Mobile Websites Can Tap Into Your Phone's Sensors Without Asking September 26, 2018 https://www.wired.com/story/mobile-websites-can-tap-into-your-phones-sensors-without-asking/
Yes, often new tracking scripts (tho IDK they mention only about tracking scripts or all scripts which access sensor) slip through all major blacklists for days, weeks, or even months (and they're always emerging), especially marketing automation scripts which clearly claim in its official site track user activity are too often not in the lists. The reason is obvious, they're not visible unlike ads. I'm too lazy to report them (but I've reported significant FPs a few times). This is why default-deny is inevitable if you really wanna block online tracker. But you can disable sensor access via about:config in Firefox too.
To protect users’ privacy, iOS 12.2 will limit Web apps’ access to iPhone’s sensors The latest iOS beta defaults Web access to motion sensors to "off." February 5, 2019 https://arstechnica.com/gadgets/201...-plans-to-limit-ar-features-in-mobile-safari/
Fingerprinting iPhones May 22, 2019 https://www.schneier.com/blog/archives/2019/05/fingerprinting_7.html Research paper: "SENSOR ID: Sensor Calibration Fingerprinting for Smartphones" (PDF - 1.39 MB): https://www.ieee-security.org/TC/SP2019/papers/405.pdf
Hmmm. My phone has no sensors. Except a microphone and camera. But it's just a dumb phone, so I doubt that anyone can control them.