Bad Move By Google: Hiding Search Referral Info… Unless You're An Advertiser

from the does-no-one-review-these-things-for-anti-trust-issues? dept

Last week, when Google announced that it was going to start encrypting searches and outbound clicks by default for users who are logged in, I thought it was a good thing. Greater encryption makes sense for a lot of search info. I was also mostly unimpressed by the complaints of search engine optimizers that this took away a key source of data on search referrals — even though, as a publisher, search referrals are actually pretty important info for me to understand.

But that was before Danny Sullivan’s post over the weekend that goes into great detail on the specifics of what Google did and on how it appears to only block such info from publishers, while creating a work around for advertisers. This seems especially questionable — and doubly so — at a time when Google is facing antitrust scrutiny. Do they have no one at the company who reviews these things for how it will look on the antitrust front?

I won’t get into all the details — seriously, just read Sullivan’s post to understand what happened — but the simplest way to explain it is that Google had a real opportunity to actually make the web a lot more secure, by creating a real incentive for lots of other sites to become more secure. But, instead, it limited things in a way that suggests it’s doing things that are potentially anti-competitive, favoring its own advertisers and providing them info that others don’t get. The key point isn’t that Google turned on the default SSL searches, but how they did it, and how they missed an opportunity to actually make things more secure:

What I do know is that Google missed a huge opportunity to make the entire web much more secure. Google could have declared that it was shifting its default search for everyone ? not just logged-in users ? to be secure. Privacy advocates would have loved this even more than the current change which, using Google?s own figures, protect less than 10% of searchers.

Google could have also said that if anyone wanted to continue receiving referrer data, they needed to shift to running secure servers themselves. Remember, referrers pass from secure server to secure server.

Millions of sites quickly adopted Google +1 buttons in the hopes they might get more traffic from Google. Those same millions would have shifted ? and quickly ? over to secure servers in order to continue receiving referrer data.

Better protection across the web for everyone, while maintaining the unwritten contract between search engines and the publishers that support them to provide referrer data. That would have been a good solution. Instead, we got Google providing protection for a sliver of those searching, withholding data from the majority of sites that support it and solving problems only for its advertisers.

Hopefully, Google will see the wisdom of what Danny is suggesting, and make that change, rather than the one that they did.

Filed Under: ,
Companies: google

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Bad Move By Google: Hiding Search Referral Info… Unless You're An Advertiser”

Subscribe: RSS Leave a comment
SD says:

Advertisers are getting search engine keyword data from Encrypted Google Search, not http referrer data. In 2009 they added a MITM script which lies between the results page and the site you are trying to visit. The second you click on a search result Google already knows. A few people have made userscripts to strip out the MITM script:

This data has a more prominent place in their search business than advertising since they can use its data to position search results somewhat in the order of “most clicked”. They can position results today better than when they were using Google Analytics for the same purpose alone, since not every site on the internet uses Google Analytics.

By coincidence(?) this setup can also overcome the issues tracking when moving between SSL and Non-SSL pages. But only if the visitor came from Encrypted Google Search. If Bing or Yahoo were to start using encryption, AdSense users wouldn’t be able to get that search engine keyword data from Google…

out_of_the_blue says:

Failure to understand corporatism: #1 through #20 priorities are MONEY.

Our pal Danny goes wrong with premise: “Google is a company that prides itself by doing right by the user.” — PFFFT! At most they snicker evilly at putting that appearance over on nebishes. The mask is coming off Google by degrees.

Danny goes on to say that Google breaks web standards by still providing data to unsecured /paying/ advertisers but not publishers. I’ve highlighted key word there. This appears to be a shock to both Danny and Mike.

“Last week, when Google announced … I thought it was a good thing. … But that was before Danny Sullivan’s post…” — So Mike was wrong while I, who simply assumed evil machinations back of it, am proved right.

PaulT (profile) says:

Re: Failure to understand corporatism: #1 through #20 priorities are MONEY.

“So Mike was wrong while I, who simply assumed evil machinations back of it, am proved right.”

No, it just means you’re a paranoid loon who attacks Google at the drop of the hat, and this happened to be the time of day when your stopped clock was relatively correct.

Scooters (profile) says:

I've read the article twice before it sank in.

This has nothing to do with encryption or making the internet “safer”, which Google can still do.

I had originally misinterpreted the article to think Google has some supernatural power to convert an encrypted referrer to a non-encrypted result for advertisers, but thankfully, this only applies to their search results.

Their search results. Which means, quite frankly, they can do whatever the hell they want with them.

To me, this is no different than Nielsen or NPD wrapping up viewership/sales data and giving it away for free to the partners who fund them.

To see the article then infer Google’s not taking responsibility to helping secure the internet was an insulting smoke and mirrors tactic.

I’m all for https and agree the internet would be much more safer if everyone jumped on board, but it’s not very nice to blame Google for it not getting where it should be simply because the company tries to put its business model in a position to remain relevant should the internet go https while still giving customers what they expect.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...