The biggest security hole is definitely that it's account based so all your queries could theoretically be tied to that single account if they're not being honest.