Here is a recent paper describing Cookie Matching. It illuminates the privacy threat and why DNT:1 should require no sharing of UIDs between origins.

http://hal.archives-ouvertes.fr/docs/00/91/52/49/PDF/SellingOffPrivacyAtAuction.pdf

Mike