Google SSL – Secure Search – Referrer Data Stripped

by rishil on October 29, 2010

Today I tweeted out of the blue:

Google is going to screw over almost EVERY SEO if this goes live full time https://encrypted.google.com

No, it’s not another SEO is dead post, but an indication of what would happen to SEO if SSL for Google Searches went live full time. Why? Well let me start with stealing a description from Danny Sullivan:

One of the most important online marketing tools is the referrer string. Little known to most web surfers, this is effectively the Caller ID of the internet. It allows web site owners and marketers to know where visitors came from. It’s crucial marketing data, and data that might be going away.

Get the gist? Those pretty query strings : http://www.google.co.uk/search?q=rishil+lakhani which are then translated to your analytics will kind of disappear.  The other knock on effect will be disabling referrer based changes to what you show your site visitors. (For those who don’t know what SSL is – Secure Sockets Layer which is when web browsers turn off referrers when going from HTTPS to HTTP mode to provide extra privacy).

In fact the Google Analytics team confirmed this with a tweet:

Google Analytics Tweet on SSL

Google Analytics Tweet on SSL

This could be a BIG blow to SEOs who rely on KW data to confirm what keywords work, which ones don’t, as part of a continuous optimization for traffic and ROI continues.  The really crappy deal about all of this is they as you should be aware off, have kind of killed the Keyword Tool recently, or at least reduced its commercial capability. As Peter Da Vanzo (PeterD) puts it:

There’s no advantage to Google in revealing all their keyword data – a valuable asset – especially the data that Google thinks can’t be monetized as profitably via Adwords.

Hypocrites. But it’s Their Search Engine.

And that is part of the equation that annoys me. G is trying hard to limit Google KW data to SEOs as much as possible. Call it tinfoil or whatever, its just purely business:

Google Hurting SEO

From Google’s own Description (bolding mine):

With Google search over SSL, you can have an end-to-end encrypted search solution between your computer and Google. This secured channel helps protect your search terms and your search results pages from being intercepted by a third party. This provides you with a more secure and private search experience.

Web browsers typically turn off referrers when going from HTTPS to HTTP mode to provide extra privacy. By clicking on a search result that takes you to an HTTP site, you could disable any customizations that the website provides based on the referrer information.

Note – this wont limit what data Google gets from you (hypocrites!) :

Searching over SSL doesn’t reduce the data sent to Google — it only hides that data from third parties who seek it.

So what can we do?

Tad on SSL for Google

Its not all doom and gloom as Tad says, there is a clunky work around:

@danbarker there’s a weird workaround to Google SSL. If the landing page is HTTPS, you still get referrer data.

So pretty much converting your full site to HTTPS and getting those pages indexed vs the HTTP versions MAY be a solution. I won’t even though on the issues around duplicate content etc that HTTP vs HTTPS have caused me in the past. There are better SEOs than I who can crack this out for you. And if I find more posts, I will keep adding to this. So, no SEO isn’t dead, nor is Analytics as others have put it when this was announced. More details: Using HTTPS to capture referral data.

Will SSL Search Become the Norm?

One of the issues that cropped up initially was that Schools complained that they cant monitor student activities over the SSL, and as a result Google moved the SSL beta to the “encrypted” sub domain so that:

When students search using https://encrypted.google.com, their searches will bypass any content filters that are in place on your network. If this is problematic for your school, you can block https://encrypted.google.com. When students continue to search using http://www.google.com, your content filtering will work as it always has in the past.

This may have actually been one of the bigger stumbling blocks for introducing SSL searches for general use by default. Personally I am not sure if this will happen, I just feel that we as SEOs should be prepared with alternative strategies if it does.

Resources

Share and Enjoy:
  • Twitter
  • del.icio.us
  • Facebook
  • Google Bookmarks
  • FriendFeed
  • Sphinn
  • LinkedIn
  • PDF
  • StumbleUpon
  • Suggest to Techmeme via Twitter
  • Yahoo! Buzz

Rishi Lakhani is an independent Online Marketing Consultant specialising in SEO, PPC, Affiliate Marketing and Social Media. Explicitly.Me is his Blog. Google Profile

{ 6 comments… read them below or add one }

Tad Chef October 29, 2010 at 5:37 pm

There is even a lawsuit out there that might force Google to use the SSL version or otherwise strip referer data altogether for privacy reasons:
http://www.theregister.co.uk/2010/10/26/google_privacy_flap/

Reply

ewyu October 31, 2010 at 7:56 am

If they do roll it out on a larger scale, I wonder how this will impact sites that are using the “First Click Free” program. On Google’s official blog post, they explicitly cite that you check the incoming http referrer: http://googlewebmastercentral.blogspot.com/2008/10/first-click-free-for-web-search.html

Reply

Alan Mitchell November 8, 2010 at 11:53 pm

Hi Rishi,

You’re completely right – Google’s new SSL page will only cause headaches for PPC and SEO professionals and anyone who’s interested in optimising their website.

I guess the SSL page is Google’s response to online privacy’s growing fashionability, but perhaps we need to realise that privacy is over-rated, and that handing over our browsing data can have positive benefits for everyone.

In a blog post I wrote on Google’s SSL page, I suggest how the removal of referral data can lead to higher prices of goods and services for everyone:

http://www.calculatemarketing.com/blog/discussion/google-ssl-page-how-privacy-leads-to-higher-prices/

Would love to hear your thoughts.

Cheers,
Alan

Reply

Everfluxx October 22, 2011 at 3:58 pm

Hi Rishi, “using HTTPS to capture referral data” won’t work with https://www.google.com/, because Google strips the query from the Referer (this is different from what happens on encrypted.google.com). Check out my test results: http://www.everfluxx.com/google-ssl-referer-test-results/

Reply

rishil October 26, 2011 at 7:23 am

Yeah – it used to, but like you say, not anymore. . This article is about an year old, when I predicted the KW data being stripped going main stream.

Reply

Everfluxx October 27, 2011 at 10:22 pm

I predicted the KW data being stripped going main stream.

Uhm, no. Correct me if I’m wrong, but this article was about the “natural” consequences of using SSL (i.e., no Referer at all from HTTPS to HTTP, as per RFC 2616), not about Google deliberately choosing to remove the query from the Referer sooner or later. Amirite?

Reply

Leave a Comment

Previous post: Questions to Ask when Interviewing for an In House SEO Job

Next post: Google Demo Slam – Demoslam.com