[awj]

That's true, it would. In that case you'd need alternative methods to carry the identity across hash changes. Companies participating in this tracking could use their legitimate cookies, or even just login events, to pair up one hash with another.

Likely this could be done in a way that doesn't violate any terms of service or data disclosure promises. After all, pushing out "browser fingerprint 'abcd' and 'efgh' are the same person" isn't disclosing information that most people would realize they're trusting someone with.