NAT is merely a tool. Using it to restrict user activity is bad. Using it on your home network to preserve your privacy (ie how many devices you have and what each is doing) is good. There are also other use cases (both good and bad) that I'm omitting here.
NAT doesn't help privacy either. There are a million plus one ways to fingerprint or track a web browser without knowing anything about the end user's IP. A modern browser presents a ton of surface area. It's also quite easy to track by externally visible IP or IP prefix (e.g. /24 or /64 in IPv6) if you make certain nearly-always-valid assumptions about the timing and sequential nature of user behavior.
I think a lot of people just don't grasp how easy tracking actually is. Think of how obscure and sophisticated hardware-level attacks have become: Spectre, RAMBleed, etc. Now imagine the surface area presented by a browser. It can and does get that clever.
The only way to really prevent tracking is to use a sandboxed browser with strong anti-tracking features and redirect your traffic... or use a P2P decentralized system!
If we didn't have NAT, we'd probably have much more privacy-respecting P2P alternatives to the centralized web and we'd also have easy to use P2P systems for anonymizing requests by bouncing them off other peers. In other words without NAT our privacy tech would be better.
I'll be more accurate than saying NAT is Satan. NAT is a massive piece of technical debt. It's a "simple" hack that breaks something fundamental about the Internet, namely namespace unity. That in turn makes a ton of other stuff exponentially more difficult.
Regarding privacy, your response seems very focused on web browsing. I agree that NAT plays no role there - it's at a lower level. I was referring only to the potential for masking devices - with NAT, there's no way to tell how many (or how few) devices are producing a given stream of traffic. To the extent possible, I'd rather external observers (particularly my ISP) not be able to tell what's going on inside my network or how it's configured.
In case this isn't making sense, imagine a scenario in which your ISP equates simultaneously active IP addresses to number of active devices and then adopts a fee structure based on this. Or perhaps just tries to profile the types of devices that are active on your network in order to sell that data to third parties. For example, identifying how many Alexas or smart locks or whatevers that you have, correlating that with how many devices are streaming or browsing, correlating this with customer demographics, and so on.
NAT is a useful tool for engaging in namespace shenanigans - consider NAT-based load balancing, for example. It can also be used for ill, and I agree that the current state of affairs is unfortunate.
There are cases where NAT can be used beneficially but those are probably less than 10% of NAT usage. Most NAT usage is to get around IPv4 address shortages. Symmetric NAT is just pointless.
I also still think you're not fully enlightened as to just how easy tracking can be. It's not just web browsers. Every single distinguishable characteristic of a client forms one bit in a hash that can be used to track it, and thus distinguishing precision is 2^N where N is the number of bits of information that can be gathered.
Your IPv4 /24 already provides 24 almost always unique bits, so that's a good start for any tracker. Now start correlating /24's over time using clustering algorithms. Now start TCP fingerprinting, keeping track of pinned certs, measuring anything and everything that can be measured about a client. Pretty soon you're up to something like 32 bits which is one in four billion.
I use web browsers as an example because they're just embarrassingly easy to fingerprint.
Fair enough, I don't know enough about usage of different NAT types to debate such things (and never intended to).
Regarding tracking, I'm still not sure that we're talking about the same thing here. Are you saying that fingerprinting could be used to accurately extract per-device data from the aggregated stream? That is, if an entire network is hosted behind a single external address via NAT, are you suggesting that the carrier could reconstruct the separate fingerprints from the aggregate data stream that they have access to?
If so, that would be news to me. Obviously they can make some educated guesses (a single device probably isn't originating simultaneous Netflix and YouTube video streams), but I'm assuming that aggregated (TLS encrypted) data streams are going to be fairly difficult for an external observer to tease apart.
NAT is merely a tool. Using it to restrict user activity is bad. Using it on your home network to preserve your privacy (ie how many devices you have and what each is doing) is good. There are also other use cases (both good and bad) that I'm omitting here.