It is. The data exfiltration is more through telemetry vectors as they currently use. A VPN can't help you with that and while they can't see your bookmarks stored in the sync service because they don't have the encryption key, they technically could do what they like once that is decrypted and in memory.
Librewolf can use Mozilla's existing Firefox Sync and because of the end-to-end encryption you get the privacy you wanted that way [1].
It is unenforceable by YOU, since Mozilla has reserved all rights to all the data you put through your browser. Which is why I'm currently using LibreWolf for the first time.
That is a far bigger wtf than dumb unenforceable tos text.