Why should Pebble have to spend the CPU cycles, RAM, and battery life on that? Why, since Apple makes each device register to receive notifications in the first place, can't Apple add a toggle for each registered device? I mean, there's already a Notifications config page for each app, where you can set how you're notified by that app; why not add toggles for devices to those pages? Simple, really, and when you think about it, more secure because you can limit notifications sent to your watch to only those that you don't mind whoever is sitting or standing next to you reading when the pop up on your watch.
Android also makes you visit a config page and check a box to allow the Pebble app to intercept notifications. The difference is that, on Android, the app gets to decide which notifications it gets, where Apple makes it an all-or-nothing proposition. That's not a security measure, that's a security risk. The irony is that, the way iOS notofications are configured, iOS is actually in a better position to mitigate it (by doing what I suggested in the above paragraph) than Android is; iOS could add those toggles to the notifications config and simply not pass deselected notifications to the app in the first place, which actually would be secure. They have the framework for that already in place. Android leaves it up to the app to decide which notifications it wants passed to it; it isn't passing them all, but it isn't giving the user the choice at the system level like iOS does, either; except that, in the case of a 3rd-party app requesting access to notifications, iOS isn't doing it either.
In other words, neither platform handles passing off notifications to 3rd-party apps in a secure manner once an app has been granted that access, but Android does allow apps to only receive the notifications they want. If iOS allowed this to be configured, within their already in-place configuration framework, not only would it have feature-parity with Android, it would have the security upper-hand, as well.