I was pointed to the fact that Tor Cloud nodes are only relays, rather than guard (first) or exit (last) nodes in the Tor circuit.

    http://news.ycombinator.com/item?id=3236580

This obvious limits some of the concerns...but it's the number (and bandwidth) of guards and exits that is much more a problem in Tor than the number of relay-only nodes.

There *is* real privacy concern if many Tor nodes move to one cloud provider, and particularly if the Tor nodes are the first and last hop of the chain. In fact, we have a project called "Cloud-based Onion Routing" (COR) that looks at this problem.

COR discusses some policy approaches to make deployment on *multiple* cloud providers safer, as well as introducing another layer of indirection that makes Tor/COR market-friendly: We can sell (or give away) access to this higher-performance COR network, while still protecting end-user anonymity.

            http://sns.cs.princeton.edu/projects/cor/

The nice thing is that our implementation mostly just uses the local tor controller to enforce access to the tor proxy based on the presence of anonymity-preserving tokens sent during connection setup, while "Anonymity Service Providers" running Tor nodes on cloud providers (EC2, Rackspace, etc.) is just starting a VM and running a node.