I didn't look into this deeply, but my understanding is that it's opt-in. Do we know that people using Ledger are being put at significant additional risk just by upgrading their firmware, if they don't opt into any backup stuff?