Mac Adresses are Randomly generated. The risk of accidentally banning another switch with the same Address (the chance that there is another console with the same mac is low but not impossible) is there.
They can have 1000000000000000000000 unique identifiers built into it if they cared.
They could also just read out the serial number.
Or one better read out a unique identifier that we cant generate, but they can and could.
Hint: They built the device.
So to change that - you would need a clean donor device.
But cant we just crack their method of generating, and generate that on our own? No. Not if they used good crypto.
Not if they had put 'number on a list, before it leaves factory' technology. You know - like pencil and paper...
But the MAC...
They built the device.
Here is the lesson for all smartphone computer heroes with 'sometimes/always online' devices, using online services. Or devices, that you'd want to make sometimes/always online - because, f.e. you'd want to play... wait for it... online.
If the device - and the software (games), and the online 'service' are from the same company. You are always effed. Always. (Because for you to use the online service - they can force updates.)
In the Switches case you got extremely lucky, that there was a hardware flaw in the device, that allowed people to highjack the bootchain early enough - that basically none of Nintendos software loaded (unpatched devices), and from there we got to boot into emunand (our version of their software, kept isolated on the sdcard). And it was so low level, that they couldnt patch it. This is rare.
So in most cases - you'll never be able to use homebrew, and an online service - if the manufacturer doesnt want it, and runs the online service - and built the device. Its literally impossible - as you have to presume, that updates are forced, and flaws will be patched.
Thats also, why a "clean" switch nand backup (Hekate backup on a sdcard, buy a 10 usd 32gb one format it to exfat - make a backup before you do any of the stuff), or a clean Switch (nand), and all other stuff isolated to emunand (= nand on the sdcard) is so 'sacred'. Once you've tainted that (clean Switch (nand)) - its over. But thanks to emunand you dont have to - and get 'all the things' which is rare.
First thing to do in emunand - btw - put in 90DNS, or delete your wifi network credentials and never put the switch on any network. Because here the same thing goes. As soon as the switch is tainted - and you broadcast that to Nintendo - its over. (For online.) So we can block that before its happening - but we have to keep 'clean nand' and 'tainted emunand' seperate - and never let 'tainted emunand talk to Nintendo'. Which also means, that 'tainted emunand' cant play online games.
Calm your horses. I have a clean Nand backup and have never been online with my Emunand. Additionally, I deleted the wifi settings AND installed Incognito on my Emunand. I do not intend to use Nintendo's online service. However, I would like to try some homebrew online.
To answer OP without going on a whole rant about stuff that is only marginally relevant to OPs question:
MAC addresses are usually burnt into the networking hardware. However, the switch does not do that, and instead assigns a MAC address in software. Meaning it would likely be fairly easy to change the MAC address if they tried to ban using that.
Along with that, even for hardware where the MAC is burnt in, a lot of the time you can still spoof the MAC address in software anyway. I know I've done it multiple times when playing around with penetration testing my network.
So in reality, it's not really something I would worry too much about.
Edit: Also to note, MAC address isn't something that they can put signature magic on to prevent you from just using a random number generator to produce a new one, unlike the certificate the switch normally uses for online stuff that would normally get banned.
Thank you. Are you going online with an emunand (while blocking Nintendo)? I presume those who know how have had a close look at the communication of the device? I mean, if there was some sort of obfuscated method of phoning home and secret identification, surely it would have been found by now?