I think you may be right. I played around with that a bit and plenty of the notes that I can read are from people whose profiles are locked down pretty tight.
Keep in mind how Google's database works: These notes can only be found if there is a link to them on a page already in their database. That means one of two things: Their profile is set so that Google can read it, and it scraped the link from there, or someone posted a link outside of Facebook to the note.
Its a lot like all of the private FTP sites you find in the Google database (Do a search that resembles * : +intitle:index.of +"last modified" +"Port 80"). While some of them may have been meant to public at one point, all it takes is one link pointing in for Google to find it and open it to the world.
*A note about that search: it returns some place in the realm of ~12 million results. A massive number of those are intentionally open, for thins like open source projects. You'll have to append something ridiculous like -inurl:(com|org|net|edu|gov|uk|fr|gr|www|jp|ftp|eu|biz|info|ww|ca|ac|ru|se|us|ch|ua|pl|ch|am|co) to even start seeing links to IPs, which I would guess have around a 99% probability of being someone's home computer that they put Apache on to make life easier, and then put a link some place so they could remember it.
I thought being searchable would provide some hilarious or insightful notes. But frankly, no matter what I search for, it's only mentioned in someones 25 things about me/my friends quiz.
From a sample of 3-4 tests, these appear to be public notes, or notes from pages. If you want to see who the notes belong to, then take the URL from the google search that looks like this:
69.63.186.30/notes.php?id=108682512183
and use the id at the end of URL to form a profile page:
www.facebook.com/profile.php?id=108682512183
If you're not a friend, and you can navigate to the entity's notes, then you can be pretty sure they're public.
If they are public, then it's not surprising that google indexes them.
The only problem is accessing all those results Google has stored away. The attempts I have made to access their database have met in huge failures, except when jumping through some rather massive hoops. They restrict you to the first ~60 results if you do what they want and use the API, and ~250 results if you cheat and scrape the pages directly.
That's what makes Google a little disturbing to me. Their database is (in theory) open, but to get any more than a very small segment at a time you have to either craft ridiculous queries.
That's what makes this work, though --- you only need one result, one name and the associated 'tagged' names. Then you search each of the tagged names.
60 resuls is plenty to get one good result per name --- heck, you don't even need that one. Even just one good result per ply will get reasonable results.
