While I agree that the W3C should pay attention to the CMA report because anticompetitive issues have a history of harming the open Web, we should be cautious not to mix up remedies, and to consider who each component of the ecosystem works for.
The CMA’s report includes common user identifiers as a remedy to anticompetitive practices in electronic ad markets that trade in personal data. From that angle, their recommendation is very sensible. The manner in which electronic ad markets are currently operated by large players would be considered illegal in other electronic markets (notably finance) and I believe there is a very good case to be made that it should be illegal here. To the extent that information enters an electronic ad market, no party should be allowed to self-preference or use it for insider trading.
However, that is the perspective from competition and market policy. The question it answers is: “when information is traded, how should that trade be structured?” What it does not address, however, is the privacy side of the equation, and it does not purport to speak for users. Put differently, it does not address the question of whether a market in personal data should exist at all.
Users are, quite overwhelmingly, clear on what their preference is here. Just citing Eurobarometer, 89% of users expect their browser not to share data to third parties. It is the browser’s job — literally, it’s pretty much it’s one and only legitimate job — to be the user’s agent. That’s why it’s called a user agent: it could be argued that it has a fiduciary duty of agency with respect to the user. Web standards are equally held to this by the Priority of Constituencies which puts users first.
A default that supports third-party tracking is a user-hostile default. A browser that enables third-party tracking by default (or that uses telemetry for purposes other than its own betterment or the Web’s) is a browser that is failing in its fiduciary duties.
To return to the CMA report: when there is a market it has to be fair, but that does not mean that a market should exist. To make a comparison, to the extent that there is a market in organs it should be structured to prevent a single player from using insider information to tilt it in its favour. But that doesn’t mean that the market should exist in the first place. By the same token, if the electronic ad markets switch to trading contextual signals, it would be unfair to use advantage from a proprietary aggregation format or browser telemetry to tilt that market.
In your AB letter you claim that users should be allowed to choose to be tracked across their digital lives. I personally doubt that they would be interested, but that’s just one person’s doubts. If that statement is true, then there is a way to prove it: why don’t you develop a browser extension that users can install voluntarily, that exposes an identifier to the page, that has terms making it clear that sites cannot force users to use it (otherwise it wouldn’t be consent), and release that to extension stores? Technically, it is not a very complex undertaking. If it sees substantial uptake, it would prove your point the way no appeal to argument could.