Off the top of my head, forced telemetry (even if you turn it off in about:settings some stuff gets reported back to Mozilla); Pocket and Sponsored Tiles, the former sends Mozilla the URL and form data for every site you visit, the latter has complete access to your browsing history so it can show you "relevant info"; Adobe DRM and Encrypted Media Extensions (some people don't like any DRM in their browser, I don't have an issue if it's trustworthy but you're asking so I'm listing); and a minor, easily corrected nitpick but they went back to Google as their default search engine. My problem with that is every update (so far) ignores user settings and changes it back. This can lead to unexpected unwanted searches via Google.
Literally all of these are (debatably) controversial from a PR perspective, not from an actual privacy perspective. Most of them aren't even privacy issues, which suggests to me that you haven't even researched them.
More generally, if any of these things actually offend you, I'm sorry to tell you but you're not the audience for a web browser—after all, general web browsing is far, far worse. Every website you visit gets your IP address and your user agent string. Ooooh noooo.
Off the top of my head, forced telemetry (even if you turn it off in about:settings some stuff gets reported back to Mozilla); Pocket and Sponsored Tiles, the former sends Mozilla the URL and form data for every site you visit, the latter has complete access to your browsing history so it can show you "relevant info"; Adobe DRM and Encrypted Media Extensions (some people don't like any DRM in their browser, I don't have an issue if it's trustworthy but you're asking so I'm listing); and a minor, easily corrected nitpick but they went back to Google as their default search engine. My problem with that is every update (so far) ignores user settings and changes it back. This can lead to unexpected unwanted searches via Google.