To help you better identify the signed in user organic search visits, we created the token “(not provided)” within Organic Search Traffic Keyword reporting. You will continue to see referrals without any change; only the queries for signed in user visits will be affected. Note that “cpc” paid search data is not affected.
...today we announced [googleblog.blogspot.com...] that SSL Search on https://www.google.com will become the default experience for signed in users on Google.com. This change will be rolling out over the next few weeks.
What is the impact of this change for webmasters? Today, a web site accessed through organic search results on http://www.google.com (non-SSL) can see both that the user came from google.com and their search query. (Technically speaking, the user’s browser passes this information via the HTTP referer field.) However, for organic search results on SSL search, a web site will only know that the user came from google.com.
This is not the first time that this stripping of query strings has happened and despite the then assurances that it was only a test and Google wasn't going to do this (which really makes all analytics tools lose one of their primary functions), they have proceeded!
It will allow us to see how many people are getting personalized results but for the World where Google rules, webmasters have lost a crucial part of their business intelligence.
I expect something of an uproar over this!
Oh, and as an afterthought, I really don't buy into the "protecting users" waffle when you can still get the data from searches via AdWords. What? People who click on paid results don't deserve the same "user protection"?