Very few users can detect that they are being tracked, so they can't avoid it. The tracking methods are designed to be undetectable; web beacons are invisible pixels; sites don't tell users: we track this info and share it with these people; even privacy policies usually are ambiguous, and they are too long and complex to read for every site someone visits.
This can be used to make a user's fingerprint stand out based on their browsing patterns. However, it is very fragile in practice. The tracker would need both a rare fingerprint, as well as a rare browsing pattern in order to identify a user.
This is pretty hard, considering the Tor Browser does a good job at having a common fingerprint at it's highest security setting (Javascript disabled, which is what this tracker is for).
I think he is saying that users can't be tracked between page-loads using this method, or your risk sending multiple users the same token. (which is true, at least with this implementation)
The time they spend on the website, latency, etc can all be used to add to a fingerprint, but there isn't something magic that makes this accurate, especially without JavaScript.
I may be missing something, but it seems to me that this technique(if not this particular implementation) could be used to easily track individual users.