This has bothered the hell out of me too. Every day something else arrives in the post through the PO Box address that I only use for domain registration (yes, I'm that paranoid!).

I don't think that search engines will ever admit which way so any advice given through this thread would be pure speculation. So, as for my theory:

I think that search engines will use the Whois info but probably only for linking purposes. i.e. if the whois info is the same for 100 domains pointing to a site then those links will be devalued. Similarly if the whois info is hidden then it will also be devalued.

As for matching private whois info with spam companies I don't think that leap could be made by any search engine.

This question was asked of Matt Cutts at an earlier PubCon, and he confirmed that anonymous registration is not a problem on its own. Taken in combination with other signs of spammy intent, however, it can be "just one more nail in the coffin." At least that's how I remember his response.

This isn't the same as removing contact data but relates to falsifying it. I have a client who has a competitor who keeps stealing his articles and several months ago the competitor set up a new domain/website with falsified contact info and posted my client's article on his home page. We knew who it was so proved that all the contact info was false by checking local phone companies, etc. and then contacted the org that controls domain names and gave them our proof and they then removed the website. The owner was given the option to provide true contact info and remove the stolen article or loose the doman. He did the former and it was allowed back online exactly who we thought it was, without the article.

IOW--don't falsify your contact data if you intend to use it for illegal purposes.