

They literally have no way to do so. There is no tool in the toolset to distinguish a cart someone else bought at the store from your own carts you bought at the store and then moved from a Switch 1 to a Switch 2.
This is absolutely not true; it’s absolutely possible and even suspected that individual game carts themselves are signed with unique serial IDs or even full certificates or cryptographic signatures.
I think it’s more likely the previous owner did dump the cart on to a MIG Switch or similar ROM cart. While the NS1 cannot tell the difference; it can still be updated to do so.
I think it’s likely that in order to play titles online; your Switch 1 has to get the Cart Serial number from the cart and package it all up nicely and sign it neatly with the certificate from the system. So if said Nintendo Switch 1 already transferred that title out to a Switch 2, then there would be a record on file with Nintendo saying “NS1 with Serial XYZ transferred Title cart ABC with serial DEF to Switch 2 with serial GHI”. Then when you put that cart into a different Switch 2 it notices and informs Nintendo of the new title and cart serial…which then immediately picks up on the change of ownership.
That might not raise red flags if you handed the cart over to your friend next door; but it certainly might raise red flags if you air-mailed the cart over to your buddy a few countries over.
Again; I must iterate how wrong you are.
These situations do not matter as the logic for detection is very simple. Is cartrige A with serial ABC in more places than is reasonably expected of that cartridge? With physical copies that limitation is exactly 1 place, 1 system at a time. Irrespective of who it’s registered to or who owns it. Any cartridge that has been in more than one place at one time and your system cert is logged and inserted in the next upcoming ban wave / wave of system cert revocations. This revocation goes live on Nintendo’s servers. Your system will not get the Online Service kiss of death until after this happens.
Other checks such as location, account, how often it happens and such can and may happen after this check to automatically limit false positives and prevent you from being instantly banned. But their system works; and it’s consistent as to which condition triggers it; that’s when the identity of any physical or digital game title is in more places than it is licensed to be in. (Actively caught piracy).
Except that they can, and do. See other comments around for the how and why…it’s related to Nintendo Gold Points.
There absolutely is. An unmodified Switch console reports this sort of telemetry on a regular basis to Nintendo; and it’s clear that they can ban your system based on bad Title IDs; (basically fake title headers, or dumped cartridge headers used to conceal flash cartrige usage)
They don’t have to be. Just have to log that your System Certificate reported a new title. This System Certificate is used in all traffic to Nintendo as it authenticates your system to it’s network.