Put another way, imagine I am a teenager or college student who uses Facebook.
1. Start to upload a photo from my phone of me and my friends doing shots
2. Try to figure out how (on my phone!) to set privacy settings so that my younger brother (who is my Facebook friend) and my parents (who aren't, but use the Internet and sometimes Google my name) can't see it.
3. Remember that Facebook has a history of "expanding" privacy settings retroactively
4. Think "Ah, fuck it", and send a Snapchat to my friends instead.
In reality it's probably not that common right now, but hopefully that may increase in the future. You can only pull the rug out from under your users so many times before learn to walk along another path.
To do otherwise would be corporate suicide.
Disclaimer: I work for Google, but not on G+.
I know that, which is why I used the example of Facebook.
However, Google+ does make it incredibly easy to leak information that I would otherwise consider private accidentally.
For example, I can't use Google+ with my primary email address, as it's a Google+ account. However, because it's linked with my Gmail account (which does have a Google+ account), some people who have added me on Google+ have been able to figure out my Gmail address (which I haven't used for email purposes in years).
I can imagine all the technical reasons for this, but that doesn't change the fact that it feels a bit wrong for a service to hand out my old email address (which I never give out anymore) to people I've met recently and who have added me on Google+ using my current email address.
Imagine your Google+ email address is something that you can't change, but don't really want people to see anymore - this isn't uncommon; it appeared in a New York Times piece just yesterday, in the context of college admissions. Thankfully, my personal email address is much more tame than that student's, but that still doesn't mean I want anybody to know or use it nowadays.
Furthermore, it's incredibly easy to sign up "accidentally" to use Youtube with Google+ and your "real name" instead of continuing to use your pseudonym.
As for the distinction you point out - I know the difference, and you know the difference. But most users don't.
> To do otherwise would be corporate suicide.
Apparently not completely - Facebook's gotten away with it for years!
 This may have been fixed, since it was a while ago that I last noticed, but it was still the case for quite a while.
I would have to go through my inbox to remember the details of why this happened - I remember debugging and tracking it down. But the fact that it took that much effort to discover why my new acquaintances suddenly knew my old (personal) email address, and that I can't remember anymore, speaks volumes as to how easy it would be for a less savvy user to accidentally leak information that they wanted to keep private.
 http://mattmckeon.com/facebook-privacy/ - this graph doesn't distinguish clearly between those which were automatically retroactive and those which weren't, but that's a topic that's been well-reported and is easy to search for.
Personally I do feel that G+ has done a good job at communicating to users the privacy they do and don't have, as the ACLs were baked in at the beginning. I think users have had the possibility to be confused when data is being used outside the http://plus.google.com domain, like Shared Endorsements and the YouTube comments, as this opens up the worry ACLs are being violated. I think there's more work that can be done to communicate that this hasn't happened, such as putting the "Shared (publicly|privately)" on YouTube comments so you can see why those are there.
Thanks for the offer - I really appreciate it. I think it had something to do with group contacts in Gmail, but I can't remember. If I have some time today I might take a look.
To clarify: I'm not exactly mad at Google in this case, because I'm a developer and I know how tricky it can be to get these things right even in small, standalone products. And unlike some people on HackerNews, I don't think this is a result of bad intentions. It's just that, every time I see something like this happen (beagle3 points out the example of Buzz below), I can't help but notice that users' trust is both fragile (easily broken) and unforgiving (no benefit of the doubt).
These things are tough to get right, but they're very critical for the long-term success of a product.
 Also, the consequences for me happened to be pretty mild, thankfully.
It's one thing to do this if you're a new service, with users that don't have all kinds of baggage with you - if your UI isn't great they can choose to accept it for the value you offer or reject it. But existing users it's almost a kind of fraud - you convince em to join under a false pretense but then change the rules half way.
Just don't do this. Seriously. Don't do it. I don't know why people keep putting self-damaging things on the Internet. If it's on the Internet, you should consider it as public. Full stop. There's so many avenues for things to get out into the public (leaked passwords, website glitches, human error in general), that unless you're extremely careful about the dissemination of that information (hint: don't be /in/ the picture in the first place, or you've already lost), the data is as good as public.
Really, what did you gain by putting that picture on the Internet, anyway?
what about this: someone is being odiously racist, so I write a brutal reply to shut em down. Should I also hesitate on doing this, thinking that some employer may infer my radical left politics from it and stop me from getting a job in the future?
All you need to know about common sense about what to upload online is that it changes, not only in time but from social scene to social scene.
It is a memory. Doing shots isn't wrong or bad. Maybe doing 20 of them and then driving home from the bar is bad. Posting pictures is a way to relive a precious moment in time with others.