For years companies have treated customer data privacy as a defensive necessity, something to manage quietly through legal reviews, compliance checklists, and dense privacy notices. The assumptions ...