Privacy concerns, as much as anything else, should be ample motivation
The browser community has made no secret of its shared goal to mandate an encrypted internet. Already this year we’ve seen browsers start calling out sites with login fields that aren’t served over HTTPS, and those warnings figure to increase in severity over the coming months until eventually all HTTPS websites are labeled “not secure.”
One of the biggest industries that has yet to encrypt en masse is the news media. If you check the Alexa 500, the top news sites are a mixed bag. You have some, like The New York Times and The Guardian that have already encrypted, others like CNN and the Huffington Post have not.
It’s understandable. Full disclosure, we are an enterprise partner of The New York Times, we’ve helped them undertake a massive HTTPS migration and can certainly appreciate the challenges that come with securing older legacy systems, hard coded media, and a range of other difficult obstacles.
It’s a problem that almost all media companies face as they race to migrate to HTTPS before the browsers’ deadline reaches. In fact, it’s enough to almost make you want to put off the process altogether—as long as you can wait.
Unfortunately, that thinking would be a disservice to any media company’s readers. The reason for that is simple: privacy.
SSL Blocks Tracking
In the United States and around the world we’ve reached a time where the debate over privacy is boiling over. Governments and private companies alike are tracking internet users. Just recently, the US government attempted to get information on the people associated with an anti-Trump website.
Citizens’ privacy concerns are at an all-time high.
One of the benefits of SSL is it blocks an individuals’ activity on your website. Granted, someone can see that a person’s browser visited a website with SSL, but it can’t see what pages are being browsed.
This is a huge benefit to personal privacy. For instance, if a news site has a perspective section dealing with African American issues or LGBTQ issues, being tracked regularly across those kinds of pages could allow someone to infer certain details about an individual. This type of information is what allows advertisers to target ads your way and it also allows for third parties to profile you.
News sites, especially in the current political climate, have a duty to their readers to protect their privacy and prevent them from being tracked across their websites.
With freedom of the press under near-constant attack and regular cries of “fake news,” it already would be a bad look for a legitimate news outlet to be labeled “not secure.” But it’s a worse look for that news site to look like it doesn’t care about its users’ privacy. And at this point, that’s what it looks like when a news site has yet to encrypt.