Here's a real life example: Leaker 1 uses securedrop to send a leak from an organization A where he work and his Mac user agent leaks. Organization A finds everyone has access to the leaked docs and finds the ones who have a Mac. Depending on the situation they may actually narrow it down to a few people or just one, all because the browser doesn't even try to spoof the OS.