Consider that there’s some long tail of visitors who visit many times in one day. Someone is going to be visiting more times than anyone else, whether that’s 10 or 100 or 1000 page views. That person is now uniquely trackable. To avoid that situation you need to stop counting somewhere, and you’re not really getting any new info after 1 (well, 2 I suppose, if you want to track bounces), so you might as well stop there.
I don't agree that the existence of this header makes a user more trackable. You can already uniquely identify visitors with their IP & source port, which is included in every single packet and is way more specific than some timestamp.
Your argument seems to be that this timestamp in the header could possibly be used as a lookup key in a database of visitors. I think that's a stretch, but in any case that database would be the privacy violating thing. This header is completely anonymous.
You’re probably right! But since they aren’t getting any more info by continuing to count after 2, it’s just a liability to do it. After all, the whole point of the setup seems to be to minimize the amount of unique information the system has to process.
