As for now, the plugins approval checklist states that:

For plugins that integrate with an external system, privacy API implementation is required prior approval in the plugins directory (most notably the meta-data provider part).

There is a proposal that the time has come to start requiring the privacy API implementation for all plugins to be approved. Not only for those that integrate with an external system.

This issue is created to gather reasons for doing so and to discuss the impacts and time plan for the change.