It does not use OP_DROP as that would make the tx non standard. The public key is simply the ASCII message. Look at the last output and hex decode 4d6573736167653a205468616e6b20596f7520466f722054686520427567205265706f7274202d2 07069756b. Messages exceeding 120 bytes will be added in an additional outputs.
Notes will not appear on address pages, only on single transaction pages and in my wallet. They are only for public messages that you don't mind anyone reading.
Wouldn't it be possible to use the destination address to encrypt the message such that only the receiver with the private key could actually read it? I thought there was a method for recreating the public key from the address and that should be enough to encrypt to the private key. I could see a private message being very useful in many cases such as tagging payments with invoice # or order details. Or for political donations for id info.