I agree that giving the user control is the way to go, any change of PoW only kicks the can down the road.
What do you think about addition of a database where every miner is defined by his bitcoin address and every set of miners is defined by an unique string.
Then any block that includes a transaction containing incorrect string (miner missing in set) is rejected by the network.
This way rogue miners will be penalized with lost fees and signaling of code changes can be based on amount of earned fees instead of hashrate.