We would like to be able to have restriction controls on export capabilities, not just at the data source level, but at the reporting level too. Org Admins should have full rights, but we should be able to restrict exports by the type of reports available as well.

For example, in our org, we'd like to exclude the ability to export Sent/Received, Opens, Clicks, but still leave in place import reports like hard bounces, opt outs, spam complaints, and mail blocks. This is for data privacy and protection (and to prevent an employee from exporting an active contact source and leaving the company).