Correct. Though there is an issue of plausible deniability if we do get breached, assuming a user who absolutely requires it used a username that can be tied back to them. We're working on a solution for that.

If you require plausible deniability to be safe or avoid incarceration, I would recommend not using Balances at this time – I obviously can't guarantee that we are safe from a very motivated intruder, but we have taken many paranoid precautions to avoid such a breach.