Fair enough. At least they've told us how it works, so if the data no longer matches that methodology in the future then we can speculate that they've implanted a UID, unless they tell us how it works again and the data is consistent with the new methodology.
In the same way, nothing in their current method necessarily says they couldn't find a way to insert a fingerprint here.