Example 1: You are a large company, and registered 200 domain names for various products, spellings, local shops and such.
That is 200 verification emails, which now need to be pressed or whoops, no more working web shop, email!, and internal API will stop working and so on. Remember that broken DNS will cause emails to bounce rather than being resent later by the mail server.
Example 2: A company is changing name/owner, and in middle of all this need to register new domain name. Whoops, forgot to activate in all that?
Your first example isn't correct. As with the existing WDRP emails that people receive, registrars can batch the verifications. Also, verification doesn't need to be done on a domain-by-domain basis, but on a contact-by-contact basis, thus if all 200 domains use the same one contact in all roles, only one verification needs to be done.
Of course, if your registrar doesn't manage contacts as separate objects from domains (and some don't), they yeah, you'll end up getting a boatload of verification emails.
You'll also start finding a bunch of registrars doing email address checks to ensure deliverability before any registrations or contact updates are performed: this is for the customer's good and the registrar's good.
Registrars have to make a best effort to contact the customer by email. That means that if the email does bounce initially (due to DNS issues, full mailbox, &c.), it's up to the registrar to try again until the grace period expires.
Your second one isn't correct: if your contact has already been verified, there's no need to verified again. It's only if the contact is new or updated that verification needs to be done.
In the third case, you should be using roles, not individuals. Mail aliases were invented for a reason: no one person should be receiving these emails, so it's really your own tough luck if you're a business and you're not ensuring that there's somebody always able to receive and process the emails. Moreover, verification happens when a contact is created or updated, so it should be an address with somebody immediately able to process the verification request.
As far as my ability to write authoritatively on the subject goes, I'm the development lead for a registrar, and implemented most of our domain management system myself.
While I'm personally not a fan, it's not all that silly. If you've registered a domain in the past, your registrar likely invoices you by emailing you the invoice when your domain comes up for renewal (margins are so tight that it's the only cost-effective way). And if you're not checking your mail and you haven't authorised them to automatically charge your credit card, it's possible to miss your payment reminders, which could lead your domain to go into redemption and be deleted for non-payment.
Also, the verification checks only need to be done after you initially submit your contact details or after you attempt to change them, so it shouldn't be too much of an issue.
The big problem that registrars face is that law enforcement want us, the registrars, to verify phone numbers and addresses too, which is going to push up costs quite a bit, even if we find ways of doing so without having to actually phone people.
Verifying a phone number should be pretty easy - auto-call, force them to enter a code. Apart from calling cell phones and some countries, it shouldn't cost more than a few pennies.
Verifying addresses sounds like a real pain though. I imagine they'd want a scan of some ID or something else just as silly. Hopefully ICANN can push back on LE.
Less straightforward than you'd think. Ideally, it'd just be a matter of a text or call and having them input a code, but the costs lie in the failure state: we already deal with a large number of ccTLD registries, and many of those, including the IEDR (.ie) who we deal with regularly, require some form of documentation to allow domains to be registered, contacts to be updated, &c. Even with a 30% gross margin on .ie domains, the support costs with a highly automated application documentation submission process are high enough that we don't actually make much money on two-year registrations until the first renewal.
Thankfully, the new requirements for gTLDs aren't quite that onerous: we have to contact them to validate phone numbers and emails (which can mostly be automated), and we only have to ensure that the address provided is valid. That said, the costs involved in address verification aren't small, and we're hedging potential savings in avoiding fraudulent customers against the additional costs involved.
ICANN can't push back against the LEAs though: this stuff is now in the contract, so we're all stuck with it.
That is 200 verification emails, which now need to be pressed or whoops, no more working web shop, email!, and internal API will stop working and so on. Remember that broken DNS will cause emails to bounce rather than being resent later by the mail server.
Example 2: A company is changing name/owner, and in middle of all this need to register new domain name. Whoops, forgot to activate in all that?
Example 3: technical contact is on vacation.