Just want to make something clear here - the focus here is not on the security.
It’s the page load/rendering speed that is affected.
Imagine having a multi column table with 3k records loaded on page load and hiding it with just display: none; vs not rendering 3k records in the DOM at all.
The security of your data is your responsibility and should be done in your server actions.