When reading notes that need to be recreated (e.g. read + nullify + new note), such as in PrivateMutable, the new note we create is the same as the old one:

pub fn get_note(self) -> NoteEmission<Note> {
    let mut (note, note_hash_for_read_request) = get_note(self.context, self.storage_slot);

    destroy_note_unsafe(self.context, note, note_hash_for_read_request);

    create_note(self.context, self.storage_slot, &mut note)
}

The only different value will be the nonce, which we can think of as a guuid, so external observers won't notice that two notes are the same since their hash won't match. However, it is possible for someone that knows the entire note pre-image to detect note recreation, since the nonces are created from a relatively small set (iirc they depend on the tx hash and kernel note array index): for a given block someone could compute all possible nonces and then perform trial-hashing until they find the recreated note, leaking that the old one was spent.

What we should do instead is create a new note with the same content, in which we'd recompute the randomness. This will be easier once we have 'private notes' (randomness + npk) as a first-class citizen in aztec-nr.