail
  • Google
  • Bing
  • Social

Our Events

  • SMX
  • MarTech

Resources

  • White Papers
  • Research
  • Webinars

About

  • About Us
  • Contact
  • Privacy
  • Marketing Opportunities
  • Staff

Follow Us

  • Facebook
  • Twitter
  • LinkedIn
  • Newsletters
  • RSS
  • Youtube

© 2021 Third Door Media, Inc. All rights reserved.

Your privacy means the world to us. We share your personal information only when you give us explicit permission to do so, and confirm we have your permission each time. Learn more by viewing our privacy policy.Ok