UTM tags in that sense are collected on the client side by tag manager or google analytics, which would be blocked by an ad-blocking extension anyways. UTM tags can/often are collected by the website themselves to do first-party near-100% confidence campaign analytics.
So what you're saying is that there is plenty of other spyware (some of it server-side) that freeloads off those UTM query params? Sounds like another good reason to strip them?
That may be the case for blog sites, but big companies just directly ingest it into their application or internal analytics platform for a dashboard of which sources were the biggest contributors.
For example - a company sends out a newsletter with a link to a blog post goes out to 20k subscribers with UTM params, but those UTM params end up getting 100k clicks, 80k with a referer of "news.ycombinator.com". This means that someone posted it on HN with those UTM params, which indicates that they should continue to prioritize that newsletter, since the audience is likely to cause a snowball effect of traffic and thus growth.
Is that a bad thing? Knowing that traffic came from x source so that they can properly route future resources to the those high-impact sources?
