An ecommerce site might want to run a bitcoind instance to provide access to the API for receiving transactions but no spending is possible.  This dramatically decreases the risk should a security breach occur, as there is much less an attacker can do.

So by allowing addresses with no private key lets the bitcoind do everything except spend.