Auerbach said the problem is in "referers," a legacy HTTP mechanism used for seeing what websites people come from. The EFF technologist said referers are only sent from HTTPS sites when going to another HTTPS website – the idea being that information is protected on both ends.
“It's very silly that web browsers send them at all,” said Auerbach. “There's no reason for it technologically speaking. We really hope browsers become more aggressive about blocking them. If people want referrers [from Google] they will have to implement HTTPS. That can be the incentive to adopt HTTPS, but ultimately it would be better if it wasn't sent at all.”