With AOPP you seem to have no control over which address is used and the exchange now knows your hardware wallet vendor.

I get that it is more user friendly, I just prefer to avoid it for the reasons stated above.

There is also the ethical question that AOPP is just a first step in submitting to unjust KYC-like regulations. Sure, it's opt-in, right now only used by light-KYC swiss brokers but this can very well be an avenue of state attack.

First exchanges remove the option for manual signing. Then states mandate AOP also shares extra information.

I'm sorry for being a PITA with this, but when it comes to money and cryptography, we always should think adversarially both technically (which your company does) and politically (where it is lacking).