I just had a reply from the RSGB's ETCC regarding my NoV application. In a nutshell, applying for an NoV to use a 2m frequency for a personal short-range node is a non-starter as "it would be entirely inappropriate for RSGB to assign one of the scarce channels available within the 2M band for your personal use." However it is possible to use provisions already in the license for "remote control of your station" to operate on any frequency I choose, without an NoV. So I have asked them to withdraw my application.
As a holder of a full UK amateur radio license, there are apparently no restrictions on frequency or power that I can use for the remote control circuit (other, of course, than those that apply to normal amateur radio operation.) However the link has to be "adequately secure" to prevent unauthorized transmissions. Typically for a legal document, no specific guidance is given as to what "adequately secure" means from a technical point of view. Limiting the power - or, perhaps more importantly, the receiver sensitivity - so that it cannot receive anything other than my own transmissions might be good enough, but I certainly would not consider it adequate security for my WiFi network (though a few years ago, before everyone got WiFi equipment, I certainly used to.)
Using a transceiver that supports DCS like my FT-817 - as I am currently doing - might be considered acceptable, though it wouldn't take too long for someone to run through all the available codes and find out which one I am using. However I don't want to use the FT-817 for this forever, I'd prefer to find something cheap that I can dedicate to it, and most of the cheap ex-commercial radios don't support things like DCS. They also run too much power. So at the moment I'm not sure what the best long-term solution is.
I hate to admit it, but I can see that D-Star has the advantage here. Being digital, it knows who is calling in to the system. I presume that the DVAP Dongle has a facility to limit access to your own specific call, which would solve the security issue once and for all.
Perhaps I'm worrying too much about this. After all, the reason I'm doing this is because there is very little local VHF FM activity receivable from here. Which means the likelihood of anyone accessing my node, even if it was unsecured, is practically zero.
Postscript: I think I may have found the solution.