You could do that, technically there are other APIs like Trust Token API to protect against malicious clients, but one client in a giant cohort is unlikely to cause much damage anyway so it doesn't matter... And this is anyway going to be machine learning driven so unless you poison all of the FLoCs a lot it may end up being discovered or the FLoC simply not considered performant by a specific ad campaign.