You can't block fingerprinting completely without breaking a ton of useful features. But the sandbox has a concept called the privacy budget which tries to determine if a site is collecting too much information. It should allow sites that actually use some of these features to continue to work.

The idea is that if sites that query fonts, engage canvas, read the user agent information, etc, they are likely trying to build a fingerprint, so the browser will start to return generic data.

Presumably - hopefully - it would allow users to set their own privacy budgets. Even better if it supports granular per-site control, which may be needed for certain specialized websites.

https://github.com/mikewest/privacy-budget

> You can't block fingerprinting completely without breaking a ton of useful features.

Many of those features are not so useful and their main use is fingerprinting, for example:

- WebGL is mostly used for fingerprinting

- enumerating installed fonts is mostly used for fingerprinting

They should be put behind a permission popup, so that only those sites that really need them (e.g. graphic editors, text editors) can use them. So nothing gets broken.

"Just block fingerprinting" is also not trivial to do while providing a good user experience.

Put WebGL, enumerating installed fonts, web audio, etc. behind a permission. In rare cases when they are really needed not for fingerprinting, the user will grant a permission and nothing gets broken.

Have you been around for the past 10-15 years of Android? Manual permissions don't solve the problem. People will just say why yes, I do indeed want to read this clickbait article/use this flashlight app, go ahead and give the server my GPS location so it can follow me around. The only reason you don't get much of this anymore is the limits the app stores enforce these days.

We "need to trade here" because Google is an adtech business