I think the important thing here is that if we were to go with something like this... anyone is free to use or not use the functionality as they so please.
We all of us have different threat models - none of them wrong (well, unless you totally YOLO it and put all of your devices in a DMZ with everything wide open to the world...)