One of the very few good reasons for in-database logic, such as views and stored procedures is rule enforcement - this allow queries to return only the data you are authorized to see. Doing this across multiple databases on multiple organizations is challenging, but, where I live, we all went through that with GDPR and we are quite good at preventing unauthorized access.

In the end, it feels like nobody (and nothing) can see the whole dataset.