Editorial review: Add doc covering bounce tracking mitigations (#41740)

* Add doc covering bounce tracking mitigations

* Fixes for review comments sent by email

* Small language tweak

* Update files/en-us/web/privacy/guides/bounce_tracking_mitigations/index.md

Co-authored-by: Vadim Makeev <[email protected]>

* Update files/en-us/web/privacy/guides/bounce_tracking_mitigations/index.md

Co-authored-by: Vadim Makeev <[email protected]>

* Make example URLs consistent

* Replace PNGs with SVGs

* fix broken diagrams

---------

Co-authored-by: Vadim Makeev <[email protected]>

Author: chrisdavidmills

files/en-us/web/privacy/guides/bounce_tracking_mitigations/bounce-back.svg

@@ -0,0 +1,78 @@
+---
+title: Bounce tracking mitigations
+slug: Web/Privacy/Guides/Bounce_tracking_mitigations
+page-type: guide
+spec-urls: https://privacycg.github.io/nav-tracking-mitigations/#bounce-tracking-mitigations
+sidebar: privacy
+---
+
+**Bounce tracking mitigations** is a browser feature that enhances user privacy by protecting against **bounce tracking**. This article explains what bounce tracking is, and how bounce tracking mitigations work.
+
+## Bounce tracking defined
+
+Bounce tracking (sometimes called redirect tracking) is an abuse of cross-site navigation in which a tracker redirects a user to their website for the purpose of setting a first-party cookie to track that user across other sites. The redirection can happen so quickly that a user may not even notice it.
+
+In effect, bounce tracking enables tracking cookies to be set even if the browser has [third-party cookies](/en-US/docs/Web/Privacy/Guides/Third-party_cookies) disabled.
+
+Bounce tracking can be done in a couple of different ways:
+
+1. As a "bounce back". In this case, the user starts on a website (`site1.example`), is navigated to a tracker site (`tracker.example`) where the tracking cookie is set, and then redirected back to `site1.example`.
+
+   <!--
+
+   Mermaid JS source:
+
+   flowchart LR
+      A["site1.example"] -- &nbsp;&nbsp;1: Navigate&nbsp;&nbsp; --&gt; B["tracker.example"]
+      B -- &nbsp;&nbsp;2: Store cookie&nbsp;&nbsp; --&gt; C[("Browser")]
+      B -- &nbsp;&nbsp;3: Redirect&nbsp;&nbsp; --&gt; A
+
+   https://www.mermaidchart.com/ was used to generate the chart, with the "Default theme"
+
+   -->
+
+   ![An illustration of a bounce back example](bounce-back.svg)
+
+2. As a "bounce through". In this case, the user starts on a website (`site1.example`), is navigated to a tracker site (`tracker.example`) where the tracking cookie is set, and then redirected to another site (`site2.example`).
+
+      <!--
+   
+   Mermaid JS source:
+   
+   flowchart LR
+     A["site1.example"] -- &nbsp;&nbsp;1: Navigate&nbsp;&nbsp; --&gt; B["tracker.example"]
+     B -- &nbsp;&nbsp;3: Redirect&nbsp;&nbsp; --&gt; C["site2.example"]
+     B -- &nbsp;&nbsp;2: Store cookie&nbsp;&nbsp; --&gt; D[(Browser)]
+   
+   
+   https://www.mermaidchart.com/ was used to generate the chart, with the "Default theme"
+   
+   -->
+
+   ![An illustration of a bounce through example](bounce-through.svg)
+
+In both instances, users may be unaware they have visited `tracker.example`. They may believe they have only visited `site1.example` or tried to navigate to `site2.example`.
+
+## How Bounce tracking mitigations work
+
+Bounce tracking mitigations work by identifying tracker sites via a heuristic and periodically deleting cookies and other state data associated with them (other examples include [`localStorage`](/en-US/docs/Web/API/Web_Storage_API), [IndexedDB](/en-US/docs/Web/API/IndexedDB_API), [Cache API](/en-US/docs/Web/API/CacheStorage), and network state data). The feature avoids using block or allow lists to decide which websites are affected.
+
+It is critical that, while defending against bounce tracking, the browser doesn't interfere with legitimate, non-tracking redirection flow uses. For example, single sign-on (SSO), [identity federation](/en-US/docs/Web/API/FedCM_API#fedcm_concepts), and payment services generally involve redirecting the user to another site where they perform an action, updating state information as a result, then redirecting the user back to the original site.
+
+The process works as follows:
+
+1. The browser monitors navigations and flags sites that are part of a "bounce", meaning sites through which a navigation was redirected. This includes both server-initiated redirections and client-side redirections where JavaScript programmatically triggers a navigation.
+2. The browser periodically examines its list of flagged sites and checks to see if the user has actively used the site by interacting with it within the last 45 days. Example interactions include clicking a button, entering data into a form, and scrolling the site. The interaction can occur before, during, or after the bounce was detected.
+3. If the site does not have any user interaction and third-party cookies are blocked, then its state will be deleted.
+
+The heuristic operates on sites defined by {{Glossary("eTLD", "eTLD+1")}}. As a result, both `foo.site1.example` and `bar.site1.example` are treated as `site1.example`.
+
+## Specifications
+
+{{specifications}}
+
+## Browser support
+
+- Chromium's implementation of bounce tracking mitigations was shipped in version 116.
+- Firefox [also supports it](https://firefox-source-docs.mozilla.org/toolkit/components/antitracking/anti-tracking/bounce-tracking-protection/).
+- Safari first shipped bounce tracking protection in [ITP 2.0](https://webkit.org/blog/8311/intelligent-tracking-prevention-2-0/).

