Change the default meaning of 403? I don't think that's a good idea. When a user needs to be logged in to do something and they aren't, you show them 403. When access is restricted to people outside a network, they see 403. It'll be hard to force a new behaviour onto the existing web, easier to add a new HTTP code.
My understanding is that the server should respond with 401 Unauthorized when someone is attempting to access a resource that requires authentication. What is the case for using 403 instead?