Warning: in all of the text below, I only talk about the R and W permission flags; I ignore the X flag (which applies mostly to directories in the context of this discussion). In most cases the X flag should mirror the R flag; the examples where directories will have different R and X flags are rare and require lots of explaining.
... but I wanted to know why users' home folders aren't private by default as I think that they should be so.
If you think it should be so, feel free to configure your system this way.
There are people who think otherwise. For example, in many workgroup and corporate applications, users are classified into groups. The traditional example is to have users Alice, Bob and Christine in the group "engineering", David and Emma in group "marketing", and Fred in "payroll". In such a scenario, the common and sensible way to configure permissions is to that files are readable by everyone in the group, but only writable by their owner. This is the example where the default being "rw-r-----" makes sense.
You can also have directories that you want to be group writable. In the above example, you might have a directory /home/tools, which is maintained by all three engineers. In that directory, you would want everything to be group writable. If you want to get more interesting, you can start implementing overlapping groups. For example, you could create a new group called "toolsmiths", which contains one dedicate employee Sam, plus the experienced engineers Alice and Christine. Then you could make the group toolsmiths be the owner of the /home/tools directory, with rw-rw-... permissions.
Different Unix distributions have different defaults for umask. And they have different traditions for how groups are assigned. Some have the tradition that every user is in a group of their own (so user Alica will be alice:alice); others have the tradition that by default all users are in a single group (so it would be alice:staff, bob:staff, ...). FreeBSD does it the first way. Again, an experienced sys admin will adjust these defaults to the need of their site.
And, more important, why are regulars users able to see root's files?
Many files that are owned by root (or more accurately, by UID zero, which user root is typically the main inhabitant) are not at all secret, and that can be useful for all people. As an example, /var/log/messages* (which are the boot and progress messages from the OS and its major components) is typically protected with "rw-r--r--", so anyone can read it. So if you are wondering why the network is down, you can to "tail /var/log/messages", and you'll quickly see in the last few lines that it is a known problem, and there is no need to contact the sys admin. On the other hand, files such as /var/log/security and /var/log/auth.log contain important information that needs to be kept private (such as the identity of other users, and details of security incidents), so their protection is typically rw-------, not readable by anyone other than root.
Whether the login user root protects their files in their home directory (which is typically /root/...) against normal users reading them or not is their choice. The experienced sys admin will typically think through these questions and make intelligent decisions. One example: When I log in as root, I always religiously keep log files of what I have done. They can always be found in the directory /root/logs/YYYYMMDD.log, and contain clear text with human readable sentences explaining what happened and what I did. They often contain little snippets of shell commands or scripts that I used, so I can cut and paste them later. I always make them world readable. Like that other users can find out what happened on the system, which can help them debug things. For example: "The printer lj5mp is down" ... I tell them to "please look in the sys admin log files, I remember messing with it three weeks ago, but don't remember the details". For that reason, those log files never contain cleartext passwords.
But what should I choose for my home folder in FreeBSD? chmod 700
?
I presume you mean home directory? Windows has folders; Unixes have directories.
The answer to that depends. To begin with, as SirDice said, by default on FreeBSD every user has a group of their own. So you can stop worrying about the group permissions. For the owner field, you should probably go with rw- in most cases, since protecting files so you yourself can't modify them is a rare use case, and using permissions isn't a very good way to implement unmodifiable files (too many tools will work right around permissions, like you can delete a file that has permissions r--------, and then its gone, without having to explicitly disable the permissions). The next step is to think about the following questions. (a) How valuable is your data? (b) How much do other users have to access your files? (c) How much can you trust the other users to act responsibly? (d) How secure is your machine otherwise? Obviously, these questions are correlated with each other (you would never put highly secret and valuable data on a machine that has open login accounts for everyone on the internet with user="user" password="password").
As an example, look at the server I described above. We can assume that it is relatively well managed, and secured against random break-ins from the internet, and not easy to physically steal the disks (it is in the locked server room of a small software company). We can assume that the source code the engineering group works on is quite valuable (dozens of man-years of highly paid engineers have gone into it), so we must not leak it. We also know that we can't trust the payroll person very much, he's just a temporary contractor, so he should not have access to the source code. But all the engineers need to access all source files, independent of which engineer is modifying them right now, so they need full group read permissions. With this model, you quickly get to the conclusion that rw-r----- is the correct setting for the engineering group. On the other hand, the data of the payroll department needs to be highly private: engineers have no business trying to find out how much the marketing people are paid. So the data of /home/payroll or /home/fred needs to be rw-------. And if they create a directory of tools which are used by everyone in the company (like software tools, or this weeks menu for the cafeteria) they should have permissions rw-r--r--, so everyone can use those. But then they have to have the common sense of not putting private data into that directory (so menu is OK, the cook's secret recipe is not).