Bad Move By Google: Hiding Search Referral Info... Unless You're An Advertiser

from the does-no-one-review-these-things-for-anti-trust-issues? dept

Last week, when Google announced that it was going to start encrypting searches and outbound clicks by default for users who are logged in, I thought it was a good thing. Greater encryption makes sense for a lot of search info. I was also mostly unimpressed by the complaints of search engine optimizers that this took away a key source of data on search referrals -- even though, as a publisher, search referrals are actually pretty important info for me to understand.

But that was before Danny Sullivan's post over the weekend that goes into great detail on the specifics of what Google did and on how it appears to only block such info from publishers, while creating a work around for advertisers. This seems especially questionable -- and doubly so -- at a time when Google is facing antitrust scrutiny. Do they have no one at the company who reviews these things for how it will look on the antitrust front?

I won't get into all the details -- seriously, just read Sullivan's post to understand what happened -- but the simplest way to explain it is that Google had a real opportunity to actually make the web a lot more secure, by creating a real incentive for lots of other sites to become more secure. But, instead, it limited things in a way that suggests it's doing things that are potentially anti-competitive, favoring its own advertisers and providing them info that others don't get. The key point isn't that Google turned on the default SSL searches, but how they did it, and how they missed an opportunity to actually make things more secure:
What I do know is that Google missed a huge opportunity to make the entire web much more secure. Google could have declared that it was shifting its default search for everyone – not just logged-in users — to be secure. Privacy advocates would have loved this even more than the current change which, using Google’s own figures, protect less than 10% of Google.com searchers.

Google could have also said that if anyone wanted to continue receiving referrer data, they needed to shift to running secure servers themselves. Remember, referrers pass from secure server to secure server.

Millions of sites quickly adopted Google +1 buttons in the hopes they might get more traffic from Google. Those same millions would have shifted — and quickly — over to secure servers in order to continue receiving referrer data.

Better protection across the web for everyone, while maintaining the unwritten contract between search engines and the publishers that support them to provide referrer data. That would have been a good solution. Instead, we got Google providing protection for a sliver of those searching, withholding data from the majority of sites that support it and solving problems only for its advertisers.
Hopefully, Google will see the wisdom of what Danny is suggesting, and make that change, rather than the one that they did.


Reader Comments (rss)

(Flattened / Threaded)

  1.  
    identicon
    Anonymous Coward, Oct 24th, 2011 @ 4:16pm

    Do they have no one at the company who reviews these things for how it will look on the antitrust front?

    You mean they did not even Google it?

     

    reply to this | link to this | view in thread ]

  2.  
    identicon
    Anonymous Coward, Oct 24th, 2011 @ 4:27pm

    Pirate Mike is spinning everything with a pro-Google spin because he's a shill for the pro-theft lobbying group along with Google and all of the other pirates.

     

    reply to this | link to this | view in thread ]

  3.  
    identicon
    abc gum, Oct 24th, 2011 @ 4:46pm

    Re:

    Shiver me timbers - why is the rum gone?

     

    reply to this | link to this | view in thread ]

  4.  
    identicon
    Anonymous Coward, Oct 24th, 2011 @ 4:50pm

    Re: Re:

    The pirates stole it all, through their infringement.

     

    reply to this | link to this | view in thread ]

  5.  
    icon
    SD (profile), Oct 24th, 2011 @ 5:02pm

    Advertisers are getting search engine keyword data from Encrypted Google Search, not http referrer data. In 2009 they added a MITM script which lies between the results page and the site you are trying to visit. The second you click on a search result Google already knows. A few people have made userscripts to strip out the MITM script:

    https://www.userscripts.org/scripts/show/47300
    https://www.userscripts.org/scripts/show/ 95092

    This data has a more prominent place in their search business than advertising since they can use its data to position search results somewhat in the order of "most clicked". They can position results today better than when they were using Google Analytics for the same purpose alone, since not every site on the internet uses Google Analytics.

