They have to.

Not specifically to these notes, but relays have to be mindful of legal risks in their jurisdiction. They are always deleting posts. They could easily add these to their list because keeping them might be seen as "helping the scammers".

Relays should write a complete data policy and display it upfront. People then decide if they want to be censored they their relays or not.

Closed-source clients should do the same.

Open-source clients can do this as well, but it's less needed because you can always check the code directly. And between policy and code, always go for the code.