If you connect to a relay, that relay knows you connected (your IP address) and what questions you asked. This is EXACTLY like a web browser. Everytime you go to a website, that website knows you connected (your IP address) and what questions you asked (the URL). People who insist on hiding their IP address use VPNs or Tor. This works perfectly well with nostr just like it works for the world wide web. Trying to avoid connecting to some relays just makes nostr dysfunctional. This problem is outside of nostr, and nostr clients are just making the problem much more complicated than it needs to be by coding connect-based relay access control lists. Just tell the user to use a VPN or Tor if they are concerned about privacy. As for AUTH, that makes more sense to me. You shouldn't just AUTH to a random relay. But fetch a note... I don't see what the big deal is.
Agree on Tor and on Auth. But we don't have a good/easy solution for Tor yet. Most people just use their regular connections on the go. So, I see as a massive privacy risk.