    By coincidence(?) this setup can also overcome the issues tracking when moving between SSL and Non-SSL pages. But only if the visitor came from Encrypted Google Search. If Bing or Yahoo were to start using encryption, AdSense users wouldn't be able to get that search engine keyword data from Google...

     

    reply to this | link to this | view in thread ]

  6.  
    identicon
    out_of_the_blue, Oct 24th, 2011 @ 5:08pm

    Failure to understand corporatism: #1 through #20 priorities are MONEY.

    Our pal Danny goes wrong with premise: "Google is a company that prides itself by doing right by the user." -- PFFFT! At most they snicker evilly at putting that appearance over on nebishes. The mask is coming off Google by degrees.

    Danny goes on to say that Google breaks web standards by still providing data to unsecured /paying/ advertisers but not publishers. I've highlighted key word there. This appears to be a shock to both Danny and Mike.

    "Last week, when Google announced ... I thought it was a good thing. ... But that was before Danny Sullivan's post..." -- So Mike was wrong while I, who simply assumed evil machinations back of it, am proved right.

     

    reply to this | link to this | view in thread ]

  7.  
    icon
    iamtheky (profile), Oct 24th, 2011 @ 5:37pm

    stop me if i am retarded,

    If it is only encrypting 10% of the users, then the publishers will see a maximum 10% drop in lost referral data.

    Not cool, but is it still "antitrust" at only 10%?

     

    reply to this | link to this | view in thread ]

  8.  
    identicon
    Anonymous Coward, Oct 24th, 2011 @ 8:05pm

    Re: Re: Re:

    Oh - I thought you had drank it all.

     

    reply to this | link to this | view in thread ]

  9.  
    icon
    B Pickel (profile), Oct 24th, 2011 @ 8:13pm

    Re: Re: Re:

    then that explains why i can still access my rum

     

    reply to this | link to this | view in thread ]

  10.  
    identicon
    Anonymous Coward, Oct 24th, 2011 @ 9:03pm

    Re: Re: Re: Re:

    SHHH!!!! Don't let congress know that. I'm trying to get a new bill passed.

     

    reply to this | link to this | view in thread ]

  11.  
    icon
    PaulT (profile), Oct 25th, 2011 @ 2:05am

    Re: Failure to understand corporatism: #1 through #20 priorities are MONEY.

    "So Mike was wrong while I, who simply assumed evil machinations back of it, am proved right."

    No, it just means you're a paranoid loon who attacks Google at the drop of the hat, and this happened to be the time of day when your stopped clock was relatively correct.

     

    reply to this | link to this | view in thread ]

  12.  
    icon
    Scooters (profile), Oct 25th, 2011 @ 3:44am

    I've read the article twice before it sank in.

    This has nothing to do with encryption or making the internet "safer", which Google can still do.

    I had originally misinterpreted the article to think Google has some supernatural power to convert an encrypted referrer to a non-encrypted result for advertisers, but thankfully, this only applies to their search results.

    Their search results. Which means, quite frankly, they can do whatever the hell they want with them.

    To me, this is no different than Nielsen or NPD wrapping up viewership/sales data and giving it away for free to the partners who fund them.

    To see the article then infer Google's not taking responsibility to helping secure the internet was an insulting smoke and mirrors tactic.

    I'm all for https and agree the internet would be much more safer if everyone jumped on board, but it's not very nice to blame Google for it not getting where it should be simply because the company tries to put its business model in a position to remain relevant should the internet go https while still giving customers what they expect.

     

    reply to this | link to this | view in thread ]

  13.  
    identicon
    Schmoo, Oct 25th, 2011 @ 5:37am

    Making a site SSL is not just a matter of thinking it's a good idea - there are implications of cost (certificate setup), performance (SSL is slower) and hassle (do you want your users subjected to a million pop-ups when you load images from a non-SSL domain to spare the performance delay?), etc.

     

    reply to this | link to this | view in thread ]

  14.  
    icon
    The Groove Tiger (profile), Oct 25th, 2011 @ 7:03am

    Re: Re: Re: Re: Re:

    Be vewy vewy quiet... I'm hunting piwates...

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This