+1 that one mitigation of browser fingerprinting will be making that fingerprinting detectable (and, importantly, distinct from innocuous activity) and then researchers and regulators and potentially even individual browsers themselves can try to detect it, and potentially limit access to certain features or just identify that it’s happening and address it through out-of-band means.
We describe this as a level of mitigation in the fingerprinting guidance document:
I don’t think we should use the fact that there are possible alternative mitigations to assume that we shouldn’t try to minimize fingerprinting surface, especially when it’s done in a way that will be relatively hard to detect.
Finally, I think typically we wouldn’t need or indeed want to standardize the mechanisms for counting potential fingerprinting. Fixing or publishing those metrics would make it easier for attackers to remain within the limits.