In my experience, BCC is safer than a distribution list. I have had Outlook 2000 expand my distribution list to a list of addresses upon sending, so if I use a confidential distribution list, I put the list in BCC. Without having done exhaustive testing, I think it may work like this:
If your distribution list is (Exchange) server based, then the receiver will only see the name of the list. Of course, if they are on the same Exchange server, chances are they can still open the list and see its contents. If you are running Outlook 2000 stand-alone, connected to an external SMTP server, then the list will be expanded for sending. Does anyone know whether this behaviour is different for Outlook 2003 or 2007?