Code executing and code communicating to the outside world typically cooccur.

If a bit of code can execute, you presume it can also communicate across the network.

So your privacy model reduces to "what code is allowed to execute."

But if it were possible to prove "this code executes, but no information about it can ever be communicated to anyone else" then you can ignore the "is this code allowed to execute" (hard) and instead just decide "is this code allowed to communicate" (easier).