On Tuesday the Jeff Bezos-owned Washington Post became the first sizable news organization to start rolling out automatic encryption across parts of its website, the Post reports. The technology affords greater security and privacy to site visitors by making their Internet traffic inscrutable to onlookers and prying eyes.
The first sections to receive the buffer are the paper’s homepage, its national security page (appropriate), and its tech policy blog “The Switch” (also fitting). Should you click one of those links: Look for the “https” and padlock icon preceding the site’s URL. Most popular browsers use these indicators to signify that a site is protected. The rest of the site will reportedly transition to “https”—the “secure” version of standard hypertext transfer protocol—over the coming months.
Thus, the Post has joined the steady march of online destinations that are choosing to encrypt Internet traffic by default. Already, smaller digital publications such as the Pierre Omidyar-backed The Intercept and TechDirt encrypt reader sessions automatically. While the New York Times has urged others to embrace the protocol, it has not gone full in itself, the Post notes. (Fortune.com supports https on certain pages, but it is not the site’s default setting.)
Following the recent massive breaches of the Office of Personnel Management, the White House mandated that all federal websites must implement “https” by the end of 2016.
“The unencrypted HTTP protocol does not protect data from interception or alteration, which can subject users to eavesdropping, tracking, and the modification of received data,” a June memo from the federal chief information officer Tony Scott warned. Agencies such as the Federal Trade Commission made the https initiative a priority even before the government created a deadline.
It is already common practice for banks and e-commerce sites—which are constantly exchanging sensitive user information—to establish private browsing sessions with the secure protocol. Without it, hackers or spies on the same network could snoop on and track visitors’ reading habits. Such visibility can also have grave consequences for dissidents in countries with oppressive political regimes.
More than half of global Internet traffic will likely be encrypted by year-end, projects an April report from the Canadian networking equipment company Sandvine. That shift is thanks, in no small part, to the video-streaming behemoth Netflix’s (NFLX) decision to adopt the secure protocol over the next couple years. Big-hitters such as Google (GOOG), Facebook (FB), and Twitter (TWTR) are already onboard. And Firefox browser-maker Mozilla has announced its intention to discontinue support for non-secure http.
The Post expects the switch to https to have a slightly adverse effect on its advertising revenue, sales director Jeff Burkett told the paper, since all outside content will have to jibe with the new protocol.
In the grand scheme of things, that’s a small price to pay for some peace of mind.
