Look, everything here is a good suggestion for someone who knows what they are doing, but all of them have the potential to have some impact on the user experience in a variety of negative ways

MAC addresses should be randomised by default, but only when scanning and when connecting to untrusted networks, but how do we know that a network is untrusted? Many newer open networks (e.g. at restaurants, resorts, hotels, parks, etc) use a WPA2-PSK instead of an unencrypted captive portal, so it’s not true that a WPA2-PSK means a network is trustworthy

So, we’d have to prompt the user to ask them, but now we need to explain the risks and why they should care, and we now also need to help inform the user and offer to reverse this choice if it’s not compatible with the network they really want to join

The UX for dealing with all of these suggestions becomes complicated pretty quickly

A privacy-minded person will appreciate the extra knowledge of what their system is doing, but someone trying to switch from Windows or macOS is probably going to be confused unless developers spend a huge amount of time considering every possibility (spoiler: many won’t)

Perhaps what we could do is have a preference that is like Firefox’s privacy settings (standard versus strict), as a way for the user to tell NetworkManager their risk-appetite and which set of default behaviours is more appropriate?

It would be even better if this was a system-wide