The browser has less access to your system, and usually only if you give a specific website permission to use these features. Mobile operating systems are slowly changing that though.
what should imply checking available web apis? the comments is correct, browser can't access your location without explicit confirmation from the user, the same apply for other web apis, or at least mention a bunch of them which you know don't apply instead of linkin MDN
The more APIs available for JS to interact with, the more granular and detailed browser fingerprinting can be. For example, how your browser renders WebGL can differ depending on what graphics card (and drivers) you have. The resulting values can be read back and stored to create a detailed fingerprint of who you are -- this could potentially be done by Google Fonts or AdSense or any number of the countless ad and analytics frameworks loaded on basically all websites.
Browse the source in the following directory to see a plethora of examples of how web APIs are used to fingerprint users -- and this is just one publicly-accessible library we can easily review the source code of (proprietary, obfuscated ones likely use additional methods): https://github.com/fingerprintjs/fingerprintjs/tree/master/s...
One example used in multiple places in the above repo is "matchMedia"[0] which was a Web API method added a while ago (well, many years ago) to give a programmatic result of whether a given CSS media query matches or not. This can be used to detect, for example, user preferences like whether the display is HDR-capable[1], or the Accessibility setting "reduce motion" is enabled[2].
what is contained in the latest js standard that does let you collect fine grained information of your users without their consent? web apis that have to deal with sensitive data all requires explicit user confirmation to be used
At least on android the browser is limited by the android permission system, i.e. if you dont give browser GPS permissionit cannot give pages dito. In addition the browser will ask if you want to grant an app access to something like positioning data.
Furthermore, it is hard for a web page to run in background and receive user data.
