One point I’d like to clarify, though, is that in the protocol I’m working on, private key collisions are expected to be a regular occurrence. I understand this might seem unconventional.
We'd really need some more info to be able to help 
Is it perhaps some kind of gambling application, where you purposefully use low-quality randomness and your risk is that some other party is colliding with yours? That's the only thing I can imagine where private key collisions could be useful in some way ...
In this case, maybe the answer I wrote originally yesterday would be perhaps useful.
The idea is that simply you add another "item" or "piece of information" the original creator of a private key must know to move funds. This can be another key - we'd be talking about a multisig address in this case - but also an arbitrary secret you use for a hashlock. If all funds are sent -- instead of the P2(W)PKH address corresponding to the private key -- to a P2(W)SH address which represents the contract with the hashlock, or a multisig address requiring an additional key, then the funds can only be moved by the original owner.
To go more into detail or for alternative approaches I'd need more info about the protocol. If you don't want to reveal the character of the protocol, it's already useful if you answer just the following two questions:
1) what's the purpose that an user sometimes reveals the private key to others, instead of simply signing a message with it to prove ownership?
2) why do you allow private key collisions - i.e. use a low quality randomness source?