Yes, and Android's isn't the only app repo that could be doing more verification (reminds one of Windows Update and FTDI, no?). To be frank, however, adding additional required verification is a huge pain for everyone, so it's going to be rare.
To avoid the pain they could roll this out only to apps that declare themselves not to be assholes. I.e., an app could promise not to degrade ungracefully under limited perms, and in return it would never get spoofed data. (All other apps would get spoofed data whenever they access an API that a user had deselected.) If a non-asshole app were ever reported by a user and verified by Android devs to degrade in a user-hostile manner, it could just be placed in the asshole category permanently.
To avoid the pain they could roll this out only to apps that declare themselves not to be assholes. I.e., an app could promise not to degrade ungracefully under limited perms, and in return it would never get spoofed data. (All other apps would get spoofed data whenever they access an API that a user had deselected.) If a non-asshole app were ever reported by a user and verified by Android devs to degrade in a user-hostile manner, it could just be placed in the asshole category permanently.