I don't know whether a nearly-empty drive is better or worse than average. But the point is, you had a 1000-block file full of secret data and when you do
> secrets.txt
the file is truncated, freeing blocks 1-999 (usually block 0 is zero-filled.) If you proceed to write random data it will go to newly-allocated blocks. Then a raw read of the original blocks will expose your secret data.
With dd and notrunc, the random data goes to the original blocks, overwriting your secrets.
With dd and notrunc, the random data goes to the original blocks, overwriting your secrets.