Given that iSight and Facetime HD cameras required drivers and firmware to get running under Linux, I would be positively surprised if the new camera is easier to set up, meaning I don't think it works right now. Even the existing camera support isn't 100%, with features like suspend/resume being flaky, all due to it being reverse engineered.
That said, the options for developer laptops has shifted in favor of general x86 computers, including very light-weight machines and ones with mechanical keyboards. If I want to use Linux on it, my first choice wouldn't be a macbook. So, unless you require macos for work, you have have a more diverse variety of laptops to find one that suites you best.
On Thinkpads you can disable the routing of signals of the mic and camera in the firmware. Afterwards, it's not available to the kernel. Whether that's somehow hackable via a UEFI bug I don't know, but there are also laptops with physical switches the mic, wifi and a lid for the camera. Your safest bet is to open it up and disconnect the device, which is less likely to raise alarms on Linux and BSD than it is under macos, I assume.
Based on a talk at the recent blackhat 2016 conference, bootstrapping and communicating with a secure-enclave processor can be a huge task. If it is ever possible, it will require some fairly large engineering (and reverse engineering) efforts.
I've never really understood why people want to run Linux directly on (most) laptops. These computers usually have all sorts of one-off proprietary chips embedded in them, that didn't come from some manufacturer that cares about standards, but rather were written under contract for the OEM-integrator itself. In this regard, Apple is no different from Dell or Acer or Toshiba. (The only modern exceptions are HP and Lenovo's respective enterprise departments, who both try to ship hardware that Linux already has upstream support for.)
Both Windows and macOS have pretty cleanly-separable userlands. Either OS can be set to a single-app full-screen "kiosk" mode, where you boot straight into a specified app. And that app can be, say, VMWare. Running Linux.
Computers used to have BIOSes: a chip that is loaded with firmware, and exposes a standard abstract-device protocol for each device class the computer supports. It's not a far leap to imagine a stripped-down copy of Windows or macOS, running on one core of the CPU, as a modern kind of "BIOS."
The T1 is running firmware from a ramdisk initialised by the host, like many embedded devices. So at the very least, you'd need to rip the necessary firmware images from macOS.
