Currently a plugin can be attached to either an API or a consumer for an API.
For APIs with a larger number of users it would be useful to be able to create a group concept that could be shared between plugins and ACLs.
For example this could be used to define rate limits by a group instead of either for the whole API or a consumer. Consider two groups Applications and Developers. The Applications group contains consumers for authorized applications and might have very high limits. The Developers group contains authorized Developers who would have low limits for development purposes only. Or your could have Premium vs Free groups. Names here are irrelevant and would be defined by the API for their needs.
Another extension for this would be a priority number attached to the plugin. So that if the consumer is in multiple groups then the first matching plugin with the highest policy would be used.
The general order of precedence for plugin selection would be consumer, plugin (by priority), api.
By implementing this as part of the core kong it could be used for all plugins. I looked at the effort to implement for a single plugin and it would require a lot of ugly hacks.