HTTPS Encryption Default For Google Searchers

Google has said it will begin redirecting most of users signed into their Google accounts to the HTTPS version of Google.com, which encrypts searches that users perform, as well as the results.

The encryption comes courtesy of SSL (Secure Socket Layer), a security standard used by most banking and e-commerce Websites. Google began using SSL as the default setting for Gmail in January 2010 after it learned that Gmail had been hacked in China.

The company then began offering encrypted search at https://encrypted.google.com for those who wanted to try it in May 2010.

Personal search needs protection

With search becoming more personalised – that is, tailored to specific users’ preferences based on their previous searches – Google said it has become more important to shore up search results directed to users.

This is especially true at a time when more users are accessing Google search from unsecured Wi-Fi connections, such as mobile hotspots at Starbucks and other cafes with Internet access.

What this means is that when users use https://www.google.com to search, Websites such as Amazon.com, eBay and others will know that users came from Google and will receive an aggregated list of the top 1,000 search queries that propelled traffic to their Website over the past month.

These Websites will not receive any info about specific queries individuals make, such as what they searched for, when and from what computer.

However, users who elect to click on an ad appearing on a Google search results page will still send the relevant query over the network to enable advertisers to gauge the effectiveness of their campaigns and to improve the ads they present to users. Search Engine Land offers plenty more on how this change works.

“We hope that today’s move to increase the privacy and security of your Web searches is only the next step in a broader industry effort to employ SSL encryption more widely and effectively,” wrote Google search product manager Evelyn Kao.

Many Internet companies that did not rely on encryption have begun adding the security layer to their Websites. Facebook added HTTPS support in January 2011 and Twitter added HTTPS support in March.