The problem with using SHA1 to protect PII is it would be trivial to brute force, especially with the restrictive character set of URLs, and a big part of them being able to be guessed. One could very quickly cycle through all Hacker News URLs, for example. This is why a key derivation function would be preferable.
The space of possible reasonable URLs is way too big to brute force. If your point is that someone can just grab the set of existing HN URLs and get their heashes, then I don't see what this achieves. Someone who knows the URLs can just download all the comments for them anyway. In other words, is there an example where a sophisticated state of the art hash has advantage over MD5 in our case?
