A contributed Drupal 6 and 7 module called Localization update is available to download translations automatically. This feature is built into Drupal 8. When the downloads are processed, files are retrieved from ftp.drupal.org where exported versions of the translations are made available. We don't collect individual stats on sites downloading files. We may collect aggregate data on translation downloads. Drupal 8 offers this functionality right in the installer. Picking English lets you opt out of the automated download if you are still concerned.
All translation submissions and moderation actions are associated with the user submitting them. We have operation logs based on which user submitted a translation and which user approved or declined it. This is for communication and crediting purposes. It helps moderators communicate with the translation submitter and gives proper credit to those contributing. It is also designed to protect from vandalism and spam. Team leads can disable access to submit suggestions and translations on a user account basis, so vandals and spammers may be locked out. Localize.drupal.org does not allow for anonymous participation.
All Drupal versions attempt to prevent from Cross site scripting (XSS) attacks via translations, but this is not entirely inevitable unfortunately. The translation leads (moderators) are responsible for ensuring that the approved strings don't contain attack vectors. The submission and review of translations happen in a raw text format which makes this review easier.