Secure search could scupper web analytics

Traffic sniffing technology boosts privacy, but leaves webmasters in the dark

Stewart Mitchell
25 May 2010

Web analytics firms are warning they could be hamstrung by privacy measure being implemented in search engines.

Google launched a beta of a SSL version of its search engine earlier this week, which provides encrypted search between your computer and Google. That means search terms and results pages cannot be intercepted by a third party.

That’s good news for privacy-conscious surfers, but could cause serious problems for webmasters and the web analytics industry, according to analytics firm Clicky.

“When you click a link on an HTTPS page, your browser does not send a referrer, which is why HTTPS search engines will result in 'secret' searches that we can't see,” Clicky claims on its blog.

If Google turned on SSL by default, the company said, “that would be very irritating for web masters - we would have no idea what people were searching for to get to our site, which is arguably the number one reason to run analytics in the first place”.

Google’s service is not currently switched on by default, but it made encrypted Gmail an option before eventually rolling it out as standard. Another search engine, DuckDuckGo, has set its encrypted search as default.

Google says it launched the service in response to demands from privacy campaigners such as the Electronic Frontier Foundation as a protection against state and commercial snooping.

“I might want to do a private search that the hotel or local cafe can’t see,” wrote long-term Google developer Matt Cutts in his blog. “A Secure Sockets Layer (SSL) connection provides an encrypted tunnel between my browser and Google, so other people can’t sniff what I’m searching for.”

Read more about: