Read this post from IntelFusion. It makes a very strong case for why I worry about any privacy system run by operators you can't really trust, investigate, and verify. In this case it is an investigation of Glype servers. They can be configured to do significant logging, and the author has been able to remotely retrieve the logs from many of the Glype servers. The results show many users from within sensitive US Government organizations and would provide the ability for an attacker to gather all kinds of useful intelligence to find soft targets to exploit. On the personal privacy side, it is an easy way for attackers to intercept usernames, passwords, travel plans, personal information and more for use in, identity theft, burglary, and hacking among other things.