Google considers boosting sites that use encryption

0
A Google-branded refrigerator is filled with the citrus beverage Sprite. [Photo: Aray Chen / Flickr CC]

A Google-branded refrigerator is filled with the citrus beverage Sprite. [Photo: Aray Chen / Flickr CC]

Google could offer website owners an incentive for using strong encryption methods: A higher placement on search engine results, which would undoubtedly yield more traffic.

The Wall Street Journal reported on Monday that Google engineer Matt Cutts had made the suggestion at a recent tech conference. The paper also said Cutts, identified as a sort of liaison between the company’s search and algorithm teams, had made similar suggestions in private conversations with Google employees.

Google apparently did not confirm or deny the Journal story, only telling the paper when asked that it had “nothing to announce.”

Google has been pushing for encryption among its various web products since last year’s disclosures by former NSA whistleblower Edward Snowden that American intelligence agencies had employed clandestine surveillance programs that tap into online communications, including those of Google users. The Silicon Valley company has been one of several American tech giants to call for reforms to the surveillance programs.

Last month, Google announced it would start encrypting e-mail messages when they are sent between a user’s computer and Google’s data centers. Since 2010, Google has encrypted user activity, such as logging in or viewing an e-mail, but the company didn’t encrypt the content of a message until just recently.

Now, Google appears to be considering wielding its search engine influence to push other websites to adopt the same security practices. The idea is that more websites will adopt stronger security measures to land a coveted spot toward the top of Google’s search results.

“This would be a wonderful thing,” Kevin Mahaffey, the chief technology officer at security company Lockout, told the Journal.

But Danny Sullivan, the editor of Search Engine Land, warns that it could prompt the wrong kind of changes from websites that try to “game” Google’s search engine through a method known as search engine optimization, or SEO.

The change would also only work on the assumption that encryption standards are infallible. Last week, thousands of websites were forced to modify their encryption methods after it was discovered that a bug known as “Heartbleed” could allow hackers to take advantage of a flaw in the OpenSSL encryption standard to gain access to sensitive personal information, such as passwords and credit card numbers.

Wall Street Journal: Google weighs incentivizing encryption with search results