Public Wifi: Fingerprinting methods and mitigation

With more online services blocking VPNs and TOR, there are a lot of scenarios where a user needs to create an account for temporary usage without any VPN connection.

Lets say someone goes to a restaurant or other location that has public Wifi, what methods can be used to fingerprint or identify a connected device?

Assumptions:

1. The connected device uses mac address randomization.
2. The wifi network doesn’t have a captive portal.
3. The web browser used is privacy focused.
4. Physical surveillance is not a concern in this hypothetical scenario. While it could be used to identify a user, realistically the average cafe isn’t retaining CCTV footage indefinitely. Additionally, if the location is fairly busy with multiple people using free wifi at the same time, there is an element of plausible deniability unless you have a direct recording of their screen.

Followup question: If tracking or identification is possible in this scenario, what mitigating steps could this user take to prevent identification?