The main privacy-related leak from css-color-4/css-color-adjust-1 is the way that the used value of the system colors are exposed. One way to mitigate this would be to define that the system colors always return a fixed set of values via CSSOM APIs, and that forcing colors does not affect getComptuedStyle(). That way the real used color is not Web-exposed. Do we want to do that?

The upside is that we shield the system colors from the Web: all browsers return the same values via getComputedStyle() all the time. The downside is that if the author was trying to do any interesting calculations to choose additional colors based on the user's preferred color palette, we're giving them bogus answers. (Also it's probably a bit more complicated to implement.)