I think applications should not have internet access by default. They should require the user to give them permission either temporary or permanent permission to connect to the internet. Ultimately that's where the security bottleneck is.
I'm frankly disgusted that drivers for hardware like this need to connect to the internet in the first place. This data is clearly not being used to improve the user experience. If it was, then it wouldn't have been a surprise for Wacom that it was collected. Other companies, like Microsoft, also wouldn't be making such terrible UI/UX decisions time and time again, if this data was actually used for improving the user experience.
More than a decade back, I used to do this using firewall rules. Ot used to be a single-click firewall setting to disable all apps by default, have a pop-up show up when an app not already in the rule set would try to access the Internet, and thus keep building / refining the rules.
One workaround apps had was to open a browser window to send information over.
There's no reason I would want mouse / keyboard / pen-tablet / printer, etc. drivers to be accessing the Internet, not even for checking for updates. And there's no real reason for these drivers to be more than a kew KB in size, leave alone 100+ MBs like these have been since ages.
I'm frankly disgusted that drivers for hardware like this need to connect to the internet in the first place. This data is clearly not being used to improve the user experience. If it was, then it wouldn't have been a surprise for Wacom that it was collected. Other companies, like Microsoft, also wouldn't be making such terrible UI/UX decisions time and time again, if this data was actually used for improving the user experience.