The symbol rate vs bandwidth is hopefully changing; the ARRL is petitioning the FCC to make it a bandwidth limit instead. On many HF bands, there is limited bandwidth anyways, so the proposed 2.8kHz is a good balance without letting a single individual consume an entire band (i.e. 30m).
Spread spectrum usually requires significant bandwidth, and there just aren't amateur bands below 222MHz that are large enough for that to be truly useful. (The lower limit is 222MHz AFAIK, not 2.4GHz.) Even the 222MHz band is only 3MHz wide, and the largest below that is 4MHz. Spread spectrum starts to make more sense at higher frequencies with 50+MHz bandwidth. If you have examples of SS uses that could work well on the order of kHz instead of MHz, I'd be interested in learning more.
You can absolutely create a new digital mode protocol from scratch. You just need to make the protocol publicly available and let others know what you're doing. You could do a CW or SSB voice transmission before and after each transmission of your custom protocol, explaining where to go to find out more information. (And of course, station identification.) I'd recommend experimenting on some of the wider/shorter-range bands like 70cm first though, and QRP.
This also applies to encryption - if you make the decryption keys publicly available, and you make it clear how others can decrypt what you're transmitting, it is possible to experiment with radio encryption on amateur bands. That goes to the nature of amateur radio - learning and experimentation. But what you can't do is use it for private purposes - there are other bands for that (i.e. ISM). Most of the conversations around this are people frustrated that they can't browse HTTPS sites or have private communications on amateur channels. It would be nearly impossible to ensure people aren't hogging the amateur bands for inappropriate purposes if you can't decrypt/decode what is being transmitted. With such limited bandwidth available, especially on some HF bands as small as 50-100kHz, prohibiting encryption helps ensure equitable access for everyone. It's like complaining about not being able to drive a non-street-legal vehicle on highways. You can still take that vehicle to off-road tracks if you wish and have fun.
Power limits - I don't know what to say on this one, other than if you have a good case for exceeding them for a specific use, contact the ARRL or your regional radio organization. Drum up support in the community. If there's enough interest and justification, rules can change. But QRP is sometimes a fun challenge too.
As for fines, I have not heard of fines being issued as "gotchas" or for minor infractions. Do you have examples? Most of what I've seen are people causing blatant intentional interference or flagrantly violating the rules with inappropriate behavior, repeatedly after several warnings.
- Baud rate vs symbol rate vs bandwidth occupied
- No spread spectrum south of ~2.4GHz
- New protocols/modes are a catch-22 of needing to be well known to be legal but then how do you create a new one from scratch?
- Use-case specific power limits, like radio control.
- "Gotcha" technicality fines like incidental broadcasting of music or "fleeting" curse words. Intent and pattern of behavior isn't considered.