Sure, I would probably trust Cogent over Comcast, but the current state of the VPN market seems very stagnant in actually diverse network routing.
It's really hard to recommend a VPN for people who are actually privacy conscious simply because you're moving your data to a handful of transit providers that aren't put under nearly as much scrutiny as a normal consumer ISP.
About the only meaningful feature VPN provides is presenting a different IP address to the server.
VPN provides negligible extra security for most people, while adding extra exposure.
VPNs create a separation between the client and the server (as you mentioned) so not only can the server (or those eavesdropping on the server's connection) not see the client's IP, those eavesdropping on the client can't see what services they are connecting to (other than the VPN).
Of course by combining knowledge from multiple sources you can still build a fingerprint but VPNs with sufficient utilization can serve as a mixer to obfuscate which users are taking part in which traffic. Doubly so if the VPN supports multi-hop routing where the client side VPN and the server side VPN are at different sites.
Really as long as you aren't leaking DNS and you use a reasonably secure + well utilized VPN, your client should appear as a black box that shouts opaque contents at a single server without leaking many details about the actual communication taking place.
Compare this with HTTPS + no VPN where only the contents are obscured and everyone eavesdropping (aka the ISP or anyone on the same network) can see every service you are connected to. That alone should be enough to fingerprint a given connection to a specific user.
ISPs have historically done slimey things like hijacking DNS, and HTTPS leaks tons of metadata like what sites you’re browsing and for how long, and what user agents you have can easily be fingerprinted. And there are still too many IoT and mobile apps that don’t strictly use TLS for everything.
