In March, Google began to track the progress of its encryption efforts across all of its services. Encrypted sites, or those whose web addresses begin with HTTPS, “keep people’s information safe as it moves between their devices and Google,” the company wrote on its Security Blog, “protecting it from interception and unauthorized access by attackers.”
In the spring, Google reported that 75% of its servers used encrypted connections — though YouTube traffic was not included in this figure. But now, as Google moves to implement HTTPS by default across all of its services, the company will begin to report the extent to which traffic on YouTube is encrypted as well, it announced today. Over the past two years, Google says it has rolled out encryption to 97% of all the traffic on YouTube.
The team faced several hurdles on the road to encryption — as described on YouTube’s Engineering and Developers blog. Software engineer Sean Watson and product manager Jon Levine noted that YouTube’s avalanche of traffic and the numerous devices that people use to watch videos — from flip phones to smart TVs — made the feat that much more difficult.
“Some devices do not fully support modern HTTPS,” Watson and Levine noted of why the site isn’t yet 100% encrypted. “Over time, to keep YouTube users as safe as possible, we will gradually phase out insecure connections.”