Disclaimer: I haven't done any work on Debian Java, so my opinion isn't here isn't worth anything. :-)
If I understand correctly, the difference between the profiles is simply the number of Java packages available at runtime .
Whether the compact1 profile is worth packaging despite only a 6-7% improvement in startup times depends on whether performance improvement is the only benefit we think is worthwhile with these profiles.
Here's my take:
1. If you only need features from the compact1 profile, then you only need to install this profile
2. If there is an exploitable vulnerability in some other code (e.g. JavaEE), but you do not have any software installed that needs it, then the existence of this compact1 profile means that your system is not vulnerable to the problem. If on the other hand, you are forced to install the full profile, then you could be vulnerable (e.g. forcing some class to be loaded via Reflection and exploiting it).
* I suppose this is just theoretical; and
* I'm by no means a security expert; and
* There are also costs to packaging/maintaining the profile
So ultimately, a decision will have to be made with these considerations in mind.