In my opinion the best option still remains to be including more irrelevant addresses in your query somehow. For example your own client could ask bc1q6, bc1q8, bc1q2 balances where bc1q6, bc1q8 are not yours and then when spending from bc1q2 it broadcasts the tx to another node.
How do you know that the other node doesn't belong to the same evil spying entity?