[olliej]

You should be using a cookie for this purpose, you could in fact just store the ui settings directly in the cookie.

It becomes tracking once you say “I have an ID in a cookie, and I’m going to look up the settings for that ID in my own giant DB”.

What you’re suggesting - using fingerprinting - is the worst. It’s not reliable nor robust, it implicitly requires tracking (you have to record the fingerprint<=>setting db and look it up), and user cannot opt out of it nor trivially change state at will, etc.

There is fundamentally no legitimate reason to ever use fingerprinting over the actual explicit mechanisms for persistent storage.

[DeathArrow]

Facebook, Apple and Google use people faces to track them. Governments use public cameras to track people. Google and Facebook also use other kind of tracking people.

But somehow it's immoral for average Joe to track not people but browsers.

[olliej]

Um, as far as I know apple does not use faces to track people.

I'm not sure about google, but my experience with the folk working their make me suspect that even they would not start correlating faces across accounts/users (though I suspect they aren't as careful as apple to avoid that information being visible to them).

But more to the point you're saying "if entity X tracks people it's immoral for anyone else to not track people" rather than "it's immoral for entity X to track people", which is some kind of gross mental gymnastics, and applies to pretty much anything: "if person X gets away with assault, then I should also get away with assault", etc