[pbowyer]

> you're allowed to fingerprint a unique user and track data with that fingerprint as the sole unique identifier without any PII legislation (GDPR, CCPA, etc.) compliance issues.

That is not true. E.g.

1. https://ico.org.uk/about-the-ico/media-centre/news-and-blogs...

2. https://ico.org.uk/for-organisations/direct-marketing-and-pr... specifically https://ico.org.uk/for-organisations/direct-marketing-and-pr...

This is for the UK, I am not up to date with other European regulators.