These are not security macros! They do effectively block the content when the page is viewed directly, but the whole page text is indexed and will show up unrendered in page summaries, as well as being visible by viewing the page source from the Page Info view. What are these macros for then? They are very good at customising a page depending on who is looking at it. This is useful for determining if a visitor is logged in or not, belongs to a certain group, or has permission to edit the space.
For example, a page in SPACEONE may have a reference to a page in SPACETWO. If there is a user that can view SPACEONE, but can't access SPACETWO, then the link will just be an ugly red unrendered piece of text.