When you install a web browser that claims to block trackers, you might think that would stop websites spying on your browsing activity.
If so, you’d be wrong. As tracking protection becomes a table-stakes feature in more web browsers including Apple’s Safari, Mozilla Firefox, and Microsoft Edge, the targeted ad industry has found a way to circumvent those measures. It’s called “bounce tracking” or “redirect tracking,” and it involves hiding trackers inside the links you click on, making them harder to block without breaking websites.
“Anybody who runs an ad network is almost certainly doing some version of this,” says Peter Snyder, director of privacy at Brave, which has made privacy a central feature of its web browser.
While bounce tracking isn’t the only way websites can evade web browsers’ privacy controls, it’s received less attention than other tactics such as fingerprinting, which involves identifying users via their computers’ unique attributes. Even so, some browser makers say bounce tracking has become a widespread issue, and now they’re finding new ways to fight back.
How bounce tracking works
The most basic form of tracking protection on the web involves blocking certain types of “cookies,” or the identifiers that websites use to recognize individual visitors. Web browsers’ anti-tracking tools generally allow sites to store their own cookies so they can remember repeat visitors, but they’ll block cookies that originate from other parts of the web, which some companies use to follow you around online.
Safari started blocking some of these third-party cookies in 2017, and moved to complete blocking last year. Firefox added cookie blocking by default in 2019, as did Brave, which launched out of beta that same year. Microsoft Edge followed suit when it launched out of beta in early 2020.
“There’s this Las Vegas rule: What happens on one website stays on one website, and when you visit a different site, it shouldn’t be able to know exactly what you did on the other site,” Snyder says.
