It is deliberately not that low for fending off a privacy attack. If we made it too low then someone could cheaply spam the network with transactions to themself and then, in the future, would be able to significantly unmask a lot of transactions.
Sort of: they are stored blinded and encrypted. So the value "jason" points to gets encrypted with "jason" as the password, and then that gets stored with a hash of "jason" rather than the name directly.This sounds a little weird, but it means that only someone who already knows that they are looking up "jason" can access it, but someone who only has the encrypted value (i.e. the blockchain) has no idea what the name is *or* what the name points to.