https://tailscale.com/blog/tailscale-privacy-anonymity
# What Tailscale isn't: an anonymity service
Tailscale is a secure connectivity tool that puts the highest value on the privacy of your packets. But we made an intentional choice from day one that we weren't going to try to be an anonymity tool. Quite the opposite in fact! We're an identity-centric network.
Anonymity tools, like Tor, need to be architected very differently. They trade away speed to reduce traceability. They are hard to inspect and diagnose and debug, as a feature. They make enemies, both political and corporate. They are inherently hard to audit and control, by design. In short, they are the exact opposite of what you want your corporate (or even homelab) network to be.
We believe anonymity tools are essential to safe network infrastructure and a free society. But, those tools are made by other people.
…
But if you’re looking for complete anonymity online, Tailscale is not the tool for you. Y'all, we're an identity-centric network with a centralized control plane. You should assume law enforcement can easily find out that you use Tailscale. Tailscale packets are pretty easy to detect, so you can assume they could know, through ISP logs, the shape and size of data you send between different nodes in different places (albeit without knowing the decrypted packet contents). You should assume they can correlate that flow metadata with your login identity.
I get why they capture this data, and by doing so they managed to build an exceptionally great service. But I also understand why one would be uncomfortable with exposing this data.
This should be an oxymoron. We've forgotten the point of an API as a profession and it's downright shameful when something this important breaks needlessly. Would it have been that hard to just keep supporting whatever API calls were in existence as e.g. "v1" and put their new stuff in "v2"?