Honestly, I'd rather it leak my GPS to the Chinese government than the US government. They don't have jurisdiction over me anyway.
> should not be allowed to communicate over the public Internet
It would be a no-go for non-techies. One of the biggest draws to IoT devices for "average Joes" is being able to view and control them from remotely, and they aren't going to have the skills or know-how to set up a VPN correctly with dynamic DNS so that their phone can VPN into their home and then sideload/jailbreak their phone to load a custom app to control it. "It just works from anywhere" is a big sell for them.
There are better solutions, like Apple’s HomeKit. I’m able to watch a camera that has no internet access because it passed through my Apple TV, which serves as a home hub. I didn’t have to set any of this up, it just works when you have the required hardware.
There are various non-internet protocols for IoT devices, none of them good:
* Zigbee: Requires some technical understanding to set up, devices randomly disconnect for hours even when they are 2ft from the coordinator, all-around horrible experience for non-techies
* Non-standard Zigbee variants: even worse
* Matter-over-Thread: horrendously designed from a UX perspective. Easy-to-lose barcodes stuck on cards in the packaging, weird 12-letter codes, and your non-techie cannot understand what the hell Matter or Thread is. Pairing is an absolute nightmare.
Pissed off script kiddies have been confused as government plenty of times by unsuspecting victims.