Joining the Google SSL conspiracy theories

Posted on 25. Oct, 2011 by in Digital Marketing



A week ago Google announced it would make search more secure. It would do this by automatically deploy SSL encryption on searches for logged in users. A logged in user is someone with a cookie from YouTube, Google+, Gmail, etc, that’s still active. Google suggests that that’s less than 10% of current searches.

The search world responded by erupting into debate. This post is not just my contribution to that debate but my attempt at a rebuttal. The conspiracy theories are actually grown from common sense and logical observation but I think they’re short sighted. We need to look at the longer game.

Google’s decision to rollout SSL automatically has a significant impact on analytics. With SSL in place analytics platforms are no longer able to see the URL of the page that the searcher just came from – this means we can’t see which keywords are driving traffic. There are, however, some exceptions.

Exception 1 – Google has taken deliberate steps to ensure that you can still see that the search traffic has come from Google. Google learnt this lesson from Google Buzz. Google Buzz ran on SSL so site owners could never tell how important it was or was not. When Google+ launched they made sure clicks route out of the system via a non-SSL URL so analytic platforms can see plus.google.com as the referral.

As Ian Thomas of Microsoft and respected analytics insider pointed out – SSL should stop all referral information. Google has gone of its way to ensure you can see their engine is still responsible for your traffic.

Exception 2 – Paid Search. Advertisers paying for their clicks will still enjoy some keyword insight. This led Danny Sullivan to call out Google suggesting they had put a price of privacy.

As you might expect there’s also a big catch. SSL does not really help your privacy. Not much. It stops websites from seeing the keywords you used to find their content. If you don’t want your online travel agent to see that you searched for [brand hotels in London] before arriving on their hotels in London page then, yeah, I suppose that’s a little victory for privacy. It offers pretty much nothing outside of that example.

I don’t think Google wants to block keyword data.

I mean, sure, it could supe up Google Analytics so that it’s the only analytics platform in the world able to reveal natural search keyword data. Google’s got enough monopoly battles to find that an unwelcome battlefront to open.

Remember when Google accused Bing of copying its search results? The SSL might be the first attempt to stop that – but it’s a pretty flaky attempt. It’s not full coverage and Microsoft has other ways to getting access to user behaviour data.

Search retargeting companies are quite sexy right now, doing well and helping advertisers take a second bite of the cherry by showing targeted display ads based on previous searches. I suspect Google would rather be in and part of this ecosystem than try and kill it dead. I don’t think that’s the reason.

I think the blocking of keyword data is the consequence of the SSL – not the reason.

So what might the reason be?

It’s just a hunch, my own pet theory, but I’m looking towards the use of extra devices. If you have an Android phone then you are logged in. With Android 4.0 you can be logged into your tablet and even your TV.

Google wants to enable safe and secure ecommerce across all these devices. Google needs the “I’m logged in” environment to be secure. The way to accept micropayments or confirm credit card details from the search results (for example; app marketplace) is to ensure that those results are presented via SSL.

This would allow Google to have a search engine that could be used to serve up TV shows, movies, apps, mobile subscription content and all the rest and allow one click purchase for download.

That, for me, is a more likely future than one in which Google disempowers the digital marketplace by reducing the availability of information.

Picture credits.

Tags: , , , , , , ,

  • http://www.strategyinternetmarketing.co.uk/ Mark Simons

    Correct me if I am wrong, but couldn’t you grab the URL query strings from the server logs?

    Bit of a long winded. old school way of doing it, but if you really wanted to see keyword info you could do this.

    • http://about.me/andrewgirdwood Andrew Girdwood

      Actually; it’s in between. In this scenario Google are providing  header data to say that the traffic came from Google – so that’s all your server logs will record; that overwrite of information. You still won’t see keywords.

      You certainly won’t get them in semi-real-time for search re-targeting, split testing, etc.

      • http://www.strategyinternetmarketing.co.uk Mark Simons

        Hmmm, that’s a bit of a bummer. At the moment it is having a negligible effect on my clients Analytics data but if Google+ keeps growing it could look very different in a year or 2′s time.

        Thanks for the clarification though.