It seems ideal to create a blacklist of values not to store. Things like a user's password should not get stored as plaintext in some logging area. Right now I can't see any mechanism like that.

See http://drupal.org/node/912412 for a previous SA that covered this idea.