It wouldn't matter if they implemented "E2E" encryption. "E2E" is necessary but insufficient for messaging security. It would still be a terrible idea to rely on Bluesky DM's, even if they met some floor of cryptographic quality, for the same reason that it's a bad idea to use Facebook DMs, despite their cryptography being close to the gold standard for large scale social apps.