what this gives you is better defined as deniability than privacy
I think that as the proportion of complete fabrications increases, the difference between deniability and privacy approaches zero.
Let's say you want to keep your sexuality secret. You can try to keep all information about all your romantic relationships off the net - and then, as soon as someone posts one thing, there's enough to speculate on. Or, imagine if you could arrange for there to be an enormous amount of conflicting information - people claiming that you've engaged in relationships of every conceivable type, duration and intensity. If there's no other way of trusting some of those reports over the rest, then what you get is white noise, with a similar information content to silence.
the candidate basically has to admit that for a long period of time, they completely neglected to perform that most basic of common-sense security activities
Yup. Now I'm pretty sure that my friend didn't neglect that measure in an act of calculated purpose. But I'm also pretty sure they haven't left their internet banking logged in at a public terminal. I think we're talking about sacrificing the security of a facebook account for the potential benefit of clawing back some of the privacy that would have been lost if we used facebook as it were intended.
(normally when people talk about privacy vs security of course, they're wrong
, but in this case, I suspect it might be a genuine trade off)
Let's imagine a limit case, where I publish my facebook password on my front page and all that sort of thing. Perhaps my account fills with spam. Some of my friends killfile me (so they don't have to read the spam - and they're not getting any actual information out of it anyway). Some other friends might enjoy reading the more elaborate lies just for their entertainment value, and might not killfile me. People stop sharing private things with me through facebook, because it's well known that if I can see it, so can anyone else. It sounds to me almost like not having an account at all - except for those occasions when people post stuff pretty publicly and facebook demands that you log in to see it anyway, because it wants everyone to log in.
Of course my friend doesn't live in the limit case. They're actually just declaring facebook to be below the "I don't care" threshold. Perhaps a more realistic presidential spin doctor would say "come on - no-one cares about facebook! It's full of lies anyway!"
Another way of looking at it is like security and fire doors. If they're more annoying than the risk of a security breach or a fire, then they end up being propped open with fire extinguishers. This annoys the building manager, because the expected loss from fire or theft is quite a lot worse for them - it's the whole building rather than just one desk - but no-one else really cares.