Currently the watch list can only be used in notification schemes, not permission schemes. It would be useful if one could grant the Browse permission to 'All watchers', and then selectively add people to the watcher list when they need to be able to see the issue.
This is especially important now that notifications take issue visibility into consideration. At the moment, if I add someone as a watcher but they can't see the issue (not being in an appropriate group), they won't get sent a notification. If I could preemptively grant "All watchers" the Browse permission, I could then safely add watchers, knowing they will be able to see the issue.