The old ones work BUT there have been some issues found that have not been fixed.
The biggest problem would be if there is a flaw with the security of the seed phrases and if they were created with faulty and insufficient entropy. But I don't think that's the case. I think the old Mks use a Secure Element that can be manipulated to reveal secrets if the attacker has them in their possession. But since it's an airgapped device, you aren't affected by anything happening on the internet. Someone correct me if I am wrong.
But, and I know this makes me look cheap, if you bought a Mk1 and a Mk2 and a Mk3 give me some kind of loyalty discount.
It doesn't make you look cheap, and in your shoes, I would expect the same thing. Loyalty should be rewarded to a certain degree. Their main developer is active on Bitcointalk. PM him and ask if you don't have issues with privacy.
1) Yes they needed to have access and IIRC there was another issue where you could get access as an attacker.
2) Did ping out when the 4th gen came out never heard back.
I like their products, and coinkite even did me a solid when an opendime I had died:
https://bitcointalk.org/index.php?topic=5218987.msg56370760#msg56370760But for some reason, they seem to just be pushing the 'buy a new one' with the coldcards.
-Dave