The problem isn't that people shouldn't share the note with other relays, it's that they could and inevitably would. The note is self-authenticating, if it's valid, if it's Nostr. The server isn't the database of record, or anything. If it's read by someone other than you, it can be shared and instead of it being someone just claiming you said this, it would be as if you said it yourself, and all of Nostr would accept it as valid and authored by a public key.
Discussion
Sure, that’s literally the start point for corporations to be able to validate documents cross-platforms without having to re-validate things like invoice signatures. Sure, the whole network would recognize it, but companies would then find social controls to try to keep that under lock - that part hasn’t changed, indeed. But it helps ensure DBAs didn’t mess with the data in the meantime.
It's like an email. You don't say anything in an email, you wouldn't want the whole company to see. Because emails get forwarded, cause thats how email works.
That’s fine and doesn’t change how a diverse set of applications could leverage the ability to sign/validate data and share the data cross-platform without the need to have users revalidate their work in each system.