This may be a key part of the mechinisms tested to determine a "modern" web client in Cloudflare's Browser Integrety Check. Though public outcry has finally caused CF to change what they pulled on everyone.. It may later require this again. Not to mention other bits of bs.
Still, the initial implementation at least when set to 1 is likely safe according to our peers at the SeaMonkey Project. 2 likely won't be until more control over a ReferrerPolicy is ported with all the refactoring that requires and THEN follow-ups to get 2 going could be done.
We will have to see how this goes on both the code side and the Cloudflare side.
Mozilla Bug 446344