Plus if it could send/leak a user's seed/private key over the internet, could we see those packets of data if we have a traffic sniffer on?
That's probably all encrypted.
Although true, but if it could be proven that the device is sending packets of data to a server, and if we could trace those packets of data going to an I.P. address belonging to Ledger, or worse an unknown entity, then we can safely make a presumption that they are doing "something" with the data, which could be sensitive data - your private keys.
BUT, that's where that question goes. - Is there proof that there are there packets of data that are sent from a Ledger Nano S+ to the internet?