[pillfill]

The news is that they are injecting it even when you have opted out of CNPI.

The disturbing part is a unique ID that follows you despite private browsing and across browsers. The worst part is that it goes to every site you visit (not just VZW or selected advertisers). It can be trivially linked to your existing cookies/identity to follow you even after clearing cookies, changing browsers, switching devices, etc.

[kator]

Yes it's disturbing, again I'm no mind reader, but I guess they assume when you opt-out they just don't map your UID. Meanwhile you're still trackable and just one small data point could be used to reverse everything you visit.

As an example if you sign up for some random blog and they capture UID's they could quickly map your email to your UID and onward into the spiral we go.

IP Addresses are a similar problem for home users, nobody seemed to have noticed that quite some time ago ISP's started making DHCP lease times quite long. Not to put on a tin foil hat, but I assume this was done more strategically then just to reduce load on DHCP servers in their networks.

[CameronNemo]

Private browsing has never been considered to actually protect your privacy, except for people looking at your local history. It clearly states that in browsers.