It ideally doesn't need to be a privacy-invading thing, but rather a way for administrators troubleshoot issues a bit easier without having to get on a screensharing call. I think maybe what makes it difficult is that Gmail might be used as the key to authenticate into other accounts (like for shadow IT).

And in the ideal case, even this action that a Google Workspace administrator logged in as someone else would be automatically written into an audit trail.