Improve the same-site recognition section.

Using martinthomson's comments.

index.bs

@@ -198,9 +198,18 @@ specifications to defend against, described in subsections here:
 
 Contributes to [=surveillance=], [=correlation=], and [=identification=].
 
-This occurs if a site can determine with high probability that a visit to that
-site is coming from the same user as another earlier visit to the same site, and
-the user expects not to be associated.
+Users of most instantiations of the web platform expect that if they visit a
+site on one day, and then visit again the next day, the site will be able to
+recognize that they're the same user. This allows sites to save the user's
+preferences, shopping carts, etc. The web platform offers many mechanisms that
+are either intended to accomplish this recognition or that can be trivially used
+for it, including [[RFC6265|cookies]], {{WindowLocalStorage/localStorage}},
+{{WindowOrWorkerGlobalScope/indexedDB}}, {{CacheStorage}}, and other forms of
+storage.
+
+A privacy harm only occurs if the user expects not to be associated between two
+visits, but the site can still determine with high probability that the two
+visits came from the same user.
 
 A user's expectation that their two visits won't be associated might come from:
 
@@ -222,7 +231,7 @@ that are consistent between the two visits and probabilistically unique to the
 user.
 
 The attributes can be exposed as information about the user's device that is
-otherwise benign (vs [[#hl-sensitive-information]]). For example:
+otherwise benign (as opposed to [[#hl-sensitive-information]]). For example:
 
 * What hardware is connected to the user's device? A game controller? An
     assistive device?