Need help understanding the Drupal Git Repository Usage policy

I am trying to understand the Drupal Git Repository Usage policy that regulates the material hosted on Drupal.org:

All files checked into the repository (code and assets) must be licensed under GNU/GPL version 2 and later.

This is pretty clear: If it ain't GPL V2+, it's gotta go.

And further down the page:

A user's account may be terminated without warning for reasons that include, but are not limited to:
1.) violation of these TOS;

That is pretty clear as well: If you violate this TOS, you gotta go.

However, when I look at the content hosted here, there are a lot of examples of violation of this particular TOS. For instance, a large number of themes, including some very popular ones - like Omega - includes in their repository the file normalize.css, which is available under the MIT license, and not GPL V2+.

In other words: There is a policy, but it is not enforced, and nobody seems to care.

Now, I am not asking this out of idle curiosity. I am currently trying to help out in the Drupal.org project applications review queue. One of the explicit things a reviewer is supposed to do is to:

Ensure the repository does not contain any 3rd party (non-GPL) code.
(Source: § 4.2 on the Project application checklist).

So I have to block a number of applications (in particular themes) because they violate the GPL V2+ only TOS - knowing full well that the material I block is already hosted on Drupal.org in dozens of other project's repositories.

Two questions:

1. Is the policy in fact more flexible than it looks, but one needs to know some secret handshake to be told the real policy?
2. Should I go on blocking these applications?

For the record: I've also opened another issue (see "related issues") where I propose to discuss amending this policy. This is not a duplicate. The two questions above are asked in earnest - I really want to understand what the real, current policy is, in order to go on with my reviewing.