jecasc - 11:43 am on Oct 21, 2011 (gmt 0)
I use the the information about search queries to improve my websites or ad campaigns like every other webmaster.
But if I am honest I have to admit that - as useful as the data is - we as webmasters have no right to this information - especially as long as it can be attributed to a single visitor.
It is private information that should never have been shared with us in the first place. Not by any search engine. The user submits his query to the search engine and the average user is not even aware that this information is shared with website owners.
The reason we get it is, that historically the search engines have used GET and not POST as method in their forms and so the query strings ended up in the referrer. But this has been a mistake and huge gap in privacy from the beginning.
Actually I can't remember how often I have found embarassing queries from visitors in my logs or in logs of companies I have worked for. "Please god make my #*$!les go away" has been one of the more harmless ones. I have seen everything - from medical conditions to political affiliations. Queries From Herpes to Hepatitis from racist to #*$!ographic. Just do a quick search for "funny search queries" and you will find several thousand webmasters who publish the funniest queries they found in their logs.
The problem is not that a middleman might get this data. The problem is that we as website owners get this data. Always has been. This is the real privacy issue here.
The data usually remains anonymous but everybody here knows that once a user creates an account on a website it is possible to attribut the query to a specific individual. Depending on the type of website you get this information complete with address, phone and credit card number.
When your customer buys Aspirin on your website it is actually none of your business that he searched for "cure against hangover" and if he buys washing gel you should not know that he searched for "getting rid of #*$!les in my butt". And it is none of your business if the Vaseline was intended for cuts in boxing or for other purposes.
So the only correct way to implement referall privacy correctly is to not send the search queries through the referrer at all. To nobody.
The information should only provided as anonymized statistic like in Google Webmastertools.