If you anonymize outbound links using a dereferrer, you hide the referencing website’s URL to the link destination’s operator. However, the provider of the dereferrer service will have full access to all transmitted data. This creates a significant security gap, similar to a proxy server.
Skeptics even go so far as to assert that data espionage could be a key motivation behind free anonymization services on the web. Secret services, in particular, are likely to be interested in learning what the people who use these services are trying to keep secret.
However, even if you have opted for a seemingly legitimate dereferrer service, there is always a chance that it may be hacked over time. If that happens, the information you are trying to keep secret would be leaked to third parties. Website vendors therefore usually rely on self-powered dereferrers to protect sensitive information – like IDs or GET parameters – from third-party access.
Webmail providers, for example, usually replace links in e-mails by redirecting through an internal dereferrer service. This prevents so-called “session hijacking”. If not, malicious website operators could use referrer-provided session IDs to take over an unsuspecting visitor’s webmail.
Note: Referrer information is sometimes used to make certain site features available to visitors. For example, certain content elements of a website can be directed at a country-specific URL. If you use an anonymous link to refer to your website pages, your visitors may not be able to see what you wanted to show.