We can’t add a “consent mechanism” because we can’t enforce what the user choses to do.
We could create a “standardized pledge” that third party developers take. But understand that this means that the third-party developer promise not to do XYZ, not that we can proactively restrict them not to do XYZ. (you can open a FR for this).