Anonymous usage statistics means no one stores what _you_ do though. Obviously sending a url you visit or a file you open is way over the line. That’s about what you do. I think there is a difference between that and feature usage as counters only.

If it can be correlated (e.g. via TLS fingerprinting or other identifying information such as IP address), it's not anonymous.

Yes if it can be deanonymized then it’s not anonymous. Almost a tautology that.

You can’t send the telemetry over http without revealing an ip, but obviously that ip can’t be stored as part of the telemetry data. That’s PII and not anonymous at all.

Important: if I collect anonymous telemetry you better trust me that it’s anonymous when I say it is. Because if you don’t trust me on that then you can’t run the software at all (if it’s a piece of software that relies on web requests in some form at least). Otherwise why would you even trust that my opt in is respected? You have to trust software vendors of software that makes http requests. It’s as simple as that. You can use open source or try to inspect packets. Or firewall the software. But if it does (for example) one update check on startup which is common, then it’s almost impossible to tell whether it contains telemetry data. Because even the bare minimum request “this is FooApp 2.9.1 are there any updates” contains important usage stats: it’s +1 for the use counter and +1 for the v2.9 use counter!