I don't think seeing the site is too important, although there are TLS extensions to encrypt that, too[0]. In practice, a huge chunk of sites still have unique IPs, so seeing that someone is connecting to 1.2.3.4 gives you a pretty good idea of what site they're visiting. That's even easier if they're using plaintext DNS (i.e. instead of DoH) so that you can correlate "dig -t a example.com => 1.2.3.4" followed immediately by a TCP connection to 1.2.3.4. CDNs like Cloudflare can mitigate that for a lot of sites, but not millions of others.
However, the page you're fetching from that domain is encrypted, and that's vastly more sensitive. It's no big deal to visit somemedicinewebsite.com in a theocratic region like Iran or Texas. It may be a very big deal to be caught visiting somemedicinewebsite.com/effective-abortion-meds/buy. TLS blocks that bit of information. Today, it still exposes that you're looking at plannedparenthood.com, until if/when TLS_ECH catches on and becomes pervasive. That's a bummer. But you still have plausible deniability to say "I was just looking at it so I could see how evil it was", rather than having to explain why you were checking out "/schedule-an-appointment".
[0]https://developers.cloudflare.com/ssl/edge-certificates/ech/
The CIA’s website was a very early adopter of HTTPS across the board, for this very reason.
Most of the site hosted general information about the agency and its functions, but they also had a section where you could provide information.
Great point, and an excellent illustration. If it was trivial for an adversary to see that some people were visiting http://cia.gov/visitor-center-and-gift-shop-hours, but others were visiting https://cia.gov/[we-can't-see-this-part], they'd know exactly who to concentrate their rubber hose cryptography efforts on.
> But you still have plausible deniability to say "I was just looking at it so I could see how evil it was", rather than having to explain why you were checking out "/schedule-an-appointment".
TLS traffic analysis can still reveal which pages you accessed with some degree of confidence, based on packet sizes, timings, external resources that differ between pages (e.g. images)