A facebook employee explained me how tracking works. Its not the email address Meta is concerned about. Its the IP, device identifiers and location. Meta doesnt care about the email at all apart from sending you emails for notification. Even with a fake email they exactly know who you are. Let’s say you visit CNN.com which has facebook tracker. Facebook has the IP and the device identifiers. Now you login with fake email account on Instagram, facebook knows that’s the IP ans the same device hence it “must” be the same person That’s how facebook creates shadow profiles.
I like the EFF, but I don’t agree with the report this generates. There are two counters to fingerprinting: have the same fingerprint as everyone else (Mullvad Browser is based on this idea) and to have a unique fingerprint that changes regularly (The CanvasBlocker extension supports this approach).
Since most of the time I’m in Firefox with CanvasBlocker, I want to see unique fingerprints, but also that they keep changing.
There’s a decent bit in their site as to how fighting fingerprinting by trying to be more common can make you still stand out, so mullvad may not work out depending on how it implements this concept. Randomizing fingerprinting sounds like it could work (I haven’t researched it so I don’t have enough info to agree or disagree, but sounds legit at the very least) and expecting their report to understand that is beyond the scope of the tool. I mean, you couldn’t actually test that method is effective without recording it over multiple sessions/days/etc. Sure you want a unique fingerprint, but seeing a unique fingerprint once doesn’t mean it’s working.