We use the Privacy Service API to delete user data as per GDPR.
Today our requests stopped working. They now report a 403 status and error message "API Key is Invalid". Our API Key hasn't changed and I've confirmed it matches the API Key within the console.adobe.io.
Have you checked if the certificate has expired? You can see the expiration date in the Service Account (JWT) Credentials page in your project. On the bottom of that page you see the public key and the expiration date. If the key expired, please add a new one.