We do have a sorts of whitelist criteria, some older projects still don't have SSL thus are breaking such criteria, but we could certainly increase the scrutiny that we place under potential projects. At any time, anyone can create a poll to remove a project from the whitelist though.