A mandatory header would get implemented on sites that even halfway try to comply, and it would be extra easy to enforce on fully malicious sites. I think it would be useful.