I'm familiar with these global IDs because I routinely used the Windows telemetry system as part of my work on the Windows core at Microsoft. We had strong policies on how and when we could access or use data for a single device as identified by global ID.
But ultimately, these policies will have a "government or court order" exception in reality even if not in theory, just like in most other consumer software observability systems. The Windows difference is simply the breadth of data that is intentionally collected by Microsoft or can be identified by any Microsoft-controlled IDs. That difference is huge in potential impact but very small conceptually.
then verizon did it for (to?) mobile phones.
I guess these things get normalized, people might say "those jerks" and then put it out of their mind.
Isn't every Chrome download unique?
It used to be even though the package contained an Authenticode signature, each installer stub download had a unique hash, because Windows' digital signatures allow a non-executable data area in the trailer which is not computed as part of the signed data.
There is zero technical reason to do this (generating unique binaries) aside from tracking purposes.
This surveillance is certainly going to expand in scope as age verification comes into widespread usage. Personally I see little legitimate use case for this telemetry. It seems only useful for the purposes of tracking users for law enforcement or targeted advertising purposes.
cat /etc/machine-idThat's a half truth if I ever saw one. Telemetry also includes the hardware hash (which does use SMBIOS serial number, CPUID, TPM identifiers, etc.) and that one survives OS reinstalls and even hardware swaps. It is the underlying id used for things like Autopilot (the equivalent to Apple's remote MDM lock).
Windows telemetry used to track web activity, link VPN activity to source IP
https://news.ycombinator.com/item?id=48807767
U.S. v. Stokes https://www.justice.gov/usao-ndil/media/1450651/dl