Erik, the issue isn't access control. It's logging and compliance. If someone uses our network to break the law, we need to be able to identify the responsible person. Privacy addresses are directly at odds with this requirement. Leaving them off by default isn't a 100% solution, but it helps a lot. Defaults matter.
Mathieu, why do you assume that enterprises will use DHCPv6? Some might for some of their networks, but it doesn't make sense for all use cases.
Erik, the issue isn't access control. It's logging and compliance. If someone uses our network to break the law, we need to be able to identify the responsible person. Privacy addresses are directly at odds with this requirement. Leaving them off by default isn't a 100% solution, but it helps a lot. Defaults matter.
Mathieu, why do you assume that enterprises will use DHCPv6? Some might for some of their networks, but it doesn't make sense for all use cases.