files/en-us/web/privacy/guides/bounce_tracking_mitigations/bounce-through.svg

@@ -15,6 +15,8 @@ Google's **privacy sandbox** project is a series of proposals to satisfy cross-s
 
 - [Attribution Reporting API](/en-US/docs/Web/API/Attribution_Reporting_API)
   - : Enables developers to measure conversions — for example when a user clicks an ad embedded on one site and then proceeds to purchase the item over on the vendor's site — and then access reports on those conversions. It does this without relying on third-party tracking cookies.
+- [Bounce tracking mitigations](/en-US/docs/Web/Privacy/Guides/Bounce_tracking_mitigations)
+  - : Bounce tracking mitigations protect users against bounce tracking by identifying tracker sites via a heuristic and periodically deleting cookies and other state data associated with them.
 - [Cookies Having Independent Partitioned State (CHIPS)](/en-US/docs/Web/Privacy/Guides/Privacy_sandbox/Partitioned_cookies)
   - : Also known as **partitioned cookies**, CHIPS allows developers to opt a cookie into partitioned storage, with a separate cookie jar per top-level site.
 - [Fenced Frame API](/en-US/docs/Web/API/Fenced_frame_API)

files/en-us/web/privacy/guides/bounce_tracking_mitigations/index.md

@@ -7,6 +7,9 @@ sidebar: privacy
 
 Since version 79, Firefox has protected users against **redirect tracking** by periodically clearing cookies and site data set by known trackers. This data is only cleared from storage if the user is [blocking tracking cookies](/en-US/docs/Web/Privacy/Guides/Storage_Access_Policy) (i.e., the `network.cookie.cookieBehavior` pref is set to `4`).
 
+> [!NOTE]
+> This article refers to Firefox's original redirect/bounce tracking mechanism, which has since been superceded by [bounce tracking mitigations](/en-US/docs/Web/Privacy/Guides/Bounce_tracking_mitigations).
+
 Support for other cookie policies is tracked by [Bug 1643045](https://bugzil.la/1643045).
 
 ## Redirect tracking defined

files/en-us/web/privacy/guides/privacy_sandbox/index.md

@@ -10,6 +10,7 @@ sidebar:
   - type: listSubPages
     path: /Web/Privacy/Guides/Privacy_sandbox
     link: /Web/Privacy/Guides/Privacy_sandbox
+  - link: /Web/Privacy/Guides/Bounce_tracking_mitigations
   - link: /Web/Privacy/Guides/Redirect_tracking_protection
   - link: /Web/Privacy/Guides/State_Partitioning
   - type: listSubPages