This is a feature we had in FF original -- the ability to use a token like {trafficsource-id:md5} which sends an MD5 hash of the token value.

Ideally, user accounts would have a unique encryption key each, allowing them to easily decrypt any passed values.

The use case for this is to allow passing of zone IDs and similar to networks without revealing them, as for many popular sources this readily reveals traffic source info.