On Tuesday, Google announced that by default, it would encrypt the search sessions of anyone signed in to Google.com. This means that when someone searches, no one can see the results that Google is sending back to them.
Though inconvenient for web publishers who track incoming search traffic, that’s a good thing. It reinforces privacy for those who are explicit about using Google’s encrypted search. But:
Google has designed things so that Caller ID still works for its advertisers, but not anyone else, even though the standard for secure services isn’t supposed to allow this. It broke the standard, deliberately, to prevent advertiser backlash.
So they’re passing referrer data on sponsored links so advertisers can still track incoming traffic, regardless of whether the user has used Google encryption or not. It makes sense from a business perspective: keep the paying customers – the advertisers – happy. It means, though, that Google’s privacy policies are being dictated by money. That can’t be a good thing.