Let's see, right order is first you encrypt your personal data to stay anonymous with your public key(only you own the private key) then you sign that file with your private key for anyone who has your public key can read your signature. I think they first sign and then encrypt file. Only the owner of private key could decrypt this pgp message. In this case cryptcracker.
But key IDs matches with the key used to encrypt the message.

I've used gpg v1.4.16