Security is part of it -- dpkg and apt were not built to deal with the problem of tracking each individual executables' complied library versions. When the next Heartbleed happens, how will you know which things need to be recompiled? (Some of this data exists in adjacent Debian systems for DD's internal use, but it's not integrated into dpkg in any way.)

https://wiki.debian.org/StaticLinking#downsides has some of the background there.

I think this is a fine description, and respect your reasoning! I think there is in this case, no conflict: Keep the OS-managed packages strict about dependency security, and let the user run the .deb or compiled program Fresh (or whatever software) has provided. So, I think your (Debian perspective), and Fresh (Providing binaries for download, including as a multi-linux script) is on the simpler/easier/just-works end of installing software. No conflicts. Single-CLI line install either way.