Adware used to be a whole category of malware, but now nominally respectable companies provide very little other than adware.
Software "stores" supply so many programs with built in ads. Some ad-free stuff still has links and UI elements for social media, which to businesses is a branch of marketing (HR might fire anyone, but marketing, for using social media at work. Therefore social media is marketing and ads). Non-adware, some pay-ware, is often still adware for the higher tiered versions. "Want to write something and send it to someone else? Upgrade to Pro!".
Only spammers of the most awful type, the pr0n, the viagra (I wonder if that word isn't even banned on this site? A crude but effective anti-spam measure), used to include 1x1 tracking graphics to see which email addresses worked. Now that invisible tracking pixel in email is standard in CRM systems, such as Salesforce, and so invisible tracking is standard for any business big enough to automate their customer data.
My RSS reader, QuiteRSS, by default has Google Analytics built into it!
The spying if off by default, but the capability is there. Google Analytics is made easy due to supported by the toolkit, QT5, which I am appalled by.... I should think people have raised its presence as a bug in QT5. Whilst it is easy to think Linux is missing the anti-user mooching, it is right there to be used if wanted. I have modified QuiteRSS to look up localhost rather than google-analytics.com, recompiled and re-installed. And my DNS server lies about google-analytics.com too, so the anti-feature was never going to work. But that so is not the point.....