“They” is a pronoun.

Not the question.

It’s loaded language

Nothing you wrote supports that. In the i-drive case, it draws a distinction between a (1) direct transfer between remote systems (without intermediary) and (2) a transfer between a local & remote system.

Other OSs have this concept. My first exposure to the concept came from administering Windows systems. Their definition draws an unopinionated distinction between official & unofficial distribution channels

Sideloading apps is when you install apps that aren’t from an official source, such as the Microsoft Store. Your organization can create its own apps, including line-of-business (LOB) apps.

& their distinct installation methods with similar caveats

When you enable sideloading, you allow installing and running apps from outside the Microsoft Store. This action might increase security risks to the device and your data. Sideloaded apps need to be signed with a certificate that the device trusts.

That’s the entire point of the term there: to express that the installation method & checks differ.

What about the clear use case for a FOSS developer who doesn’t want to go through the Google authority for validation?

Sign it yourself or bypass verification as stated before.

Show me the “clear documentation that power users can still install any package they want,”

It was linked above: try reading.

Google already has a service to protect against malicious applications

which is reactive & doesn’t deter the installation of malicious apps via sideload like the new feature will.