Comment by dongcarl
I can understand that concern, and I think in the future some version of [Privacy Pass](https://privacypass.github.io/) will allow for site operators to differentiate between normal vs. abusive users without relying on IP reputation (which is more unreliable anyway since CGNAT is a thing).
We typically don't ban IPs for the very reason mentioned here (CGNAT is a very real thing and we have many users who share IPs). However we do ban IP ranges associated with VPNs that we see an excessive amount of abuse from. I might be an outlier on the internet, but if you take the stance you have outlined above, that you will effectively do nothing to combat the level of abuse from your network, you inevitably hurt your honest users because some web services will be unavailable to them via your VPN.