A few months ago, Google announced a change to the default behaviour of its search engine. Now, when a user is logged-in to any Google account, all navigation on the Google domain is secure.
What is the secure search?
As Jean Marie Camiade told us in a previous post, the principle holds in the use of the secure https:// protocol and the encryption of navigation data. Google’s main services, Gmail, Google+ etc… include an impressive number of users, and are constantly growing (1 billion Unique Browsers in May 2011 on all Google services ) so the impact of these changes will be more and more pronounced over time.
It causes consequences for many SEOs and web analysts.
Indeed, request performed by that “logging” user on a Google service would be in a secure protocol and therefore keywords could not be collected and used directly for optimization purposes of content, positioning in SERPs (search engine results page) of Google, or even customization in real time depending on the keyword typed.
On March 5, 2012, Michael Safyan, a software engineer at Google, said on the official Google blog “Inside Google Search” that these changes will now expand to other local Google domains around the globe including google.com, google.co.uk, google.fr, etc… In the same article, companies are also being encouraged to move to using https:// protocol gateways.
For security reasons when someone navigates from one secure website (https://) to a non-secure website (http://) no information can be captured and therefore there’s no possibility of collecting, say, the referrer.
Maybe because of Google’s advice to switch all sites to https:// protocol, some companies have mistakenly interpreted this to mean that if they switched to https, that they would then be able to capture the information.
This is not the case.
First, Google uses https. Second, Google removes keywords typed by users by using a script that websites are not be able to receive in SSL.
“Google uses a proprietary ‘hack’ to remove the keywords from the referrer. Otherwise you wouldn’t even get the “not provided” notice. Google removes the keywords using a script so that even SSL sites can’t see them.”
So, there’s no need to rush to implement this change on your website. You can evaluate impact on your own data if you analyze the keywords on Google on March 6th. Traffic keywords from unknown ([-]) should be increasing from that day.
Note: A study dedicated to Google research in https will coming soon in the “Barometer of search engines” and will complete the previous.