> these types of compliance efforts can mean completely redoing multiple core systems to handle privacy, wipeout, audit, reporting, per-location policies, etc etc. These efforts can involve hundreds to thousands of people for multiple years.

What if I tell you that there's a surprisingly simple, straightforward and above all very cheap solution: don't implement privacy-invading or anti-competitive features in the first place ;)