I am strongly against CheckUser being performed in secret, sunlight is the best disinfectant and open and honest procedures will - in the long term - garner the various projects more respect.
I guess I'm not certain what you mean here by "secret". Each project has at least 2 CUs to double-check each other, and all CU checks are recorded in the log for all CUs to see. In that sense, there is no such thing as total secrecy, although the argument could be made (against good faith) that the CUs were in collusion, or that they were forming some sort of "cabal" or whatever.
Consider the case where there are suspicions about an established user, a CU checks it out, and nothing is uncovered. Do you say to that person: "Hey some people around here suspected that you are a sockpuppet or a meatpuppet, or a vandal, or whatever, and we got your IP records to test that theory, and it turns out that you aren't". And then, if the person doesn't storm off in a huff immediately, he could respond "well maybe the guy who accused me of it is actually a sockpuppet himself! check him!" While this is a hypothetical, it's not too far-fetched. If you tell people that they were suspected of wrongdoing and that their privacy was violated because of those suspicions, it is going to make people very angry.
CUs do need to be worried about privacy, and they need to know when NOT to divulge certain information. Sometimes, that means knowing when to keep your CU activities quite from the general public. Everything is in the log, little things don't explode into big emotional disasters, and everybody stays happy.
--Andrew Whitworth