I think the malware found on the snap store is actually a reason to keep the status quo on this issue. Snappy, Flatpak, AppImage, random binaries, external Apt repositories are all weak on this because there’s no distribution maintainers checking every app’s source code (with few exceptions) for malware and understanding software inside-out. However snappy is stronger than the others firstly because everyone is locked into Canonical’s snap store, there’s no possibility of someone installing a rogue Flatpak remote that Flatpak can’t take down (though someone could sideload a rogue snap with snap install foo.snap --dangerous) and Canonical can implement checks on all uploaded snaps but also can remove snaps from the store and secondly (more relevantly to this topic) forced updates has the potential to ensure that malware is removed from everyone’s computer via dummy packages that ensure that malicious changes are reverted etc. If updates weren’t forced, someone could turn them off because they don’t want unhelpful changes to their software etc but they may never hear about a particular malicious app and they could thus be stuck with it. I suppose it could be made so that updates are only forced for malicious apps or some notification is given for those updates which grabs people’s attention so it’s not easily dismissed (but I’m sure some would still dismiss it) - maybe the title bar being ‘Your computer is infected’ or something…
Forced updates are also a risk though because someone could push a malicious update to a benign app and it would be installed to everyone’s computer that has the snap.