Some interesting snippets:

https://youtu.be/M3VjQUcyZSY?t=1285 - Apparently the shards aren't encrypted at all, despite Ledger previously stating this. It's literally just Shamir's. So there is no decryption key to be stored on the device or by Ledger themselves, making it even easier than thought to compromise the set up.

https://youtu.be/M3VjQUcyZSY?t=2342 - The quote you shared regarding privacy.

https://youtu.be/M3VjQUcyZSY?t=2700 - "So basically we're off-boarding loss of key risk, and on-boarding state actor risk." "Correct."