How Private Is Your Data, Really?
The SEO industry has been crying foul since October over the controversial decision by Google to make Secure Sockets Layer (SSL) search the “default experience” for signed-in users. Why? Because SSL allows Google users to encrypt their search queries, and as a consequence, stops passing query data to analytics software - including Google Analytics. Once the switch was made, analytics users began to see “not provided” appearing in their data, indicating that the search had been encrypted and the keyword data was therefore not available.
Google’s reasoning, ostensibly, was to protect the privacy of its signed-in users. As they explain on their blog, “(Secure Sockets Layer) is a protocol that helps provide secure Internet communications for services like web browsing, e-mail, instant messaging, and other data transfers.” Though this may be true, there are a few glaring holes in this move towards increased “privacy”:
Google’s rapidly expanding suite of services and social media encourages users to stay logged-in, depriving webmasters the necessary data on their users to improve their content and engagement.
Part of the reason they made the switch was to reduce the effectiveness of their competitor’s products. Google has accused Bing of using Google data to boost their own search algorithm on a few occasions, and they’re attempting to block as much of this data as possible from being seen by anyone but Google.
Google is giving PPC advertisers exclusive access to query data while refusing to provide insights to site owners who want to grow and improve the traffic organically. So it seems that the privacy protection does not extend to you if you click on a paid ad.
It appears to be another bold move toward boosting their expanding social network, Google+. They crave the “+1”s that users add while logged-in, so that they can recommend sites to the people in your circles. Since their main rival at the moment, Facebook, has had a few major headaches in the past over privacy issues, Google continues to position itself as the more private, secure network.
But what benefit, if any, does this provide the user? The general consensus is that it does not accomplish much of anything, other than making analytics users’ lives more difficult. That, in and of itself, is not necessarily a horrible thing; however, if the user’s privacy and online experience is in no way enhanced by these changes, then it seems like a questionable decision .
And bear in mind that HTTPS (what shows in the URL field) is not a catch-all solution for online security. While it is good for protecting login pages and forms that handle sensitive information, essentially forcing much of the web to use this protocol could be considerably expensive, while providing minimal benefits:
HTTPS uses more bandwidth, requiring more power and more servers.
Pages usually load more slowly - especially on mobile devices and congested networks.
Offers no real security advantages for static HTML pages - you can still be spied-on while browsing.
It can cost a few hundred dollars per annum, per domain to set up HTTPS. For a small business that may be a prohibitive expense.
Obviously, we have not been thrilled with the news here at RSO. Not allowing us to see where some of our clients' organic traffic is coming from (and it remains to be seen what percentage of the data is being blocked) is not so much detrimental to us, but to our clients' business. Tell us what you think.