In other words
Eff you, peasant, that's why.
Now piss off!
A Californian judge has rejected a proposed settlement to a class action privacy suit brought against Google. The deal would have seen the search giant funnel millions to cherry-picked law schools and Google-friendly pro privacy groups. The lawyers for Google and the lawyers for the plaintiffs agreed to settle the class …
The referrer header was nothing to do with Google it is part of the spec and has been part of the WWW since as long as I can remember.
Google used standard query strings in the search - like many sites do.
A user typed a name (no way for Google or anyone to know if was their name or not and I would suggest that the vast majority of name searches are of other people) and this was transmitted in the referrer?
I would consider this a completely spurious allegation ask them the lawyers to go packing. If you think the users should get something then what would be the correct figure for the amount of harm they received due to this (0.0001 of a penny perhaps?). Now divide this by the cause of this by Google (as opposed to the web standards body responsible - W3C maybe?). Each user is then expected to pick up that amount of money?
I don't disagree with the fact that when there is a settlement it shouldn't be cherry picked to support, lawyers and judges but I feel this particular case was not the one to highlight this fact.
As for Google changing their business practices ... well quite some time ago the referrer header was removed due to the searches being done via HTTPS by default in Google so no referrer is sent across (almost no keywords are available to Google analytics users from Google now). Bing on the other hand doesn't use HTTPS by default and puts the referrer in the query string still.
Agree with this. Claiming Google is violating your privacy by revealing to websites the query you used to find these websites is stretching it a bit.
They might as well sue W3C for inventing the referrer header, which lets websites know – gasp – which other website you are coming from!
In fact, they should sue again Google, along with Mozilla, Microsoft and Apple for distributing browsers that fill the referrer header by default. And now I'm going to stop before I give someone ideas.
And this is why I have RefControl installed in Firefox, with the default set to "don't send a referer header"
Very few sites use it, other than certain wiki pages to control linking to images, and certain other folk who are stupid enough to use it for security and don't seem to think it can be forged.
+1 for telling me about RefControl!
As for Google's actions, true that a referrer header is part of the specs. But including the user's search terms is most definitely NOT part of the specs. I see no reason for Google to do this. Even if there is no personal information in a search, if I search for "best oven in the world" and get sent to some company's website for their oven, why should I want to tell them how I found them?
The problem with the knee jerk Google defenders here is that they're erring on the side of sharing information. I'd prefer erring on the side of withholding information, unless I decide to share it!
"including the user's search terms is most definitely NOT part of the specs."
Err, yes it is. A query string is part of the URL. This is sent as part of the spec. Blame your browser, they are the ones that follow the spec and choose to send this, nothing to do with Google 'the search engine' (although Google 'the browser' does this, just like nearly all other browsers)
Unless you are thinking that they should use POST for searches? That would be a PITA.
" I see no reason for Google to do this"
Google now encrypt the searches and have done for some time which means they DON'T send the search terms (once again - as per the spec as referrers are not passed from HTTPS to HTTP). They are one of the few big search engines to do this.
Biting the hand that feeds IT © 1998–2021