alt Hacker NewsRight that most of these aren't surprises individually, and right that nobody wants a permission prompt for Accept-Language. The argument isn't that you should, it's that the combination is enough to identify you across sites without your awareness, and that the wider tracking ecosystem trades on that bundle. The piece is editorial about the thing existing, not a proposal to gate every header. Reasonable to push back if you find the bundle isn't the point.
Fingerprinting has exited for a long time. But this site is specifically saying "None of them told you".
The site does seem to be implying that disclosure and consent are the issues:
> We did not ask for your location.
> Nothing about this was requested. The information arrived on its own.
> Your device volunteered all of this in the first milliseconds of the connection. It will do this again on the next page you visit, and the one after that.
> No permission is required.
It's framing this as if browsers are maliciously volunteering information that ought to be protected, and that sites are maliciously hiding the information available to them.
It does seem to be clearly suggesting that even basic pieces of information ought to be available only upon request and that this must be disclosed to users.
You say this is "not a proposal to gate every header", but it's sure looking like something close to that to me.