See https://groups.google.com/a/chromium.org/g/blink-dev/c/4BUSE2aTQEc/m/a5-gBNTdCAAJ for discussion. This is kinda covered by the threat model saying that an attacker with the ability to "Read server logs on other publishers" shouldn't be able to transfer user IDs without navigation, but the implication for firing events isn't obvious from that.
See https://groups.google.com/a/chromium.org/g/blink-dev/c/4BUSE2aTQEc/m/a5-gBNTdCAAJ for discussion. This is kinda covered by the threat model saying that an attacker with the ability to "Read server logs on other publishers" shouldn't be able to transfer user IDs without navigation, but the implication for firing events isn't obvious from that.