October 18, 2011 | By Peter Eckersley

Google Encrypts More Searches

Today, Google announced that it is switching its Search service for logged-in users over from insecure HTTP to encrypted HTTPS. This is a significant win for users: HTTPS is an essential protection against surveillance and alteration of your search traffic — whether by governments, companies, or hackers. Today's change appears to be designed to end a series of attacks that identified or tracked people based on the personalized search results Google gives them — but the protection also extends to outgoing search terms in many situations.

Google has offered HTTPS as an option for search users at https://encrypted.google.com for over a year, and we here at EFF built the HTTPS Everywhere Firefox extension to help users take advantage of that automatically.

There is one small caveat that users should be aware of with the new encrypted-when-logged-in Google. If you click on an advertisement, and the advertiser's website is HTTP rather than HTTPS, Google will send the search terms for that specific query to the advertiser over HTTP. The encrypted.google.com domain will continue to exist and will not have that behavior: on that domain, advertisers only get to see the search that lead to a click-through if they use HTTPS. Privacy conscious users should keep using HTTPS Everywhere, which will ensure that you're always using the encrypted.google.com domain. And of course, HTTPS Everywhere will also keep protecting you if you prefer to use Google Search without being logged in.


Deeplinks Topics

Stay in Touch

NSA Spying

EFF is leading the fight against the NSA's illegal mass surveillance program. Learn more about what the program is, how it works, and what you can do.

Follow EFF

Jail email service @JPay_com's ToS says it owns intellectual property rights over inmate-family correspondence https://eff.org/r.stln

May 5 @ 6:11pm

The Senate has unveiled the PATENT Act—an anti-troll bill. Here's what we like and what we want to see improved: https://eff.org/r.1tdw

May 5 @ 1:10pm

With "automated speech recognition, the NSA has entered the era of bulk listening," reports @the_intercept. https://eff.org/r.1o6b

May 5 @ 12:05pm
JavaScript license information