In theory the ONT can act like a listening device. They're also often Linux or BSD devices that can get hacked.
If you're paranoid, you may want to run an ONT that you control, just in case. I doubt it's something that matters to a lot of people, but even if it only matters to some, it shouldn't be made impossible for those that want to.
RE: misbehaving hardware: the same is very much true for cable internet and there are plenty of countries where people hook up their own modem without any trouble. If someone wanted to mess with the fiber network they could just disconnect the ONT and shine a laser pointer down there. All off-the-shelf devices are built to just work and follow the necessary standards, because there's nothing to be gained by messing with the PON network like that.
> In theory the ONT can act like a listening device
Sure, but so can the other endpoint. Even many AON installations these days are just hidden XPS-PON and similar, you just never see the ONT. (See a lot of ISPs in Switzerland)
If you're paranoid, you may want to run an ONT that you control, just in case. I doubt it's something that matters to a lot of people, but even if it only matters to some, it shouldn't be made impossible for those that want to.
RE: misbehaving hardware: the same is very much true for cable internet and there are plenty of countries where people hook up their own modem without any trouble. If someone wanted to mess with the fiber network they could just disconnect the ONT and shine a laser pointer down there. All off-the-shelf devices are built to just work and follow the necessary standards, because there's nothing to be gained by messing with the PON network like that.