Probably true if it's a human generating the key, but what if it's a website application that's generating the key? I could easily see a case where the key is generated, persisted only to the disk cache, then a page with the address is sent to some user, and then a crash occurs...

Of course servers shouldn't be generating private keys at all, they should either be using a cache of public addresses or generating addresses deterministically from a master public key.