It is not necessary to rely on NSA (or Chinese government) level spying to track what I was referring to. I was referring to something closer to tracking cookies that can track your activity. I believe these can help detect things like if accounts are being hacked, for example if someone is accessing an account with the same browser type and IP range as normal but without a cookie that has previously been consistently present when accessing an account. I also believe these can pretty easily be removed, so if you dont want this type of tracking, it is trivial to stop it.
Cookie clearout happens too often for me
... Also, there isn't much you can happily track without making it possible for other sites to get hold of your data stored on a cookie. Hopefully there is currently just a random session ID stored on out systems for the cookie for this site (afaik, that's how stuff normally works). You could track people by MAC addresses but I think it's possible to not use a mac address as modems are good at identifying devices with clones of mac addresses and IP addresses now (I've tested that)...
I'm surprised though that theymos hasn't started looking at anonymising accounts further though as there's a lot you could do to improve anonymity of people especially if your servers get hacked or Amazon fancies a look...