mhansen, to answer your last question....
How can I get a registrar to give me privacy enabled whois info?
IANAL, but I assume that they legally can't, as their registrants have contracted for private registration. Possibly you can manage legal action, but I think you'd be better off talking with your hosting company and a security professional than with a lawyer.
What you are describing is essentially a hijacked site, with a network of hacked and or hijacked sites, generally cloaked for Googlebot, some of which have scraped content, and some of which are pointing links to that scraped content. Some might be carrying malware. Some might be redirecting in order to obscure to users what they're doing.
DMCA is not an efficient way of controlling hijackers, but that really depends on the particular circumstances. There's a huge variety of ways that hijacking and hacking can happen, with many combinations and permutations. Pages or sites you see with your content may be innocent victims, and some of these may or may not be "privately" registered.
Private registration doesn't automatically suggest criminality. It's safer for hijackers to rely on hacked sites than to use their own domains, but the domains that belong to the criminals who are doing the hijacking are most likely registered anonymously in third-world countries where it's not practical to pursue them. Various tricks are use to obscure the setup and to hide the hijacker domains.
Any detailed discussion of your problem would inevitably derail this thread for the OP. The admin who sent you here probably did so because members have posted suggestions or diagnostics to cover some of the most likely hijacking scenarios. I don't think it was assumed that you'd repost your entire original thread here.
Unfortunately, the OP of this thread, Broadway, hasn't gotten back to it. I do suggest you read through what's been posted here and see if any of it might apply to you. Right now, you've posted many more observations than Broadway has, but this thread for the moment has the most feedback... only it's all speculative.
For other aspects of your problem, I hope members posting here will jump over to your discussion and comment. Thread here.... Homepage Being Copied - Google Cache Showing Different URL Than Ours https://www.webmasterworld.com/webmaster/4853054.htm