First feedback is that it's limited to Amazon US! It looks like you've planned more regions as there is a selector with a single element, but it would be good to support more countries.
I'm not a security researcher, but I do believe in the ingenuity of others. If all else fails, this kind of law in my own country would lead me to running apps within a virtualised environment (if possible), or a dedicated cheap device in a drawer with my actual device still being mine.
You're claiming that the only legitimate use of rooting is criminal activity, which is not true. Your argument is based on a faulty premise in my eyes.
Unfortunately the answer here is to not abide by the law. If there is a reasonable way to bypass this (as the cat-and-mouse game always seems to continue), and there is reasonable expectation to not be caught, then I see no moral quandary with ignoring such a consumer-hostile rule.
Talos has it's own API that you interact with primarily through the talosctl command line. You apply a declarative machineconfig.yaml with which custom settings can be set per-node if you wish.