The only use case that is being mentioned here (the offering of a newsletter) will actually not make use of the Consent API.
Not as per current compliance / newsletter plugins, but it is definitely a conceivable use case.
One of the core WordPress coding philosophies is extend-ability.
We should leave room for developers to innovate, while still respecting user's consent choices.
All the other use cases I can think of, all make use of the 5 initial purposes.
Let's say a site hosts third party videos and offers their registered users the option to subscribe to notifications.
But some of these third parties upload ten or fifteen videos a day and this is causing all sorts of issues like e-mails being marked as spam because of the high volume of very similar messages - so they want to give users the ability to have more granular control over their notifications, rather than simply have an AI decide their preferences for them.
This isn't quite marketing and it isn't quite functional. I'd personally regard notifications as preferences, but regardless of the classification, a nested hierarchy makes a Consent API much more useful.
We should be future-proofing this feature.
Adding sub-consent types and a nested hierarchy will only add extra complexity to the API and to core .
Could you perhaps give a practical example of this?
I do not see how a nested hierarchy would be incrementally significantly more complex than an array of only five consent types - as there already need to be functions to alter the boolean values for the five consent types (add / remove consent), as well as to retrieve a consent value - and the meta value for caps in the db already present a nested hierarchy, but I may be missing something?