Over the years there have been various ways to sniff the user's web history with CSS and JavaScript. For example, generating 10,000 links & checking their color (visited differs by default). These are now blocked, but I wonder how often advertisers and exchanges engaged in this.

Clever developers would adapt to these changes, turning their focus from the links to the style of adjacent elements with :visited + span, and then reading span's computedStyle to see how it looks. Background images could be used in a similar manner; listen for what loads.

Even when you lock-down CSS, developers would sniff your cache by using sensitive clocks in JS and seeing how quickly resources loads. If 2 similar resources load at very different rates, one could be inferred to have been loaded from cache (indicating user visited a given site).

I can only assume that third-party advertising entities, bent on delivering more personal ads were engaging in this type of behavior (and probably still are, as best they're able). There are so many ways web platform APIs can be abused; standards process involves threat modeling.

What's crazy is that today we have a nearly-omnipresent entity which is pretty much in every corner of the Web. Unless you're using a browser like @brave, you're just feeding this beast with each keystroke and query. It has no need for engaging in such client-side trickery.

This is why I'm not overly impressed by an entity this ubiquitous and gluttonous saying it thinks we should fight back against these types of tricks to harvest user data; that has minimal cost to the beast. These old paths aren't as crucial to the beast's mobility and well-being.