I agree that there should be better control over the data available in Network Monitor. I can't promise a time frame, though. But we are aware of the problem.
Regarding PII, PHI and GDPR: These are about data related to persons. Network Monitor stores connection information. All this info is about the user of the machine, and nobody else has access to this information because the data is stored in encrypted format. So I don't see any violation of regulations here.