Skip to content

Google Prepares to Take Action Against Insecure Websites

At Myers Freelance, we focus our attention on writing legal blogs. However, because one of the biggest reasons for maintaining a legal blog is to market your law firm online through search engine optimization (SEO), we keep our ears to the ground to listen for developments in the world of SEO, too. If we didn’t, we’d be shooting in the dark with our legal blogging.

So, while it has almost nothing to do with legal blogging, there’s a big change on the horizon on the SEO front that law firms should be aware of, if they want to protect their rankings and conversion rates: In October, Google is set to take the next step in its “migration” to websites that have HTTPS security.

Google Security HTTPS

Internet Security: HTTP and HTTPS

The internet is far from a secure place. Even reputable websites can be used by scammers to obtain sensitive and useful information about people, like passwords or even credit card information.

Without getting too deep into the technicalities, one way that scammers get access to sensitive information is by utilizing a weakness in the Hypertext Transfer Protocol (HTTP). HTTP is a way websites handle information, dictating how data gets passed from the website to you and, importantly, vice versa. The crucial weakness of HTTP is that it only cares that information gets passed from the source to the destination – where it goes in the interim isn’t something that HTTP handles.

Scammers have utilized this weakness for decades, stepping between users and websites that use HTTP, and gathering all of the information that ferries between them.

HTTPS is just like HTTP, but it uses a secure connection, called an SSL certificate, to funnel the data from website to user and back.

The Role of Search Engines in Internet Security

It’s important to remember that search engines are marketing businesses: They provide a free service that they then plaster with ads that make them money. That service is indexing the internet.

Because search engines rely on people seeing their ads, they care a lot about satisfying users by giving them relevant and important results for any given search. If users go to an insecure website that ends with them having their identity stolen, they might frown upon the search engine that sent them there. If this happens often enough, people will look for an alternative, reducing web traffic on the search engine’s site, which would cut into its profits as ad space loses value.

Therefore, search engines have an interest in either promoting secure websites, demoting insecure sites, or a mixture of the two. Google has done the first. Now, it’s doing the second, as well.

HTTPS Has Long Helped SEO

Search engines like Google have been promoting the use of HTTPS websites by giving them a small rankings boost since 2014. While it was only being counted as a “very lightweight signal,” adopting HTTPS for a website was an easy way to get a small jump over competition in saturated markets.

HTTP Will Now Hurt

Starting in October, 2017, Google has announced that it would start taking action against websites that have not migrated over to HTTPS and that have forms or other fields that users can fill out. However, it will not be in the form of a rankings penalty.

In an upcoming update to their Chrome web browser in October, Google will start actively warning users that a site is not secure if the site is not running on HTTPS. While the warning will only go on websites that users can enter information into, that will include nearly all law firm websites because of the ubiquitous “contact us” form. (UPDATE 2/9/2018: Starting in July, 2018, this warning will be present on all sites that have not switched over to HTTPS; not just those with fillable fields for personal information)

The good news is that this should not impact your law firm’s rankings, at least not directly. The bad news is that all Chrome users will see a message that your site is insecure in the URL line and this will deter clients from reaching out to your firm for legal help.

There’s more good news, though: Google’s push for web security is trickling down to web hosting companies, who are now often offering discounts or even free secure hosting for their clients to keep them onboard. The time is ripe to reach out to them to migrate your law firm’s site over to HTTPS.