October 13, 2010 | By Seth Schoen

Search Engines Protect Privacy with Outbound HTTPS Links

One great trend for Internet users' privacy and security has been that search engines — among other popular sites — are making their services available in a secure HTTPS form.

But users can still run into a privacy problem when they click on search results: the destination page could be unencrypted, potentially revealing lots of information to eavesdroppers about a user's interests and activities. For instance, suppose you search for [coronary artery disease] on a search engine, and you click on the search engine's outbound result link to Wikipedia's page at http://en.wikipedia.org/wiki/Coronary_artery_disease. Even if your connection to the search engine was protected by HTTPS, your connection to Wikipedia won't be!

But it could have been protected — after all, Wikipedia has a partially HTTPS-protected version at the alternative address https://secure.wikimedia.org/wikipedia/en/wiki/Coronary_artery_disease. The search engine would just have to know to send you to that link instead of the insecure link. (Or you could use EFF's HTTPS Everywhere software to rewrite the link inside your browser; but currently it's only available for Firefox and doesn't come with browsers by default.) Wouldn't it be great if search engines results preferred the secure form of web sites?

This week the developer of the search engine Duck Duck Go let us know that Duck Duck Go is doing exactly that, using EFF's HTTPS Everywhere rules to automatically generate secure outbound links where possible. (For example, Duck Duck Go is rewriting not only links to Wikipedia but also links to sites like Twitter and Facebook into HTTPS.)

This is a great step toward making HTTPS use much more routine and ubiquitous. We were also thrilled to discover that StartPage, a pioneer in search privacy, is also generating secure outbound Wikipedia links. Hopefully more search engines will adopt this practice soon!


Deeplinks Topics

Stay in Touch

NSA Spying

EFF is leading the fight against the NSA's illegal mass surveillance program. Learn more about what the program is, how it works, and what you can do.

Follow EFF

The clock is ticking on Section 215 sunset, but the Senate is in stalemate on NSA spying powers: https://eff.org/r.tpwa

May 22 @ 10:58pm

BREAKING: At the behest of @SenateMajLdr, the Senate will meet Sunday, May 31st in the afternoon, mere hours before Section 215 expires.

May 22 @ 10:20pm

BREAKING: Senator Rand Paul objecting to even one more day of extending Section 215.

May 22 @ 10:08pm
JavaScript license information