Google Now Using HTTPS As A (Very Slight) Ranking Signal In Search To Encourage More Encryption

from the pros-and-cons dept

Back in April, we wrote about claims that Google was considering giving a boost in its search rankings to sites that are encrypted. Today, it officially announced the policy, noting that the company has been testing it for a little while and thinks that it works well. The weighting is very tiny, but the company makes it clear that it will likely increase that over time, and the current low ranking is more of a “grace period” to encourage more sites to encrypt. Google also makes clear that its reason for doing this is to encourage greater encryption to make the entire web more safe and secure:

For these reasons, over the past few months we?ve been running tests taking into account whether sites use secure, encrypted connections as a signal in our search ranking algorithms. We?ve seen positive results, so we?re starting to use HTTPS as a ranking signal. For now it’s only a very lightweight signal?affecting fewer than 1% of global queries, and carrying less weight than other signals such as high-quality content?while we give webmasters time to switch to HTTPS. But over time, we may decide to strengthen it, because we?d like to encourage all website owners to switch from HTTP to HTTPS to keep everyone safe on the web.

When we wrote about it back in April, I found it a bit surprising that Google would do this, given that, historically, it has always said its search rankings were entirely focused on quality. You could, perhaps, make an argument that a site that uses SSL is more likely to be a high quality site, but Google doesn’t even appear to be making that argument. As a site that has already strongly moved to SSL, this might (marginally) help our Google rankings (not that we actually get much traffic from Google in the first place), and getting much more of the web encrypted is a good thing in general.

It still seems, though, that for all the good this does, others will now make use of this as an argument for other kinds of “nudging” behavior by Google. For years, the legacy entertainment industry has pushed Google to better rank “good” sites and to downrank “pirate” sites — which the industry still seems to think is a simple black and white calculation (it’s not). Google can point out that SSL v. non-SSL is obvious, but I fully expect those who seem to think Google should be designed in their own interests, as opposed to those of Google’s users, to jump on this as proof that Google can solve other problems.

This still is a good move, though. Encouraging more encryption on the web is always the right move. I’m just still a bit surprised that Google would take this step, and wonder how others will react to it.

Filed Under: , , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Google Now Using HTTPS As A (Very Slight) Ranking Signal In Search To Encourage More Encryption”

Subscribe: RSS Leave a comment
24 Comments
GMacGuffin (profile) says:

“It still seems, though, that for all the good this does, others will now make use of this as an argument for other kinds of “nudging” behavior by Google.”

I am at a loss to think of an argument by any industry that couldn’t be answered by Google with: “This issue is bigger than you … or your financial interests. Go talk to Bing.”

Gracey (profile) says:

[quote] You could, perhaps, make an argument that a site that uses SSL is more likely to be a high quality site, but Google doesn’t even appear to be making that argument. [/quote]

Could you though? I’ve seen a lot of very bad websites created of entirely scraped contents that use SSL. That Google would even consider these as being able to rank even slightly higher in search results due to the use of SSL would be ludicrous.

A bad website is a bad website, whether it uses SSL or not. That being true, then one would hope that Google is smart enough to rank a higher quality site that doesn’t use SSL higher than it would rank a bad site that does use SSL.

If their algorithm doesn’t do that, then using SSL as even a very minor ranking factor would be a very bad step in my opinion. It needs to be and and/if situation as opposed to “oh, they use SSL so they get a better rank”.

I’d assume there is more to it than that, but assumptions often get one in a place they don’t want to be.

Whatever (profile) says:

Re: Re:

I really think Google feels they are onto something here, but they may be fooling themselves.

I think Google wants to use this as a signal in part because it will help them filter out certain sites that are not being maintained or updated. It will certainly create another layer of work for those running parking pages.

If there is a massive increase in sites using SSL after this announcement, Google will have shown themselves to be perhaps a little too powerful in the marketplace. If everyone is rushing to adjust to Google, do they hold what is essentially a overly dominant position over the web? Anti trust, perhaps?

Google very likely sees this as a populist theme they can work, hoping that you will forget that they didn’t secure their own internal networks in the past.

Mr. Oizo says:

Another PR stunt by the NSA/Google

Another PR stunt by Google. They don’t give a flying fuck about security. To know that look at Android. They are only interested in identity, which is of course part of SSL and their NSA mission. The time is coming and it is coming very quickly that Google will find itself suddenly without the support they once had. They will crawl back to the customer and beg them for more information, yet those people will no longer trust Google to be anything else but a self-promoted American company that is only there to spy.

Mr. Oizo says:

Identity platform

To show what a joke their own SSL is, go to Googles’ identity platform G+, hover over the security certificate and behold. The connection is only partially encrypted. So in the end, it does not help with privacy nor with security.

How would/could this Secure Layer solve the gaping wound you Americans inflicted ? Is there really anyone who still thinks it is a safe bet to believe in anything what Googles claims ?

DaveHowe (profile) says:

Sadly,...

I don’t see this as a good idea. Lets say you have a site that is competing with other similar sites on content; it is purely a provider of info (so no user submissions or logins to worry about) but has lost pagerank to another site that has better content.

To improve your google rankings, you can either:
a) add or update content to improve the quality of your site
b) buy a worthless https certificate (for $150/year or so)

While I am a strong believer that https should be applied wherever appropriate, I am not sure “everywhere” is appropriate.

Anonymous Coward says:

I’m torn on this. My first reaction was, “Awesome. We need better privacy and security,” but then I thought about it some more and grew uncomfortable with the idea of Google filtering search results based on something other than relevance. Their goal is now no longer find the information the user is looking for and the end result is an inferior search engine. When I get a page of search results I don’t skip past the http links to the https ones. The goals provide optimal search results and improve security on the web are in conflict.

John Fenderson (profile) says:

Re: Re:

“uncomfortable with the idea of Google filtering search results based on something other than relevance”

Google has always filtered on things other than relevance (site reputation as defined by the number of sites that link to it comes to mind.) This does seem in line with that.

However, more recently, Google has been filtering more and more heavily on signals that don’t relate to relevance. For instance, they down-rate or omit sites that are offensive to powerful interests (the most recent example being the RTBF, but there were many before that.)

So, in a sense, the relevance ship has been out of port for a long time.

Add Your Comment

Your email address will not be published.

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...
Loading...