@npdoty, ping for the privacy group to have a look.

Marked as non substantive for IPR from ash-nazg.

Yes, I believe this privacy text could use an extensive update, and it would be good to schedule meetings with PING (Privacy Interest Group) and the TAG on that topic.

On just a brief reading, I think the benign uses of browser fingerprinting is misleading. You don't need and shouldn't use combinations of browser configuration details to remember whether a user prefers larger text; local storage mechanisms like cookies work fine for that and we wouldn't want to recommend fingerprinting as an alternative. Perhaps a benign use would be in trying to detect fraudulent logins to a banking site.

It's also good to start describing other privacy issues available in HTML, or in the Web platform, as in the audio/dolphin attack example. It would be useful to do a broader review at some point, rather than just adding individual examples when they arise.