I'm not sure if this is applicable on the relay level. A bad/poisoned App or Website can do so much more than a relay. I would be more worried about cookies and fingerprinting there.
Multiple pubkeys might be connected to each other via cookies.
Also some more information on browser fingerprinting https://developer.mozilla.org/en-US/docs/Glossary/Fingerprinting, and there is mobile device fingerprinting, too.
Discussion
Cookies are working with websockets (http handshake), too. Accept-Language header is also sent.
You are right. Bad relays can definitely collect more and do more harm.
Interesting, so it comes down to trusting good relays and avoiding bad ones? What do you look for in a good relay and what do you avoid to stay away from the bad?
That is really hard to say. I would assume that someone will eventually find out that the relay is probing you and requesting more than they need to, but there are no obvious red flags.