I don't know whether a nearly-empty drive is better or worse than average. But the point is, you had a 1000-block file full of secret data and when you do

    > secrets.txt

the file is truncated, freeing blocks 1-999 (usually block 0 is zero-filled.) If you proceed to write random data it will go to newly-allocated blocks. Then a raw read of the original blocks will expose your secret data.

With dd and notrunc, the random data goes to the original blocks, overwriting your secrets.