Complete side note, but its worth knowing that many shops with free wifi have it as it also allows them to track people moving round the store by their phones location. With multiple Access points down to the area of shelving your stopped at if they wanted/needed to. So half of what you state above can and does happen, though probably not with as much data as they might find useful.
They also use Bluetooth beacons so if it's on then they can follow you wifi and bluetooth have individual MAC addresses. All for your personalised experience - donc'ha know!
As far as I know you guys are correct in that Book Face is one of the dirtiest ones out there. I used them for 2 years from 2007 - 2009 and came off as I thought they were insidious.
Some web browsing protection can be used with Ghostery (see how many web beacons, trackers and other crap is blocked), AdNauseum - it actively clicks and messes with web page trackers and blocks ads, U block origin is another good ad blocker (but don't run Ad Nauseum and Ublock Origin together) and finally "I Don't Care About Cookies". I travel a lot so I do turn those off when I'm home - it slows the browser down otherwise. But there is another trick - see my final note at the end.
I also got told in an old line of work, if you use free/public WiFi spots and don't delete them from your phone, it will actively poll looking for all the free WiFi access points - so if anyone walks into shops or areas with tracking your phone will identify itself. Now remember what Google did, they scanned all the home WiFi access points - so it could help you with navigation remember - so they probably have all the records anyway.
Customers used to say "Why do I need your product, I don't mind surveillance, I have nothing to hide" with big beaming smiles. So I used to say well why don't you ask the bank to send your bank statements on postcards, remove all your curtains and take front and back door off your house. After all you have nothing to hide. Then I used to sit back silently and finish my drink.
I used to love the look on their faces when the penny dropped. They then used to buy our product ;-)
Anyway I spent years telling people that all this was going on and was told more times than I care to remember that I was part of the tinfoil hat brigade and conspiracy theorist. "Why would the government/MI5/GCHQ/NSA/5 Eyes etc do this? They wouldn't". They do. Every cell site is connected to GCHQ and they can access all SMS's and meta data over the phone networks.
I told people, they do it because they can and they will keep doing it until they get their fingers caught in the cookie jar. Then they will say it's for our own good, our security, to stop child abuse etc... but it doesn't change anything. The bad guys go Stone Age tech, and you can't spy on that with other computers. Our enemies are not stupid they know our capabilities.
Surveillance slurping is so great it can only be used forensically - after the fact - not to prevent. So it's all bullshit and all I predicted has happened. No smart Tv's or Alexa's or any other "OK Google" crap in my house.
That's enough for now but if any of you are interested there is a great tool that runs on Raspberry Pi's called Pi-Hole. It's a black hole for ads, trackers and stuff (https://pi-hole.net/). I use it on my home network and it works a treat. You do have to be a bit tech savvy, but not that much. I managed to follow the instructions and had it up and running in less than an hour. My Android box no longer has ads in the apps :-D
1999 P38 DSE, Navy Blue, HP24
Call sign "Rommel" as it's built like a panzer and has a German engine