You still get full cookie separation because each website has a different subdomain and thus a different cookie. The analytics provider can track you across the internet, but they have to invest work and resources instead of getting it basically free.
Well, I'm hardly about to accept that it's legitimate to spy on me "because they invested work and resources instead of getting it basically for free".
It's like, a peeping Tom who just looks through a window - yuck that's gross. But a peeping Tom who spies by building a microdrone that can fly in the door when it opens and mount itself on the ceiling with suction pads - oh that's perfectly legitimate because of the work and resources Tom invested.
I mean, if it's gross to do something by accident and it's gross to do something without any investment, it's super gross to do it with resources.
It's not all that hard to track someone across the internet. I think many people have demonstrate hacks that steal legitimate functionality and get you there.
I think we'll probably have to go for a containerised internet (separate apps) and just deal with the disadvantages.
The provider a) is the other parts of the internet (think big cdn) and b) they communicate with other data brokers via a side channel instead of via cookie syncing.
This is already happening with large web publishers.
