Assume someone sets up those personal questions with mostly actual and true data because otherwise they might forget what details they changed. This means that a lot of the details are in many cases mostly publicly available or not very challenging to find out.
I suspect an adversary who manages to get its hands on the "encrypted" seed words can rather easily find a lot of the private data questions and has a much smaller search space for the few remaining unknowns.
12 recovery words encode a search space of magnitude 2128; I strongly believe that possible permutations for likely unknowns like sport, team, color and lucky number form a much smaller search space. Some people spread quite a lot of private details in their (a)social media presence, so sport and team might not even have to be guessed.
And as a reminder, non-standard encryption or obfuscation schemes can badly bite you, especially after long time of not thinking about it and not having any documentation about it. And having data in the questions you can't forget, means this it's basically public data that an adversary can more or less easily gather, too. I see this as a weak spot. YMMV.
That's what I think too, if a user really wants security, he should never use a personal security questions (available for account recovery on some sites, but we're talking about wallet seeds) or easy-to-get personal information like IDs, birthdays, etc.
Regardless of the method applied, it's advisable to use random passwords or or a passphrase system with 6+ words (since words are much easier to be remembered than a complex password), as long as they are random words (a self-respecting offline password manager should handle this).
Assuming an attacker obtains the personal data used in this sentence masking system, the last protection resource would be if the victim had created a BIP39 Passphrase to hide the funds in a hidden wallet, but the victim would have 2 multifactorial factors to worry about keeping/remember.
