TL;DR: IPFS should migrate to announcing a discovery hash constructed from the content hash (the CID) on DHT. Peers find each other using the public discovery hash. Once two peers have established a enencrypted connection, they’d ask each other for the actual content hash. As long as the content hash remains a secret, no one monitoring the network will know the hash/CID needed to make other peers transfer them the data. It’s a simple fix that introduces some sorely needed privacy.
Some discussion on this is in Hypercore DHT privacy enhancement · Issue #263 · ipfs/specs · GitHub