It's not that the identity prevents malware/abuse, but publishing any malware to the store burns the identity and establishing another is harder than simply coming up with a new email address. It's not necessarily the best scheme out of there, but it makes sense given their apparent goal.