In this context "a unique fingerprint" means that your fingerprint does not match any other user's. When you visit Site A and B you give a fingerprint X that is the same on A and B but no one else on the internet has ever sent.

In contrast a randomized fingerprint mean when you visit A you have a fingerprint X' and on B you have a fingerprint Y' and no one else on the internet has X' or Y' but A and B can't correlate you.

The protections we've put in place first try to do API normalization to make it so more people have a fingerprint X, and it isn't unique. And then they do API randomization so you use X' and Y'.

If a fingerprint goes to extra effort of detecting a randomized fingerprint, and ignore (or remove) the randomization, they will get the X fingerprint which - hopefully - matches many more users.

Agreed. And this technique becomes more effective as the number of people using it increases. It's easy to match up randomized fingerprints if only one person is doing it, but quite hard when thousands or millions are doing it.

dont use randomized fingerprints, spoof actual fingerprints, randomly.

A good fingerprint algorithm incorporates features and functionality that can't be spoofed because it is necessary for the browser to work correctly.

You can't just make your browser's APIs give erroneous outputs and still expect the browser's APIs to work.