Thanks to a tip received in the previous post, I've found out that there potentially may be more to CDS' database than simply an avatar UUID/name and viewer info. In a very long thread over at SLUniverse, Skills Hak makes the claim that "pc info" gets stored(IP and MAC addresses*), as another method of detection once the copybot viewer makers figure out ways to get around CDS. If this is the case, then that's completely against the TOS, if not flat out illegal. The only way to conclusively find out for sure, is to have the whole CDS system(client, bots and database) submitted to Linden Lab for a full audit, as Skills' word is proving to be not enough.
Also, CDS users apparently have the ability to set up their system not to ban on detection, but observe and record into the CDS database. Although seemingly a much more benign option, this is still a sort of networked vigilantism, as while the detected avatar is not banned from that particular parcel or sim, he/she is wherever a CDS is set to automatically ban, and the avatar's info is still propagated throughout the CDS network.
If I find out more or new developments arise, I'll be sure to post it here.
*Update: It appears Skills put up a FAQ where she says that "The specifics of the data cannot be disclosed. However, no MAC or IP addresses are stored, nor any other sensitive data. The most personal data is the avatar key and which viewer was used." However, I'm not convinced unless she submits CDS for auditing, as I mentioned above.