How Google Analytics secures your web traffic

Originally published on
How Google Analytics secures your web traffic
Security and privacy are of utmost importance to our clients, our clients’ end users, and to Google, and secure transmission of our JavaScript libraries and measurement data is essential to that end. To implement secure transmission, Google Analytics uses HTTP Strict Transport Security (HSTS), which instructs browsers that support HTTP over SSL (HTTPS) to use that encryption protocol for all communication between end users, websites, and our servers.
The HTTPS encryption affects all traffic from supported browsers. To ensure security for our clients, there is no method by which you can opt out of HTTPS encryption of your traffic.
There is no implementation impact to site owners. No code changes are required. Google Analytics takes care of everything required to encrypt your traffic.
Impact to traffic between your site and Google Analytics servers
Encrypted traffic can be blocked by firewalls for security reasons. If end users are accessing your website from behind a firewall that blocks HTTPS, then measurement data from those users cannot be collected.