Although only a small subset of users were identified with an email, that is likely due to the fact that this particular network is one of the smaller ones and hence only has information on a small percentage of all internet users. I will be following up with an analysis of the reach of their larger peers.
Expectations of privacy
When a user visits a site without ever having voluntarily supplied information to that site, should the user have an expectation that their identity is private until they chose to reveal it?
A real-world analogue would be this scenario: You drive to Home Depot and walk in. Closed-circuit cameras match your face against a database of every shopper that has used a credit card at Walmart or Target and identifies you by name, address, and phone. If you happen to walk out the front door without buying anything your phone buzzes with a text message from Home Depot offering you a 10% discount good for the next hour.
Farfetched? I don’t think so. I expect to see the first iterations of this Home Depot scenario become reality within a few years time. All the necessary pieces already exist, they just haven’t been combined yet.
It’s inevitable, it’s going to happen, but it shouldn’t
The realization that I’m being personally identified by name as I surf the net is deeply discomforting. At 42Floors, we’ve made the decision not to use any visitor identification tools. As for my own Macbook, I’ll probably write a browser plugin ala AdBlock to kill the trackers that make this identification possible.